Gulfcoast Networking, Inc. Consumer Services

We Fix Sick Computers

727-847-2424
  • Home
  • Safe Computing
  • Remote Support
  • Computer Tuneup
  • Virus Removal
  • Online Store
  • Location
  • About Us
  • Mailing List Signup
  • Contact Us

Archives for June 2015

Passwords

June 15, 2015 By Rob Marlowe

Hardly a day goes by without a news report somewhere about hackers breaking into one system or another.  The biggest single factor that most of these breakins have in common is that the system or network was protected with a weak password.

[I] Jun 11 4:22:52 [180.254.42.142:49523][ID]SMTP Server: AUTH failed, username postmaster, password Password1
[I] Jun 11 4:22:54 [180.254.42.142:49949][ID]SMTP Server: AUTH failed, username postmaster, password p@ssw0rd
[I] Jun 11 4:22:58 [180.254.42.142:50433][ID]SMTP Server: AUTH failed, username postmaster, password password
[I] Jun 11 4:23:02 [180.254.42.142:50836][ID]SMTP Server: AUTH failed, username postmaster, password password123
[I] Jun 11 4:23:05 [180.254.42.142:51042][ID]SMTP Server: AUTH failed, username postmaster, password support
[I] Jun 11 4:23:10 [180.254.42.142:51480][ID]SMTP Server: AUTH failed, username postmaster, password qwerty
[I] Jun 11 4:23:12 [180.254.42.142:51703][ID]SMTP Server: AUTH failed, username postmaster, password qwerty1
[I] Jun 11 4:23:31 [180.254.42.142:53388][ID]SMTP Server: AUTH failed, username postmaster, password changeme

Shown above is a short log snippet from a few days ago.  All of these failed login attempts happened in less than 45 seconds.  They originated in Indonesia.  Our log files are full of similar attempts from Russia, China, Vietnam, and other countries as well.

“Postmaster” is a common mailbox name, which is why the hacker chose this name.  As you can see, they ran through a series of very simple password variants.  You’d probably be surprised at how many folks actually use “password” or some variation for their password.

The bad guys don’t type these attempts in.  They use computers to work through all the possible password combinations.  Because a lot of people use words for their passwords, the bad guys will work their way through a dictionary list, hence the origin of the term “dictionary attack”.

While no system is likely to survive a concerted attack by a government with unlimited computing resources, you CAN protect yourself from the garden variety attacks like the one shown above.  How?  It’s actually quite simple:

Make your password both long and hard to guess, while still easy to remember.  Using the first letter of a phrase will work, provided that is obscure enough.

MTFBWY is likely a poor choice as Star Wars has made the phrase commonplace.  At six characters, it is also too short.

Sbc,CD.Awgootj?  would be a better one.  (From Stan Freberg’s “United States of America” when Columbus asks the indian chief for directions to the nearest bank:  Sorry, banks closed, Columbus Day.  Are we going out on that joke?)

Take a memorably phrase from your favorite classic movie, play, or Bible verse and toss in a couple of special characters and you’ve got something that you can remember and that is strong enough to protect you from most of the bad guys.  (Hint:  If you are going to pick a Bible verse, don’t pick one of the commonly quoted ones.)

Pet names are very popular as passwords.  They are also very poor choices as they are easily guessed.  This is especially true if you plaster pictures of your pets all over facebook.  “Rover” is a bad password.  “IlR,wgh@tWPSPCA!” would be a much better one, and it is just as easy to remember the phrase “I love Rover, we got him at the West Pasco SPCA!” as it would be to remember the dog’s name.

The longer the password, the better.  A password phrase of five or six characters is going to be fairly easy to crack with a brute force attack.  One of a dozen characters will take MUCH longer to hack.

You will also want to change your passwords periodically.  Both Quickbooks and several of the e-commerce sites I regularly use prompt me to change my passwords every three months.

Needless to say, don’t use the same password for everything.  If you have a different password for each place that needs a password, having one compromised won’t give the bad guys everything.

Where do you need a password?

Unless you’ve got family members you want to restrict from the computer, you probably don’t need a login password on a desktop machine.  If you carry your notebook around with you, you probably DO want a password on it.  Keep in mind that password reset disks are readily available and, if someone steals your computer, they won’t have much trouble getting into it.  (Note:  You should consider encrypting the drives on business machines with sensitive data, especially notebooks.)

You SHOULD have a decent password on your email account and any online accounts you have.  This includes bank accounts, facebook, and your website.

Why you need a strong password for online banking ought to be obvious.

Most people don’t think about facebook though.  I’ve lost track of the number of facebook friends who have had their accounts hacked. These hacks can range from annoying to full boat embarrassing.

Ditto email accounts.  When your friends get an email from you inviting them to view some link that you didn’t really send, they are going to blame you when their computer gets hacked.  Additionally, facebook, banks, and other accounts often have a password reset feature that sends the reset instructions to your email account.  If your email account is compromised, then everything else is also at risk.

A hacked website can do more to damage a company’s reputation than pretty much anything else, especially if the website collects credit card or other personal information.

There are some password management programs available.  I haven’t used any of them as they strike me as just a means of putting all of your proverbial eggs in one basket.

Likewise, don’t save your passwords in your browser.  While this may be “okay” for low value passwords, it is an absolute “NEVER” for passwords to sensitive websites, such as your bank.

One final thought:  Do NOT write down all your passwords and tape them to your computer.  That pretty much defeats the whole purpose.

Good luck and stay safe.  Feel free to give me a call at 727-847-2424 or drop me an email if you have any questions.

 

Rob Marlowe, Senior Geek

 

Filed Under: GEEKNOTES

June Newsletter

June 1, 2015 By Rob Marlowe

Here’s what’s inside our 2015 June Newsletter:

SCAM ALERT – BE CAREFUL WHEN BUYING OR SELLING ON CRAIGSLIST

NEWS FROM THE SHOP

GO PINTEREST-ING! – COOL STUFF TO PIN ON YOUR PINTEREST BOARDS

FREE FEATURED APPS – THESE THREE ARE WELL WORTH A LOOK

SITES OF THE MONTH – GREAT SITES TO CHECK OUT IN JUNE

TWO TO VIEW – A COUPLE OF AMAZING VIDEOS YOU DON’T WANT TO MISS

SHORT FAQ – WHAT’S THE BEST WAY TO HANDLE AN INTERNET TROLL?

The Gulfcoast Networking Team

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

———————————————————————-

SCAM ALERT – BE CAREFUL WHEN BUYING OR SELLING ON CRAIGSLIST

Craigslist can be a convenient and inexpensive way to get a great deal on used items or make some extra cash if you have items to sell. Most of the transactions that originate on Craigslist happen without a hitch, but that doesn’t mean you shouldn’t be wary. Unscrupulous people can use Craigslist to take advantage of you in multiple ways: by gathering your personal information, making fake deals to steal your money, or physically harming you. Protect yourself by taking the following precautions:

~ Rule #1 is to use common sense. If something feels fishy or “off,” it probably is.

~ Take advantage of the Craigslist feature that allows you to hide your email address. Give your mobile phone number, so it can’t be traced to your home.

~ If possible, meet in a public place such as a coffee shop or store parking lot. Some police stations allow citizens to complete such transactions on their premises.

~ Bring a friend and your phone to any meeting. Let others know where you’ll be.

~ If you’re selling and must meet at your home, move the item to a visible location, such as an open garage.

~ The best way to be paid is in cash. Never issue refunds on checks that haven’t yet cleared, and never send money to purchase an item you haven’t seen.

Remember, people you meet online aren’t always who they appear to be, but there are steps you can take to protect yourself, both online and off. For additional recommendations, visit http://www.staysafeonline.org.

———————————————————————-

NEWS FROM THE SHOP

Part of what we do is keeping up with the latest innovations.  I went down to Tampa Thursday to attend a viewing party for the Google I/O 2015 keynote presentation.  There was a lot of cool stuff presented, but the thing that caught my attention was Google Photos.  Free, unlimited storage of your uncompressed photos.  This one is definitely worth exploring.

Many of our clients appreciate being able to pick up the phone and give us a call when they have a question.  We have a variety of Safe Computing Package options for individuals.

We also offer comprehensive Managed Service agreements for our business clients who want predictability in their monthly IT expense.  Give us a call if you’d like more information on how we might be able to assist your company.

 

———————————————————————-

GO PINTEREST-ING! – COOL STUFF TO PIN ON YOUR PINTEREST BOARDS

Uplifting Grapefruit
Mint Body Scrub
https://www.pinterest.com/pin/291537775855036574/

Turn An Old Desk
Into A Cute Planter
https://www.pinterest.com/pin/438538082435665663/

Time For A Unique
Bicycle Rim Clock
https://www.pinterest.com/pin/291537775855304852/

You haven’t started pinning on Pinterest yet and you want to get started?
To sign up, go here https://pinterest.com/join/signup/

———————————————————————-

FREE FEATURED APPS – THESE THREE ARE WELL WORTH A LOOK

The Weather Channel
Being unprepared for the weather can put a damper on your day. But, of course, there’s an app for that! Get high-quality forecasts and more.

Learn more here…  http://www.weather.com/apps

Pocket
Found something online you don’t have time for now? Just put it in your “pocket” and view later from any device — no Internet connection needed.

Learn more here…  https://getpocket.com/

Yelp
You already know how handy Yelp can be for sharing and reading reviews for restaurants and other businesses. Why not bring it with you wherever you go?

Learn more here… http://www.yelp.com/yelpmobile

———————————————————————-

SITES OF THE MONTH – GREAT SITES TO CHECK OUT IN JUNE

Map Your Summer Vacation
http://npca.org/parks
Want to see something amazing this summer? Go to one of America’s national parks. From Yosemite to Yellowstone, and from the Great Smokies to the Grand Canyon, the U.S. boasts many breathtaking destinations. Use this handy map to find the best one to visit based on location, theme, category, or name.

Free + Recycling = Freecycle
http://freecycle.org
Have some stuff taking up too much space in your garage? Or are you looking for some new books to read? Either way, Freecycle could be great for you. It’s a worldwide network of people exchanging things for free. Each local group is moderated by volunteers. Membership is (of course) free.

Make Cool, Creamy Treats
http://benjerry.com/flavors/recipes
What could be better than a pint of Ben & Jerry’s ice cream? You’ll find out when you visit this site. Get ready for mouth-watering recipes for treats featuring the cool, creamy flavors you’ve come to know and love. Try ice cream cake, ice cream truffles, brownies, cobblers, and more.

Protect Your Skin From Harmful Rays
http://skincancer.org/prevention/sun-protection/prevention-guidelines
Summer means sun, and sun means the potential for fun as well as damage. Skin cancer is a real threat, but there’s a lot you can do to prevent it. Check out this site for general recommendations as well as those for specific situations like going to the beach, driving, and golfing.

———————————————————————-

TWO TO VIEW – A COUPLE OF AMAZING VIDEOS YOU DON’T WANT TO MISS

http://www.eNewsletterHome.com/_eNewsletter/2015/1506_VIDEO_A.htm

Surf’s Up In Indonesia!
Complete with beautiful views, this amazing footage highlights professional surfers on the waves in Indonesia as they guide tourists and train the next generation.

http://www.eNewsletterHome.com/_eNewsletter/2015/1506_VIDEO_B.htm

Not Just Another Day At The Beach
Watch this prankster trick unsuspecting beach goers into thinking she’s disappeared. All she needs are a “faulty” umbrella and a trap door beneath her towel.

———————————————————————-

SHORT FAQ – WHAT’S THE BEST WAY TO HANDLE AN INTERNET TROLL?

Question: I’m troubled by the mean comments I find on Twitter and elsewhere, including some that have been directed at me. What can I do?

Answer: Sounds like you’ve discovered one of the downsides of online interaction: trolls. A troll is someone who uses offensive, inflammatory, or irrelevant messages to illicit emotional responses from others and throw the intended conversation off course. Trolls thrive on conflict, so one of the best ways to deal with them is to ignore them. However, if ignoring doesn’t work or isn’t an option, there are other steps you can
take:

~Don’t take it personally. A troll’s unkind words truly have nothing to do with you; they’re more of a reflection of that person’s own problems.

~Try being nice. Some trolls are actually just people with strong opinions or who need a lot of attention. If you engage with them nicely (such as asking for clarification), they may respond in kind.

~Use your settings. Many sites have options that allow you to control whose input you see and don’t see. Set yours to omit the troll’s posts from your view.

~Kick them out. If the site has a moderator, ask that person to take appropriate steps to limit the troll’s access or kick them off the site altogether.

~Set a good example. Trolls’ behavior can remind us that it’s easy to hurt other people online. Take extra care to ensure your own messages come across the way in which you intend.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

We hope you found this newsletter to be informative. It’s our way of keeping
you posted on the happenings at our shop.

Thanks for your business!

Best regards,

Rob Marlowe, Senior Geek
Gulfcoast Networking, Inc
6335 Grand Blvd
New Port Richey, FL 34652

727-847-2424

(We have used our best efforts in collecting and preparing the information published
herein. However, we do not assume, and hereby disclaim, any and all liability
for any loss or damage caused by errors or omissions, whether such errors
or omissions resulted from negligence, accident, or other causes.)

©2015 Gulfcoast Networking, Inc.
Portions ©2015 Cornerstone Publishing Group, Inc., Used with permission

Filed Under: Newsletter

Support

Chat with a tech.

Schedule an appointment via facebook.

Visit our Business Solutions website for information on how we can help keep your business humming.

Quick Links

  • Contact Us
  • Product Search
  • Archives
  • Mailing List Signup

Meet the Geek

Rob Marlowe

Contact Info:

Hours: M-F 9-5
Evenings and weekends by appointment
Phone: 727-847-2424

Physical Address:
6335 Grand Blvd
New Port Richey, FL 34652

Copyright © 2021 Gulfcoast Networking, Inc. · Log in