Tag: virus

Netflix Scam

Netflix Scam

 

No Netflix is not the problem, a phishing scam, however, is out that you should be aware of.

Since so many of us now receive our entertainment over the internet, it is a good gamble that you might have Netflix.

Again many of us have it set up to bill once a month from some sort of banking institution whether it be your bank, credit card or PayPal. The e-mail looks like it came from Netflix until you look a little closer at the sent from.

Netflix AT dallas180.arvixeshared.com  (don’t e-mail to it…)

You will notice it is not Netflix.com

The message is telling you that they were unable to get your payment info and if you don’t update the info soon you will lose Netflix.

Then, of course, there is a link that they want you to follow.

God only knows how many will fall for this. Considering it was sent to tens of thousands you can bet a percentage will click and update. Always check to see that the sending e-mail is legitimate. IE Netflix.com and, hover over the link and make sure it stays Netflix.com and not something like I posted.

If you question it at all, call the institution or get online, not following any link from an e-mail and check for yourself. Once they get money from your account, if that is indeed their ploy it will be gone. The ploy could simply be to get you to click so they can put some sort of virus or cookie on your computer. E-mail is an excellent way to get infected, and because the scheme requires input from you, your protection might just allow it.

Practice safe computing… -Best

 

The latest method of attack. #DisasterRecovery

The latest method of attack. #DisasterRecovery

 

As a matter of course, I try not to post too much about computer security, as I am certain that most have seen this before.

We know not to open attachments that are not expected as well as have good anti-virus software updated and running at all times.

This morning I received a different type of threat that I thought worth sharing, so here it is.

With the usual jargon about some sort of violation or someone suing me for something, open the attachment to see what it is, this was different.

The words included were, “for your security we use dropbox for the evidence against you. Please follow the link and respond within 3 days or a summary judgement will be made.”

Of course, the return e-mail address is bogus; the trick is to get me to open an attachment in this case on dropbox.  Once downloaded there is no telling what it would do but, most certainly nothing good.

No law enforcement or government agency would work in this way even if you were expecting something from someone in this manner; it would not come in from e-mail.

Unless you are expecting it and the e-mail address is correct only then would I make a call before opening anything as an attachment.

Ransomware is working with hospitals and even government agencies paying the perpetrators, which causes them to continue with more fervor.

 

ransomware.jpg
You do not want to see this so, practice safe computing.

 

Practice safe computing which includes a good disaster recovery plan.

 

-Best

(c) All Rights Reserved 2016

 

#Ransomware

#Ransomware

 

Just this morning I wrote about this topic; this afternoon we learn that a California hospital was hacked.

Ransomware.jpg
You see this and you are screwed… 

Firstly, someone executed that ransom-ware in an e-mail or some other way. The payload most probably came in as an attachment through a phishing scheme, like the one that I wrote about.

  • Secondly, this tells me that they do not have a good disaster recovery plan.
  • Thirdly, this tells me that their firewalls were inadequate to block “zip” files.
  • Firewalls should be set to strip any attachments from messages. 

“You say, oh that is just great, my business uses attachments all the time!”

Most probably, attachments could be directed to a virtual machine, much like a bomb disposal box, where it could be executed in such a way that if it were a virus or worse its damage would be mitigated.

Fourth, what kind of anti-virus were they using? Were they using group policies stopping the execution of executable s?

Someone on his or her IT team messed up, and it starts with the “CIO!”

The bottom line is you never want to be a position where you have to pay money to terrorist.  Folks, make no mistake, people who extort money like that are terrorist.

I would be doing a serious root cause analyses to see how it happened, and why they paid the ransom.

The news tonight said it happened on the 5th.  Are you telling me that a hospital being down for 13 days cost less than a good disaster recovery plan and of course an audit of your system?

Do not open attachments that you are not expecting and if you are, make damned certain it is what you are looking for.

It might be a real good idea to keep a standalone pc that employees take their files to on a thumb drive and open it there.

Once infected you options are, pay the ransom or start from scratch.

cryptolocker-screenshot2.jpg

With a tested DR plan, you could be back up a lot sooner than being at the hands of the terrorist.

Lastly and I cannot stress this enough, don’t get cheap on your anti-virus software.  MailWareBytes has been working on software to mitigate this threat.

You would be surprised at the companies that I run into who use the cheapest damned software that they can find.  Often Free!  Whoever does this should be dismissed as they clearly dont value your data or your company.  This is a hill to die on folks.

You can take the cheapest CFO and argue or “negotiate” the need for the expense, or you should not be there.

Excuse me but that is like living in a high crime area using using a bathroom lock set for your protected, you know the kind, the one you stick a small pin in to unlock it…

To recap…

  • Education
  • prevention
  • disaster recovery plan

 

-Best

© All rights reserved. 2016

 

 

 

 

 

#fedex #phishing #Scam

#fedex #phishing #Scam

FedEx Scam

Every now and then a phishing scheme catches my attention.  Usually we know that there are no Nigerians that want to give you millions of dollars. Some fall prey to this each and every day hence the e-mails.

  • We know that the IRS does not E-mail you with important notices.
  • We should know that Inga from Russia is really not hot for you when you click on the file that contains her personal contact information.  Unless of course you personally know an Inga who is hot for you, best not click.
  • “Overdue Invoices” click here for details probably should be suspect as well.

This one came today which interested me in that we do so much with Amazon and Woot and of course eBay that we have no idea if there is really a package or not.

fedex scam
Capture of e-mail…

The picture here is a copy of a phishing scheme that unleash who only knows what on my computer if I were foolish enough to click on the attached Zip file.

Some clues to look for are the senders address… Eurafrik.org  If it were truly from FedEx most probably if would be from a fedex.com or something similar.

They provide a tracking number, which you might actually go to the FedEx site and see what it does, I suspect nothing.

Bottom line, do not click if you are not 100% sure that it is indeed legitimate.  The damage you unleash could be anything from a key logger to ransomware.

Always Always Always have really good anti-Virus software running and updated.  Currently I like ESET Node 32… That is my choice for now, but your mileage may vary.. Free anti-Virus software is not worth what you pay for it.

I have no affiliation with Eset or any other software company…

-Best

(c) All Rights Reserved 2016

 

RATS and Right to Privacy

RATS and Right to Privacy

rat

While some may find them cute and cuddly, and some, absolutely disgusting; this rat that I am speaking of is neither.

The rat that I want to educate about is really an acronym for Remote Access Trojan.

25ea188

Just about everything electronic today has a built in camera.  Not to mention a microphone.

webcam

Some smart TV’s actually have them built in to allow you to voice command the TV.

Smart-Tv-With-Built-In-Camera-1

Your car may very well have something like this built in.

Ford-SYNC-1024x640

I have long held that our government could if they wanted, under some obscure interpretation of the Patriot Act, access your camera and or microphone to peek into your home.  I have also thought that this could be done with the microphone and camera on most laptops and of course desktops that have them.

drones_hacking_phones-4

Not only is there news of the Feds hacking your cell phones and either listening in or downloading your contact list and other information through something called String Ray but there are theories that your local police may be doing this as well without a warrant!  (1)

sting ray

It is not enough that we may have our government spying on us without warrant but, we have Trojans that copy your keystrokes and send them to some server in Russia, or some other obscure third world country looking for passwords and banking information now we have RATS.

Today we know that perverted individuals out there have in fact used the cameras in laptops handed out by the school to indeed spy on kids in their bedrooms.  While this made the news, little attention was really paid to this, as conspiracy nuts are everywhere.

SCHOOL-SPYING

(2) The Case in question

We now know that the Chinese among others have created Trojans that allow them remote access to your camera and or microphone in your laptop!  Simply click on the wrong thing and the writer of the software has access to your machine.

One couple received a picture of themselves lying in bed watching a movie on Netflix.  This came to them from someone using a made up name, via their Facebook page.

couple-of-netflix

(3) Naked Security Story

You really have to be smart when you are cruising the internet and checking e-mail as the crooks and other creeps are smarter.  I have often said that these folks are probably kids sitting around in their mother’s basement in their underwear, writing Trojans, seeing who can outdo the other via groups like Anonymous.

anonymous-psn-hacker

I would like to see devices like phones have an actual on off switch or removable customer replaceable battery.  If you want to make certain that the thing is off, remove the power.  Apple has made this task about impossible for the everyday user and that is problematic.  Placing the device in airplane mode might be your closest bet to protecting your privacy but I would bet that there is a work around for that.

ga2wpmclsbjtjqufjed7

I would also like to see on off switches on cameras and microphones that absolutely can be switched off until required.

Screen-Shot-2012-03-26-at-5.26.26-PM

The simple truth is we have no idea what these phones are doing in the background and with viruses and Trojans, we have no idea when some remote access Trojan will activate or be activated by some creep in some basement somewhere.

Someone write an app that tells you what the phone is dong or has done.  

When you sit back and think that I am a crazy conspiracy nut, I would remind you of the porn scanners that are still in use at some airports today. 

full-body-scanner-image
Yes, if you invert the negative with any cheap software you get a positive…

Who in their right mind would think that it is ok to use ionizing radiation to undress the public by the tens of thousands for the purpose of what, looking for weapons?  We are so politically correct that we can’t profile but we can strip search the public, grope grandma and feel up children!  Political Correctness is a way to control the masses and not something that we should be doing as a people.  We have free speech, and other than yelling fire in a theater or threatening to kill someone, I would not surrender the first amendment for anything!

child-security

Did you read about the whistle blower who worked for the TSA and admitted that it was a big joke to watch people stripped of their clothing and then make remarks and jokes about what they saw? (4) (5)

tsa-choices1

If I could have any job in the world, currently it would be to be in some position of authority at the TSA! I would love to clean that bunch of people up and while I am at it, assist them with security as currently they are loath to do much right, of course it is the government so …. What do you expect?!  They need folks who think outside the box and currently they have a bunch of automatons.

radiation_spectrum non-ionising-radiation-3-638 microwave-oven-32-638 Radiation_-_Radiatii_ionizante_si_radiatii_neionizante

The news media commonly carried stories about the TSA scanner as equivalent to being at altitude for a couple of hours.  The lying bastards however did not tell the truth.  While pilots do suffer more cases of skin cancers than non-pilots as cosmic radiation is more intense at altitude, it is not the same as ionizing radiation.  

To further exacerbate the privacy issue you are undoubtedly aware that cameras are everywhere.  You must assume that wherever you are, or whatever you are doing, there may be a camera watching you. Every red light contains cameras that I maintain can and do look at people in cars collecting bio metric data, looking for who is doing what when.  These are not the low end cameras that you can buy on-line, these are high end cameras that have good quality optics.

traffic_camera9da284e64d164925bb9caa8a0868c89a

How about some of these cameras:

st-sony640-dvr
There is a wifi enabled camera in there. Have you seen these in your hotel room perhaps?

video-recorder-sunglasses-gadget-spy-camera-dvr smiley-spy-camera Spy-Camera_watch 140875,xcitefun-calculator-spy-camera2-450x357 spy-cameras-250x250

These are just a scant few.  These things are tiny and easily concealed. Assume that you have no privacy.  If you scratch it in public, chances are someone saw you.

DAKS - IDIS DirectIP surveillance images

Orwell was ahead of his time, and you my friends need to be aware of this, and act accordingly.

george-orwell-quotes-sayings-lies-truth-famous

(1) http://thehackernews.com/2015/04/police-spying-cell-phones.html

(2) https://en.wikipedia.org/wiki/Robbins_v._Lower_Merion_School_District

(3) https://nakedsecurity.sophos.com/2015/08/14/webcam-spy-sends-couple-photos-of-previous-nights-netflix-snuggle-session/

(4) http://mountainrepublic.net/2012/12/24/ex-tsa-screener-officers-laughing-at-your-naked-image/

(5) https://takingsenseaway.wordpress.com/2012/12/19/letter-from-a-passenger-what-really-happens-in-the-tsa-private-room/

-Best

© All Rights Reserved 2015

#Scam of the day… No time off for the Holidays #virus

In today’s e-mail there were several different scams from well known companies.  Most of them deal with “order status.”  Be wise about clicking on any of these things as most of them are fraught with danger… Yes DANGER….  The link could be as innocuous as some ad for Viagra or it could be a link to Cyber Locker or some other virus waiting to just ruin your day.

If you are not expecting something like that, don’t click it!

Have a good Monday!

Security update 11/8/14

The following is an update to the title page on Security

To underscore the need for security and for a security officer, Russia “as in the government thereof,” has been working to place a virus or trojan in the utility networks of this country.  Most probably this Trojan supplants a small piece of code that does something normal however it is waiting to be “Activated” when the time is right to something much more malevolent.

The government is being rather tight lipped about how the bug was discovered but, needless to say we have a big job on our hands to clean all of the systems of this bug.

Programmatically, a bit by bit comparison of each and every program and or file will need to happen to look for and isolate this bug.

Russia if it were so inclined could activate this “bug” which its intent would most certainly be to attack the power grid or other utility making them inoperable at a critical time.

There was show on TV with a similar scenario but here now we have the real deal.

Forensic computing allowed us to “see” that the infiltrations were coming from Russia during a typical 9 to 5 day over there; which implicates government workers.  Hackers are not 9 to 5 folks but rather those who burn the midnight oil and are able to work when the phone is not ringing and the world around them is at rest.

Those of you who were not alive during the cold war, well this is it only it once more but, is taking place in cyber space.

This is why it is patriotic to have your computer and associated networks hardened against such attacks.  This is also a real good reason to use anti-virus software that is not created or maintained by Russians, or any other world power that does not like Americans.

While I dislike the fact that this administration appears clueless on foreign affairs; and we are much worse off than just 6 years ago, the world is what it is.

Until this regime leaves office and adults take back the White House, you will need to take the necessary steps to secure your business networks as well as your home computers including your smart phones and other “smart” devices.

Remember the bug may be on your home computers waiting to be activated which could cause a DOS attack on some system somewhere.  Make certain that you use a program that is better than Microsoft Essentials or anything that is free.  Free anti-virus software is not worth what you pay for it! 

If you have any questions regarding this please don’t hesitate to ask.  If I don’t know the answer off the top of my head, most certainly others that read this blog will, or I will do my best get it for you.

-Best

c All rights reserved 2014

Virus for Macs, iPhones and Tablets?

While it is not unheard of, they are rare.  Today we learned that a virus has been unleashed to attack Apple products including Iphones, Ipads and of course anything running the MAC OS.

The Virus effects MAcs and Smartphones and I suspect was written for the Chinese as they have Jailbroken their phones and are downloading apps from other sources besides ITunes.

While one could speculate that such a virus that only affects those devices that are Jailbroken might be written to punish those that do this type of thing; or to discourage those who might want to do this, you would really have to be a conspiracy nut to think this way.

That would be like thinking that most viruses are written by the folks that make the antivirus programs.  Totally nuts…. right…nuts… why would they do that?….Crazy talk….!  Have you purchased antivirus software lately.  $50 and up for one year!  With millions of computers and millions more smartphones and tablets, those that write anti-virus software have a goldmine and a half!

To write viruses one must necessarily have intimate knowledge of the code that makes up the OS.  Likewise, if one wants to foil and antivirus program, one would need intimate knowledge of that code.

While I have no doubt that groups like the Russian Mob who made more money on hacking and getting information from people’s computers then selling drugs might find this work easier, some of these hacks are just crazy.

Who does this kind of thing?

I have Trend Micro for my phone and iPad and I update the OS after a short period of time that the new release has been tested by those a little more eager than I, you can still not be too careful.  While I would like apps on my phone that Apple will not host, I have not even thought about jailbreaking it.

If your secret family recipe for chocolate cake is on your phone, and you want it secure; you might want to look at Trend or some other anti virus software for your MAC products.   It is more than simple recipes however; people store all sorts of information on there including banking, health, credit card info, passwords for your online accounts, text messages, e-mails; all of which is vulnerable.

If you want to talk conspiracy, what if the bad guy wanted to listen in on your conversations; could the microphone be turned on, or worse yet, the camera?

How often do you find your smartphone warm to the touch and the battery almost exhausted and you have done nothing to get it that way?

There was a case not too long ago where some school sent kids home with laptops. Someone was turning on the built in cameras remotely and watching them in their home, bedrooms etc.  This was most probably and immature geek that lived in his mothers basement, or was it.

Folks, smart devices have tons of information including your coordinates down to a few feet!  If Apple does not make this thing where I can pull the battery; I am seriously thinking about going away from Apple to another type of smart phone that will let me A) pull the battery if I want to make certain that the thing is dead and B) change the battery “easily” when it no longer holds a charge!

The same is true of the tablet devices.  These toys are for my amusement, not for some “hacker” or twisted peeping tom to use for their entertainment or source of revenue.

-Best

c All rights reserved 2014

Ebola / Virus

After the death of the first Ebola patient in American today, one really has to look at this with an objective, forensic attitude. We need to take a  pragmatic approach when dealing with this.

Ebola came to this country via a man who became infected.  This man allegedly lied to get onto a plane and into this country to get medical help.  Further, when he knew that he was sick; he went to the hospital for help.  Not tipping his hand that he knew that he had contact with someone who had the disease, he told the people treating him that he had been in that area of the world, but did not offer up the fact that he indeed had contact with people who were victims of this outbreak.

The triage team missed his semi-obscure clue, misdiagnosed him, and sent him home with antibiotics, where he languished for a few days in an small apartment with other people.  The disease progressed to the point where this man had to go back to the hospital once again; this time by ambulance.

Had he been forthcoming on his first hospital visit, his outcome might have been better. The experimental drugs were showing signs of working.

Family members were exposed, paramedics were exposed, nurses and doctors were exposed.  People in the emergency room were exposed.  Anyone who came close to this person was exposed.

The clock is ticking, who next will show signs?  Was he contagious on the airplane? How about at any of the airports?

We now know that the virus can be viable for 6 (six) days on a surface. Any sneeze, blood, sweat, vomit or other bodily fluid from an infected person can contain this virus.

Today a man in Frisco Texas not feeling well went into a health clinic reporting symptoms of Ebola.  Are his symptoms psychosomatic? Did he just expose everyone in that clinic to his ailment? He is a deputy sheriff that was in the mans apartment.

This is how outbreaks start.  This is stage one.

The CDC really needs to amend their protocol in dealing with this for now.

Anyone who thinks that they have these symptoms “imagined or not,” should call 911 or some other special number where a CDC doctor will come to you, or they send a special ambulance to come get you.  Containment of this disease is paramount before it gets to stage two, or three. I would call on the CDC to change their protocol and make this happen before it is too late.

The simple facts are, we don’t fully know how virulent this virus is.  What we don’t know about this virus eclipses what we do know, and making mistakes now could cause the next pandemic.  People walking into clinics, doctors offices and alike who are infected, endanger the collective.

So what is a Virus?

It is interesting to note that a virus is neither dead, nor alive.  It does not eat, reproduce by itself nor defecate.  It is a parasite of sorts.  It contains genetic material that it “infects” a host cell with.  The host cell then is forced to do its dirty work.  The cell’s normal genetic instructions shut off, and it now creates proteins of a different sort, viral proteins, which make new viral particles.

The interesting thing about viruses is when they infect, they can obtain some of the host DNA in the process.  When the new virus’s proliferate into yet more cells, they may in fact bring with them some of the host original DNA.

MS and Hemophilia are two diseases which researchers believe are the result of this ‘transduction.”

Make no mistake; viruses are the original “replicators” (excuse the reference to Stargate).  These guys’ sole purpose is to reproduce or “replicate.”

Virus’s are either made up of DNA or RNA and are encased in something called a “capsid” which is made of protein and some also have an envelope which is made up of lipids.  One note of interest is that RNA viruses which make up 70% of all viruses mutate much more readily than DNA type Virus’s, due to the error rate of enzymes that are actually involved in the replication process.

“Look out Daniel Jackson!”  This must be where the writers of Stargate got their idea for the replicators… I digress…

Ebola is a member of the Filoviridae family of the RNA viruses.  Ebola can have a 90% mortality rate however; it should be noted that this number is derived from areas of the world with remote, substandard medical care / facilities.  This area of the world is filled with people who believe that this is a work of the devil; and frequently seek out their local witch doctor for assistance.  I am not being ugly, those are the facts.

We have a government that is downplaying this, and we have news agencies that are scaring the hell out of people, for ratings. Somewhere in this minutia, is the truth.

If this virus mutates to airborne, which it may already be; allowing unfettered access of people from that part of the world here in this country could be a huge mistake with dire consequences. All peoples from that part of the world should be quarantined until we get a handle on this outbreak in Africa. Their excuse might be, “who knew?”

The simple facts are we need to “Assume” that this disease is very catchy.  We need to assume that it can be spread by air, water, touch etc.  We need to assume that it can be spread by mosquitoes. Until there is hard scientific evidence that it cannot be, we need to assume that it can.  We need to assume that other animals including family pets can become carriers of this disease.  Assume the worst, and make your plans around it!

Update 10-14-14

Now with one of the care givers of Mr. Duncan testing positive for the Ebola virus, we have even more questions than answers.

How?

Immediately a breach of protocol was assumed.

It would be very interesting to examine the air handlers in that facility to see if there are any Ebola virus on any of the filtration systems or associated duct work, fans etc.

It was of particular interest to me that the ashes of the bedding and other things that were in Mr. Duncan s apartment are treated as hazardous waste, and being transported to a special facility for such, in Louisiana. Think about this for just a second.  Our government is telling us that one must come in direct contact with some bodily fluid of not only an infected individual but someone who is in the later stages of the disease; and yet we are not even comfortable with dumping the ashes in a regular landfill.

My guess is that there was no breach of protocol for the infected Nurse.  Again, there is more that we don’t know; than what we do about this disease.

Our heartfelt prayers are offered up to the caregiver who is affected.

This would be one prime use of robotics; we could remotely do what needs to be done via a robot, much like the robot assisted surgery that we have today. Our technology is probably not quite there yet but, I would call for some company that is already in such a field to get some “seed money” to make this happen faster, rather than at its usual pace.

Instead of sending humans into harms way; in this case highly infectious areas of the world, much less our own hospitals, we could send in a robot that was managed by a nurse.

If we can send a robot to Mars and have it do all sorts of scientific test, we should be able to come up with one that can do what needs to be done with extreme infectious patients.

Update 10/15/14

Another health care worker from Presbyterian Hospital in Dallas has tested positive for the virus.

This health care worker traveled by commercial air with at least 139 other souls, not to mention the crew of the airplane.

What did they do and where did they go?  Who were they in contact with?

What about the taxi that she took to the airport, how about the ticket agents, what about anyone who she may have had contact with in the airport(s), bathroom(s) eating establishments? Did she stay in a hotel? What about the maid who cleaned their room or the person(s) who handled the sheets / towels from the room? You folks who enjoy playing with fire are woefully unprepared for what you are doing.

If we are treating the ashes of Mr. Duncan s sheets and so forth as toxic waste, which Louisiana has now stated they will not allow it to come there for burial; should we not be all over this?

It seems to me that anyone who is a health care worker, working with Ebola patients, should be quarantined as well; until such a time that it can be proven that they are not a risk to the general population.   We cannot afford mistakes, unless of course you are looking to witness another pandemic here in this country.

We need to error on the side of caution and not hubris.  You clearly don’t know what you are doing.

Update 10/17/14

The two Ebola infected Nurses have made their way out of Texas to two hospitals that are better equipped to deal with the situation.  The Dallas Hospital has a lack of nurses now because so many of them are on “Ebola watch.”

The nurse, Amber Vinson, who flew to Cleveland on the 10th may have made some very bad decisions in taking public transportation. Flying commercial with a fever, knowing that you had been taking care of an Ebola patient who died of the disease is not very smart.   At least she had sense enough to call the CDC and ask if she should fly and they gave her the green light.  This is really common sense and she should not have even had to call and ask.  If the CDC indeed gave her the green light as reported, than we have bigger problems than a nurse lacking common sense.

Besides all of the people on the plan for that one plane ride from Ohio to Dallas, we have to consider that the plane went on to fly several different places that day, each time with 139 souls on board.

Keep in mind that a Virus is neither alive nor dead.  This talk about it being alive for X amount of hours is really not telling the truth.  They are depending upon your ignorance of the facts so you don’t ask the real questions.  Is the virus viable?  How long is the virus viable on a surface or in fluids?

I am thrilled that Nina Pham is doing better and getting good care.  My heart goes out to the nurses and doctors who are on the front lines, taking care of people.  Our thoughts and prayers go out to both of the nurses Nina and Amber Vinson.

It looks like Frontier Airline is going above and beyond to ensure the safety of their customers.  Miss Vinson’s decision to fly home was ill advised, and has already cost millions.  We have no idea what the future holds for all of the other people who could have been exposed to her illness. Anyone from ticket agents to baggage handlers to people in public restrooms to janitors to the folks that work the restaurants and anyone who sat in close proximately at the airports.  The next two weeks should have the CDC and most hospitals on pins and needles.

The CDC is flailing around with this and they truly need to get a grip.  Anyone treating Ebola patients should not be allowed to be in public transportation until they have passed a date that they could not be a carrier of the disease.  Compensate them for what they are doing but they have a greater responsibility to sequester themselves until they are deemed clear of the disease.

Flight bans from countries with this outbreak should be observed now.  While I am always perplexed by this administrations aversion to the truth or lack of common sense, their number one priority it so protect the American People.  We currently are not doing that.  Travel bans to and from these countries are just common sense.

Our southern border needs to be closed now!  If this disease gets into South America those folks will come here by hook or crook for medical care and I don’t blame them.  The issue is that they will come in such a way that we will not be able to trace them, evaluate them and quarantine them.  By the time they make it to some ER room, or clinic for help, we will have no clue how many others that will have become infected.

Look at the chaos we have for just one person who came here under false pretense!

This wont stop at our southern border, Canada will be in line for this too.

Rapid response teams should be created now to be able to assist those south of our border should the need arise.  Looking into the future, this is not that hard to foretell. If they don’t need the help, great; but if they do I would much rather take the battle there than have people crossing our border under the cover of night hoping to get some sort of medical care.

If you are a praying person; keep these two nurses in your thoughts and prayers.

Update 10/30/14

Both infected nurses recovered from the disease.  While we are grateful for their recovery the CDC was totally not prepared for this.  The total cost of this is of course unknown, and I am certain that the taxpayers are paying for this too.

We have a nurse who just came home from that area of the world who currently is not exhibiting any symptoms and also is not quarantining herself either.  Even though she is a nurse she is not taking any precautions and is out and about as she sees fit.  This is course is making the news nightly and I hope for her sake that she remains symptom free as she is playing fast and loose with more lives than her own.  She is in violation of the orders she has been given, to self quarantine and test her temperature twice daily, but it appears that thwarting the rules is her current plan.  As a nurse she should know better.

Recently leaked information from the White House documents the planning and logistics bringing non-citizen Ebola patients to this country for treatment.

I am not sure (A,) how something like this gets leaked and (B,) why anyone thinks this is a good idea!

If you truly want to get the patient together with our technology; how about sending a hospital ship over there?  If things get too far out of hand you only loose the ship and the “volunteers” that are manning it.  If things get loose over here well, who knows how far it will go.  Do you really want to risk a pandemic to the entire North American Continent? Since we are a very mobile people you very well might be risking a world wide pandemic!  Someone needs to pull their collective heads out!

The CDC has continuously displayed incompetence dealing with this.  Their Ebola CZAR is nowhere to be seen and knows nothing of this in the first place so, “from me to you,” why not mitigate the risk?

As far as this nurse in Main is concerned, I would lock her butt up until she passes the quarantine period.   She has crossed the line!  When you do that you get your freedom taken away.  When you endanger the public you get stopped.  That is the way it works!

I am in hopes that I can stop updating this thread as there is nothing to report.  Lets pray that is the case.

-Best

c All rights reserved 2014

Attention #CEO #CFO #President #CIO and #hr

Attention CEO CFO President CIO and of course HR

Here is some food for thought for you who own or control or have vested interest in corporations.

If you were to go to your CIO or your IS manager and ask the following; what would their response be?

  • Can you show me the network map?
  • Can you show me the documentation on the V-LANS?
  • Can you give me an accurate inventory of the servers that we have including their age and configuration?
  • Can you tell me what is on each server or device and what it does?
  • Who has access to what on each server and who decides what that access is?
  • Can you tell me how they are connected to the network, is there a redundant path?
  • Can you produce an inventory of what software is on each server?
  • Can you show me the recent log files of each server and tell me about what concerns you have regarding what those log files say?
  • Where is the actual software that is on the servers and where are the license keys?

No Excuses!

You would be surprised how many Sysadmins tell me that they don’t keep software, they just download it when they need it.  Really, you have just had a disaster and your internet is down and will not be up for at least 72 hours, now what?  Not only does it make sense to have the disk for this reason but it takes time (valuable time) to go and find and download software.  They have argued that it is not the most current on the disk.  Why not?  Why have you not updated your Software Library?  There is a lot to being a Sysadmin, (SA) it is not about sitting on your butt in your office surfing the web, reading the news and updating Facebook while being annoyed by the occasional request for a password reset! Old software that is a few versions behind the curve is still better than none!  Even if you “don’t have time” to keep your library updated; something is better than nothing.

Speaking of passwords, most companies really need a security officer and really don’t understand why.  I have seen some Sysadmins that are so lazy that they assign passwords to people and then keep an excel list of them on the server.  These are not really Sysadmins because that is genuinely stupid. To open the company to so many different kinds of fraud, industrial espionage, and other forms of abuse of the system; just because the guy does not want to be bothered with password resets is incredible.  This guy would not be working for me as there is no excuse for this!  I don’t care how “nice a guy he is.”  Laziness and stupidity are a bad combination for a Sysadmin to have.

  • What software revision level are we at and is it the most recent? If not, why not?
  • Are Firmware rev levels kept up with and checked regularly?
  • Are the drivers up to date?
  • Can you produce a list of the passwords for each server?
  • What are the power requirements for these servers?
  • What are the cooling requirements for the equipment and are there any issues?
  • How long can we run if there is a power outage?
  • When is the last time that the batteries were changed out in the UPS’s?
  • Is each and every device in the server room labeled?
  • Is all networking cable installed in a manner that not only makes sense but looks like it belongs there vs. haphazardly plugged in on the run?
  • Can you show me a map of the switches, what port is doing what?
  • Tell me about load leveling.
  • Have all of the intelligent devices SNMP passwords been changed from the default?
  • If so, what are the passwords? If not, why not?
  • Are their traps being sent to a syslog server?
  • Who reads the logs, how often; and are there any concerns?
  • How are the concerns addressed?
  • Show me the notes from change control or change management meetings?
  • Are these notes managed in a responsible manner and are all changes noted in the living document?
  • What is the average age of the workstation on the floor/building?
  • Describe the policy regarding passwords? How often are they changed?
  •  Describe your Hardware asset management strategy?
  • Describe your Software asset management strategy?
  • Who handles the maintenance on the HVAC in the server room?
  • When was the HVAC last serviced?
  • Tell me about your fire suppression.

It has been my experience as an IT manager and a Disaster Recovery Specialist who does many audits; the majority of Sysadmins do a horrible job of Hardware and software management much to the loss of the company and chagrin of the CFO.

Desktops last about 5 years, Laptops 3.  When they are put into service a clock should start running to replace it in X years.  You don’t want employees working on outdated equipment and you don’t want to install new software on old computers as the license may very well die with the computer.

I have seen too many companies try to get everything they can out of a box.  Amortize the box and when the IRS says it is dead, let it go.  If there is a use for it in some non-critical function, “user discretion,” but add no more software and remove it from critical areas.

I have seen many people struggling along on a machine that is well past its usable life.  Loosing files or data or waiting around for the machine to catch up cost money.  While it may be soft dollars those soft dollars turn into real dollars quickly if you loose enough data and or time.

I used to install older computers in the break room with internet access and the usual windows Facebook type games.   Employees could use them for their private needs before or after their shift or while on break or lunch, and they were non-critical and on their own V-Lan where company data could not be accessed!

Not everyone in the company needs a full version of Office?  A lot of companies have a standard load for all computers.  That should be re-visited as it is wasteful. While  Microsoft would like you to purchase everything for every computer that  is simply laziness and wasteful.

Software and Hardware management is in itself a job and proper management of it will produce and ROI.  This is necessary also to produce a budget requirement which the CFO might cringe when he or she sees the request but, at least it is planned and not a surprise!

  • What antivirus software is on them? How did you decide on that software?
  • Are the workstations locked down?
  • Do any users have admin rights? If so, why?
  • Are the USB ports locked down?
  • Are the CD burners locked down?
  • What ports are allowed through the firewall?
  • Is the firewall updated to the latest software?
  • Are traps from the firewall being sent to a syslog server?
  • Who has access to their workstation PC from home? Why?
  • Who has access to their home PC from work? Why?
  • What software is on each workstation?

I run an inventory program like SpiceWorks or some other commercially available software, to obtain an inventory of all of the software on all of the boxes and then go through the task of identifying each executable.  I have found numerous Trojans and viruses, remote control software, games galore, software that was not licensed and oh yes, software that they used and did not know that they had as it was installed by previous regimes.  This type of activity is mandatory if you want to recover in the case of a disaster.  It is also mandatory if you want to be licensed properly and not have your neck on the line if some employee gets upsets and calls the software police.

Recently the SBA has been advertising a lot trying to get employees to snitch on their company. The rewards to the snitch are inconsequential as the penalties and fines to the company are enormous.  Having that inventory and those licenses and even receipt in a safe place I would think be a really good idea.

Some companies are so cheap that they use free anti-virus software which is not worth what you paid for it.  I fight viruses daily.  Free is not an option.  If you think that it is, you are diluted and clearly don’t know what you are doing.

Free software by definition cannot be maintained as well as commercial software.  Who in the hell has money to pay for programmers and security experts and than give the product away?!

Good Anti-Virus software is Patriotic

I made the argument the other night at a speaking engagement that it is actually patriotic to use good anti-virus software. Why?  If millions of computers are taken over at the drop of a hat by some “bad guys” and they target let’s say the FAA or the FEDS, or some other institution and are able to cripple the banking industry, or what have you, and your computer is part of the problem; what then.  A Trojan could be sitting on your computer unknown to you, just waiting for the instruction to start a DOS attack.  Stop being cheap and buy the damned software and protect your computer(s) from being controlled by “evil.”

If a government had more than two neurons firing in their collective heads, they would create a “government approved” anti virus software and give it to its citizens.  Now I know how that would be received by most, if I had a choice I would buy my own as I really don’t want anything big brother has to offer on my computer, but lets face facts.  You probably have things on your computer right now made by the Russian Mafia or worse!   I am certain that a government grant could be created to support a group of “white hat hackers” to help keep America Safe from cyber terrorism. If you do this remember whose idea it was… 

Here are a few more questions for you CIO, /owner types who might actually have some skin in the game.

  • Do you have licenses for that software?
  • Where is that software?
  • Where are the licenses kept?
  • Can we prove that we bought a license for each and every piece of software in the building? If so, do it.  If not, why not?
  • How many employees use laptops?
  • Are they secure?
  • Are they encrypted?
  • Are USB drives or thumb drives that are necessary for business use, encrypted?
  • Do the laptops have up-to-date anti-virus software on them?
  • How old are they?
  • Do they use a VPN to get into the servers from outside of the office?
  • How secure is their VPN? What challenges, if any are there?
  • Do you use security tokens?
  • Can you show me a map of the building depicting which PC is hooked up to which drop?
  • If you are using VOIP can you show me that same map for the phones?
  • Is the map updated as changes occur?
  • Describe your backup policies and procedures.
  • Where is the data being sent off site?
  • Are we using the cloud for backup?
  • Walk me through the procedure of getting access to the data if this building is blown away.
  • Walk me through the procedure of restoring the servers in another location.
  • Tell me who can do this if the Sysadmin is not available?
  • Have we tested a restore of the data, if so when was the last test and where are the results; if not, why not?

These few questions and comments are off the top of my head and it took about ten minutes to list them.  There are plenty more but, this gives you a small flavor of the kinds of information you should already have and that I gather in a disaster recovery project.

The simple facts are that IT people are loath to document anything.  It is kind of like editing your own work, you know what you meant to say and your mind fills in the blanks.  Documentation should be written in such a way that a technical person not familiar with your company should be able to pick up the document and pieces and re-build your company without you there.

Often I am met with complete truculence and arrogance and lots of attitude by the IT staff of a company that I do a DR for. They don’t want me there as they don’t want me messing around in their sandbox.  Truth be told they don’t want the the facts that they are remiss in their jobs to get to their boss who thinks everything is running perfectly, until it isn’t!

About Me:

If you happen to watch or ever have watched Hells Kitchen, or Kitchen Nightmare, or know who Chef Ramsay is than, you have a clue of who I am, without the foul mouth.  I take IT departments and fix them, and I take no prisoners (no excuses).  Not only do I fix the hardware and software components, but I fix the personnel issues as well. It may be a training issue or an employee that is a poor fit. It may be a lack of people as most companies try to run too thin on staff. There should be no one person who is sacrosanct.  In a disaster you may loose them, so we need things documented in such a way that a rent-a-geek can restore your company.  If there is no documentation, I create it.  Through a test of the DR, we can then hone that documentation to a fine point.

I am a troubleshooter.   Not only am I a problem solver; I have been in management of IT for a large part of my life. I get to the bottom of issues and take corrective action.  IT is ancillary to the business.  IT is a tool that has to be running smoothly; like a Swiss watch.  Your job as CEO is to run the company, not IT.  I have built data centers from the ground up, as well as re-built them while the business kept going all over the country.

From Data, fire suppression, HVAC, power requirements, UPS requirements, floor height, easy access to the equipment, MDF and IDF design’s Data and Voice, from the east coast to the west from the north to south.  I have worked in Union areas of the country to the Wild West where “anything goes.” Been there done that.

Go ask your IT people some of these questions and see if you are satisfied.  After 30 years in this business I would be surprised if you were.

From me, or someone like me, among the deliverable s will be the documentation that so many just don’t do.  Without that documentation you are playing with galloping dominoes. Your risk might be small as you yourself know something about it, or it may be huge in that you, like most who run a company, run it from 20,000 feet, through your management.  There are seldom any pleasant surprises in business.

Has anyone at your company done a risk assessment?  Where are you located geographically?  Are you in an area that is prone to earthquakes, Hurricanes or Typhoons? How about tornadoes or fire?

One of the largest risks to a company surprisingly is none of the above.  It is employee error.   I have worked for companies where the Owners were the issue.  One company had their child who played video games work on the equipment and of course screwed it up constantly.  Stay away from those companies as they don’t want to hear the truth.  Their child is perfect, knows everything about anything so it must be the fault of the internet or the software or something else.  I worked for companies where the owners themselves who ran the company, also thought they were the end all be all of IT.  Pride comes before a fall; and believe me, when you own a company you really don’t want to have that fall.  Stick to what you know best and leave the technical things that change daily to those that keep up with it.  We who know this stuff are constantly involved with forums and our peers.  What works today may not work tomorrow.  Unless you can devote your life to this, let those of us who do, do it!

“NO”

One owner takes a passing interest in the latest greatest through a magazine and orders or asked his IT guy to make it so.  If you have a yes man working for you, do your self a favor and fire him.  Your people who do this for a living should have the ability to say no.  If they say no, you should listen to them.  If you want a second opinion call your VAR.  If those two don’t jive call another.  Bottom line is you never install REV 1.0 of anything into production, ever!  If your guy cant be honest with you, get real and hire a person who will tell you “no!”  It may save you tens of thousands of dollars, if not your company. I have had yes men working for me in the past and got rid of them.  I depend on Team Corporation and that means I need their input.  While humbling oneself to listen to an underling can be a challenge at times, they may know something that you don’t.

I once worked for a guy who ran a company selling and servicing office equipment.  This was actually my first real job out of school.  The guy was from Georgia and had been a tank commander in WWII.  His manner was gruff, but he was sincere as the day was long.  We became close over the years as I have always made it a point to look at what successful people are doing, how they got there, and basically what made them tick.

He promoted me to the position of service manager of one of his locations.  He drove me over there to introduce me to the new team and show me around.  While on the road, he told me that one secret of a successful person is to hire people smarter, or at least as smart as you were.  To me that was probably one of the most salient bits of advice that I could pass on.  That means that the man had humility and, also he must have thought something of me.

While I still struggle with humility today, I am aware of it, and work on it.

Hours of Operation.

I had a guy interview with me. Towards the end of the interview he asked me if there would be any overtime as he had obligations after work and on weekends.  This guy clearly had no clue about the job for which he was applying.  Hourly jobs are Burger King, not Sysadmin or Network specialist etc.   We get paid well because this becomes the biggest part of your life!  If you are a 9 to 5 guy, don’t look at IT as a career.

As anyone who has been in IT any time at all can attest; this is not a nine-to-five job.  One never knows when something will stop working and you are suddenly pulling an all-niter to fix something.  With VMware and the technology we have today, we can minimize that risk which is something that we do through proper configuration of the servers, building in some redundancy and keeping up with the age of our hardware.

Once you get past a twelve hour day, statistics show that you are much more error prone, thus shooting yourself in the foot; and possibly the company.  Best practice planning and implementation from the beginning mitigates this risk. Having up to date documentation as well as partnerships with VAR’s will allow you to recover faster, and employ fewer full time people.  Staff augmentation through a VAR is an excellent way to keep the number of FTE’s down but, that relationship really needs to be solid.

If you want to experience what “cold running blood is” come in late at night to update some software on the server, re-boot it and then you see the prompt, drive 0 not found.  This was before the days of raid.  This was when Ginning a server started with installing 25 5.25 inch floppies followed by a 12 hour compsurf.  We have come a long way since then and so have the folks who create viruses.  This is one of the most dynamic industries that I am aware of.  One really must be dedicated to be any good at this.

By dedicated I mean just that.  Keep up with what is going on through periodicals, peers in the industry and again I cant stress this enough at least one good VAR.

On one of my data center re-builds a vendor was doing our cable plant.  They ran long into the night and someone made a mistake.  Instead of pulling the old data lines and stopping, they cut and pulled the phone lines as well.  On another cable job that I was aware of about 3 in the morning a 32 pair conductor cable got stuck.  Instead of seeing why, the installer reared back and pulled for everything that he was worth.  He snapped an ionized water line and flooded the computer room in a huge hospital.  Water poured out of the elevator shaft like it was some sort of an elaborate fountain.  Thank goodness that was not my job.

Much like driving less than 500 miles a day on a vacation is a good idea; so is the amount of hours worked by each person, as mistakes happen. Make sure you have adequate staff to do the job, especially when you are taking on a new project.  How do you do that?  Proper project management methodologies and relationships with VARS… That is another story…

Here is an example of what a sysadmin is as defined by this site.

http://www.supportingadvancement.com/employment/job_descriptions/advancement_services/system_administrator.htm

ESSENTIAL FUNCTIONS:

The System Administrator (SA) is responsible for effective provisioning, installation/configuration, operation, and maintenance of systems hardware and software and related infrastructure. This individual participates in technical research and development to enable continuing innovation within the infrastructure. This individual ensures that system hardware, operating systems, software systems, and related procedures adhere to organizational values, enabling staff, volunteers, and Partners.

This individual will assist project teams with technical issues in the Initiation and Planning phases of our standard Project Management Methodology. These activities include the definition of needs, benefits, and technical strategy; research & development within the project life-cycle; technical analysis and design; and support of operations staff in executing, testing and rolling-out the solutions. Participation on projects is focused on smoothing the transition of projects from development staff to production staff by performing operations activities within the project life-cycle.

This individual is accountable for the following systems: Linux and Windows systems that support GIS infrastructure; Linux, Windows and Application systems that support Asset Management; Responsibilities on these systems include SA engineering and provisioning, operations and support, maintenance and research and development to ensure continual innovation.

SA Engineering and Provisioning

  1. Engineering of SA-related solutions for various project and operational needs.
  1. Install new / rebuild existing servers and configure hardware, peripherals, services, settings, directories, storage, etc. in accordance with standards and project/operational requirements.
  1. Install and configure systems such as supports GIS infrastructure applications or Asset Management applications.
  1. Develop and maintain installation and configuration procedures.
  1. Contribute to and maintain system standards.
  1. Research and recommend innovative, and where possible automated approaches for system administration tasks. Identify approaches that leverage our resources and provide economies of scale.

Operations and Support

  1. Perform daily system monitoring, verifying the integrity and availability of all hardware, server resources, systems and key processes, reviewing system and application logs, and verifying completion of scheduled jobs such as backups.
  1. Perform regular security monitoring to identify any possible intrusions.
  1. Perform daily backup operations, ensuring all required file systems and system data are successfully backed up to the appropriate media, recovery tapes or disks are created, and media is recycled and sent off site as necessary.
  1. Perform regular file archival and purge as necessary.
  1. Create, change, and delete user accounts per request.
  1. Provide Tier III/other support per request from various constituencies. Investigate and troubleshoot issues.
  1. Repair and recover from hardware or software failures. Coordinate and communicate with impacted constituencies.

Maintenance

  1. Apply OS patches and upgrades on a regular basis, and upgrade administrative tools and utilities. Configure / add new services as necessary.
  1. Upgrade and configure system software that supports GIS infrastructure applications or Asset Management applications per project or operational needs.
  1. Maintain operational, configuration, or other procedures.
  1. Perform periodic performance reporting to support capacity planning.
  1. Perform ongoing performance tuning, hardware upgrades, and resource optimization as required. Configure CPU, memory, and disk partitions as required.
  1. Maintain data center environmental and monitoring equipment.

KNOWLEDGE/SKILLS:

  1. Bachelor (4-year) degree, with a technical major, such as engineering or computer science.
  1. Systems Administration/System Engineer certification in Unix and Microsoft.
  1. Four to six years system administration experience.

COMPLEXITY/PROBLEM SOLVING:

  1. Position deals with a variety of problems and sometime has to decide which answer is best. The question/issues are typically clear and requires determination of which answer (from a few choices) is the best.

DISCRETION/LATITUDE/DECISION-MAKING:

  1. Decisions normally have a noticeable effect department-wide and company-wide, and judgment errors can typically require one to two weeks to correct or reverse.

RESPONSIBILITY/OVERSIGHT –FINANCIAL & SUPERVISORY:

  1. Functions as a lead worker doing the work similar to those in the work unit; responsibility for training, instruction, setting the work pace, and possibly evaluating performance.
  1. No budget responsibility.

COMMUNICATIONS/INTERPERSONAL CONTACTS:

  1. Interpret and/or discuss information with others, which involves terminology or concepts not familiar to many people; regularly provide advice and recommend actions involving rather complex issues. May resolve problems within established practices.
  1. Provides occasional guidance, some of which is technical.

WORKING CONDITIONS/PHYSICAL EFFORT:

  1. Responsibilities sometimes require working evenings and weekends, sometimes with little advanced notice.
  1. No regular travel required.

———————————————————————————————————

This is close but I would add to this list… I see nothing in this description about documenting anything.  Maybe that is why it is not done in so many places?  Does your SA do this type of thing?

-Best