No doubt many of you have heard of the Flame malware that has targeted systems in Iran, Lebanon, Syria, the Sudan and others.
This malware is so intelligent, not only can it log your keystrokes, but it turns on cameras and microphones connected to PCs and records conversations and actions nearby. It has been described as more powerful than the Stuxnet and Duqu viruses of late.It is an amazing security threat to any business.
However, InTech customers who subscribe to our OpenDNS service are safe from their network being infected by the Flame virus.
If you want to increase the security of web browsing within your company, contact me today at 724.858.2814 or Leia@intechit.net for a FREE Internet Security Assessment.
I will personally pin-point the holes in your network that can allow hackers and viruses in, as well as checklist to reign in your network and internet security.
Because I can only complete 11 of these this month, I am only offering this until the end of the month (June 30th, 2012).Call me today to schedule your FREE Internet Security Assessment.
Keeping your network safe & secure,
Leia T Shilobod, IT Princess of Power
We have been seeing a lot of information floating around the last few days in media outlets and from friends and clients about hundreds of thousands of people suddenly losing internet connectivity in July. Much of the information is dooms-day sounding and finger pointing, so we wanted to give you some straight talk about what this is all about.
Back in November, a group of hackers/malware authors in Estonia were apprehended. They had been infecting computers with malware that would (among other things) redirect you to websites THEY wanted you to visit instead of where you actually wanted to go.
Why? To make money. They made over $14 million from advertising.
Could the malware do other bad things? Yes. And it probably did. Maybe steal information, and at the very least be a big pain in the butt.
How did it do this?
Well, the way the internet gets you to the website you want is by something called DNS (Domain Name Service).
Every website is hosted at some ‘place’ in the world and that ‘place’ is delineated by an IP address. If you want to know what your IP address is, you can find out at www.whatismyip.com.
So when you type in www.AwesomeITGuys.com, DNS translates that name into the numbers (IP address) so that it can point you to the location of my website. Without DNS, you would have to remember a series of numbers (and these numbers may change if where the website is hosted changes), to find a website on the internet .
So DNS makes our lives easier online. It was also the way that the hackers exploited people.
Now comes the element that makes this DIFFERENT from other malware attacks: the government got involved.
In their infinite wisdom (feel the sarcasm), they decided to set up temporary DNS servers so that people could get to where they were trying to go on the internet. If they HAD NOT done this, then the infected PC’s would have immediately lost the ability to browse the internet when the Estonian hacker’s servers were shut down. People would have figured out there was an issue, and their computers would have been cleaned back in November of 2011.
Now people have had infected computers FOR MONTHS with no or little signs that there was a problem.
You can go to the website of the company the government is paying to set up and maintain these servers for additional information (www.dcwg.org) but it is hard to reach because there is so much traffic, so consider this blog your alternative source.
Here is what you do to determine if you are infected with the DNS Changer Malware and what to do if you are infected:
1. Go to: www.dns-ok.us and if you get a RED page, you are certainly infected. If you get a GREEN page, you are PROBABLY not infected with this particular piece of malware. (you could still be infected with a different type of malware)
2. You can manually determine if you are infected by following the these instructions:
a. To check if your Windows 7 machine is infected, first click the “Start” icon.
ipconfig /allcompartments /all and hit enter. (Windows users might be used to just typing “ipconfig /all“. This also works, but might not list all the routing compartments if you have a VPN setup in Windows7.)
The output will be very long, since Windows7 by default has support for IPv6. Most likely, you want to look for the IPv4 information under the section entitled “Ethernet adapter…”. Look for the “DNS Servers” line, and write down these numbers. There may be two IP addresses listed there.
e. Are Your DNS Settings OK?
The malicious Rove viruses changed some peoples DNS settings to use computers they operated. Compare your DNS settings with the known malicious Rove DNS settings listed below:
|Starting IP||Ending IP||CIDR|
IF YOU DETERMINE YOU ARE INFECTED:
Run one of the following tools:
|Kaspersky Labs TDSSKiller||http://support.kaspersky.com/faq/?qid=208283363|
|Trend Micro Housecall||http://housecall.trendmicro.com|
|Avira||http://www.avira.com/en/support-for-home-knowledgebase-detail/kbid/1199 Avira’s DNS Repair-Tool|
– Then download, install and UPDATE Malwarebytes at www.Malwarebytes.org (for free) and run it.
– Finally, update your antivirus software and run a full scan.
All malware is very bad, not just this one piece or type of malware. The media’s frenzy and the government’s strange involvement does not make this worse than other viruses.
Take ALL malware seriously. Protect yourself by keeping your antivirus up to date, doing all your updates (Windows, Adobe, Java, etc.), make sure your antivirus scans run at least weekly.
Forever Standing Guard Against Malicious Hackers To Keep Your Network Safe,
Leia T Shilobod, IT Princess of Power
Do you know someone who fits this description? Pass it on!
Would this be an awesome position for you? Send us your resume!
Are you a motivated, client-focused IT problem solver? Do you constantly strive to learn more about networks, software, remote access and servers? Are you resourceful and positive when approaching IT issues?
For the IT guy or gal who answered ‘yes’ to these questions, this is the opportunity for you. We are a small, fast-growing I.T. firm in Greensburg, PA that is in need of a Computer Technician/Network Administrator who can efficiently and effectively solve IT issues, configure equipment, and integrate it into our client’s networks.
We are NOT looking for someone who is unmotivated, needs to be told what to do, and is not interested in learning new ways to do things.
Why Work for Us?
Only detail-oriented resourceful troubleshooters and integrators who have a passion for ‘making things right’ will be considered. Those looking for an easy “9-5” customer service job and slower pace should not apply.
Please ONLY Apply If You Meet The Following Criteria:
The right candidate can expect a competitive compensation plan depending on skill level, with benefits offered. Future growth of knowledge, skills, duties and compensation is available.
If you have what it takes to fill this role, please submit a resume by e-mail to Leia@intechit.net detailing your previous work history and accomplishments (not just a list of task and job responsibilities, we’d like to hear about problems you’ve solved or networks you’ve set up), as well as a brief, one-page summary explaining why you think you would make an excellent candidate for this position.