29.9.2015 09:15
Problem has reoccured and has been escalated to Netregistry again
( Service Status – currently showing all GREEN however it is a known issue as Sterling is not the first company to call it in)
https://status.netregistry.com.au/
28.9.2015 11:05
Problem rectified
28.9.2015 10:45
Netregistry is encountering email delivery issues.
People sending emails to your domain may get rejected and bounce.
Netregistry is currently looking into this.
This document is provided by Fortinet Corporation and shown here for customer and staff information only.
Summary
This document is intended to outline the policy that Fortinet has established for the activation date of warranty
and support. Renewals of support contracts will start from the end of the previous support contract.
In Summary
• Product warranty and support starts at the EARLIER of the following events:
−− At time of registration
−− At first point when unit will connect with Fortinet and request updates
−− If these two events do not occur within 100 days of the shipment of product from Fortinet, the
hardware, service and support will be auto-activated 100 days from Fortinet shipment to Distributor
• At initial power-up it is HIGHLY recommended that the customer follow the registration process to ensure
timely updates and support.
Warranty
Warranty/Support start is tied directly to the ship date or activation connection with Fortinet. Warranty is
the base level of coverage on the hardware platform. Fortinet’s warranty is included in its End User License
Agreement.
Support
The start of support is tied to the timing of hardware shipment or activation, but a maximum of 100 days grace
period is provided in EMEA/APAC. Support is considered “insurance” in many ways, meaning it is there in case
something goes wrong, hence it is important that the support agreement starts around the time product is
received and doesn’t wait to start until an issue comes up.
Bundles
The start date for bundles will follow the warranty/support policy above.
Effective Date
This new policy applies to products purchased and shipped from Fortinet on or after October 1st, 2015.
Fortinet is committed to providing regular patches and support services for a period of 36 months from the date of general availability. An additional 18 months beyond this period has been added, bringing the total duration of support for a software or firmware release to 54 months.
This is a way for Fortinet to ensure that we are providing your customers with the most up-to-date Fortinet security protection.
With more and more devices being introduced into networks, such as IPCams, watches, mobile devices, fingerprint readers and much more, management of this will be a nightmare, if not already. How will you manage this in a couple of years, especially with the introduction of IPv6 ?
Flexible, open and adaptive solutions to manage your complex enterprise network
Many companies are managing their IP ranges and information in spreadsheets shared across offices, states and countries. With the possibility of conflicts and mismanagement of these, there has to be an easy way… well there is!
Introducing Bluecat Networks IPAM (IP Address Management).
Sterling IT and Bluecat working together, have solutions to assist. As a central control point, IPAM provides an authoritative source for information about the network, providing valuable insight to enable informed management and security decisions for the enterprise. This strategic insight and rich integration with core network services allows you to drive more reliable service delivery, enable greater agility, improve security and lower the manual effort involved in administration. With BlueCat IPAM, you will be better equipped to take advantage of emerging technologies, driving innovation and success for your organization’s business initiatives.
Contact Sterling IT to organise a free 30 day trial of the application
Comes in a physical or virtual appliance for HyperV or VMWare
How do you manage your IP addresses over multiple sites and/or thousands of connected devices?
The internet has become an indispensable tool for everyday life, both personal and business. Its global use and familiarity has also opened the doors for cyber-criminals to take every opportunity to exploit vulnerable people through disturbing online attacks. Online scams and malware are also becoming increasingly sophisticated, and while IT professionals are aware of what to look for and how to fix problems when they arise, their colleagues may be confused by the latest scams discussed in the media.
Botnets
A botnet is the result of a criminal using malware (malicious software) to turn a computer into a bot, short for robot. In conjunction with a large number of other computers, these systems together form a botnet. Bots can often propagate themselves across the Internet by searching for vulnerable and unprotected computers. Exposed computers can be infected quickly and unknown to the user stay dormant until they are required to perform their detrimental attack. Once infected these bots can be controlled remotely to perform automated tasks over the internet such as sending out spam, malware and spyware; launching denial of service (DoS) attacks against other systems; or participating in other types of cyber-crime such as theft or fraud.
Hacking
Computer hacking has been around much longer then people have had PCs in their own homes, and is the term used to describe gaining unauthorised access into a computer. Hacking can be used to find weaknesses in your security settings which are then exploited to gain sensitive or personal information, to install malware, or to block or hijack your access to websites or email.
Malware
Extremely common, malware, or malicious software, is software you don’t want to infect your computer. Malware includes computer viruses, worms, ransomware and Trojan horses. Specifically designed to disrupt, damage or gain control of a computer system or data, therein each of these types of malware has its own purpose. Malware does a range of things, it may tell you that your computer has a security problem, re-formats your hard drive, alters, deletes or encrypts files; steals sensitive information, sends unauthorised emails, or takes control of your computer and all of the software on it.
Types of Malware
Viruses
A computer virus when executed will replicate by inserting copies of itself (possibly modified) into your computer programs, data files, the hard drive or connected network shares. By doing this the virus infects your system and interferes with the way a computer operates. Viruses are often spread via normal looking attachments in an email message or instant message; through downloads, or in pirated software.
Trojan Horse
Like the Greek tale, the Trojan horse or Trojan, employs social engineering so that it looks legitimate, useful or interesting to the potential victim who is then more susceptible to installing it on their computer. As a non-self-replicating type of malware program it is designed so when it is executed it carries out the actions determined in the program, often including joining the computer to a botnet.
Ransomware
As a relatively recent addition to the malware family, ransomware is a digital form of extortion. When you open a malicious email attachment or click a malicious link in an email message, instant message, on a social networking site, or other website; ransomware is downloaded onto your computer and is designed to block access to all your files and programs until a sum of money is paid. A computer becomes basically inoperable as you have no access to any of your files (unless you have done regular data backups). It is generally advised that you don’t pay the ransom as you cannot be guaranteed you will get the key or code to unlock your files.
Phishing
Phishing has also become a firm favourite of cyber-criminals. These sophisticated modern day forgers use deception and social engineering techniques to trick users. This is done by sending emails, text messages or website links purporting to be from authentic companies that the victim may have had previous communications with (also called spoofing). These fake messages or links are then used to persuade the recipient to reveal personal information including usernames, passwords and credit card details. Phishing scams have become increasingly prevalent because they are easy to execute, and with little effort.
Spam
Spam is another common method for sending information out and collecting it from unsuspecting people. Spam is usually the mass distribution of unsolicited messages, marketing, advertising or pornography. Spam tends to annoy people mostly by clogging their inboxes with junk, however it can also be a vehicle for malware, scams, fraud and threats to privacy.
TIPS FOR CYBER SECURITY
It is vital that anyone who sends and receives emails daily (at home or at work) is made aware and well educated on these common types of cyber threats.
There are a wide range of things you should remember or put into place within your organisation, to ensure your computer/computers are protected the best way possible.
• Avoid giving your email address out online. If you publish your email address on the web, make it unscannable so that it cannot be harvested by bots. There are alternative ways to display an email address which in turn makes it hard for spambots and cyber criminals to harvest it.
• Never open an attachment that is a .zip file or .exe file unless you are expecting it. Files from unknown senders often contain some kind of malware or virus.
• Check who is sending you email communication. Be aware that malware, phishing scams or spam may come from unrecognisable or odd email addresses, however legitimate email addresses can be forged easily.
• Never respond. If unsure, report the message as ‘spam’ to your service provider, and delete it! Also, you should delete the email from your trash to save you accidentally opening it in the future.
• Only click links from trusted senders. If an email has a link you don’t recognise, take a closer look by hovering your mouse over and checking the destination in your browser. If it doesn’t match, it is not legitimate.
• Check for spelling, grammar and syntax. Most malware, phishing scams or spam originate from foreign countries so may contain some very obvious errors.
• A reputable company or organisation will never use an email to request personal information. If you think there is a possibility it may be legitimate, type the real URL into your browser or contact the company directly.
• Reading an email in plain text rather than html can help to avoid phishing attempts, however this is not 100% foolproof.
• Report any suspicious or scam emails to the company that is being imitated, your email security provider, or to SCAMwatch.
• If a computer runs slowly, keeps crashing or stops responding often, this could be a sign that the computer is infected. Get an IT professional to take a look for you.
• It is extremely important to back up your data every single day.
• Utilise multilayered defences. This includes installing anti-virus, anti-malware, anti-spyware, and using cloud based email filtering and web filtering services. You should also not conduct day to day work with Administrator privileges on your workstation. Instead, you should use elevated privileges only when required, for example to install trusted software. Having one form of protection alone may not cover you for all the possible threats.
• Keep your software regularly updated. Software that updates automatically is incredibly beneficial to busy organisations.
• Use strong passwords and keep them secret. It is also a good idea to change them on a regular basis. Don’t use the same password for multiple accounts.
• Install a firewall on your computer and never turn it off.
• Increase security settings on your browser. You can limit user rights to certain online sites.
• Use external devices cautiously. This includes USBs and iPads/iPhones etc. as these can become infected with malware, corrupting your computer.
Cyber criminals are quite adept at tricking email users into falling for their scams. They are always coming up with new methods of deception. It is in the best interest of every company to ensure all their employees are educated on the most commonly known threats. Staying cyber-vigilant and applying solid security measures, is always the best defence against any future breaches.
Want to add another of level of protection on your email? Filter with Mailguard – the providers of the information above.
Need more information, quote on Mailguard or training for your staff?
Contact Us NOW! – Don’t Delay
Wondered how you can send a message to all users logged in to a 2012 Server?
Well here it is …
Open a COMMAND PROMPT
Msg * “Buy Me Lunch”
Before you know it, you wont be hungry anymore. 🙂
Our external website got attacked yesterday (and not proud of it). We are very security conscious and hold NO data (customer or own) on our site excluding our blogs.
Even with strong admin passwords, we thought we were safe.
The only way we were safe is we make monthly off server backups.
We tried recovering some files but each time, there was a background script which would kill those newly updated files and replace with the ‘hacked page’.
We have now implemented a plugin called iThemes Security Pro.
This is a free plugin and is brilliant as allows so much configuration through a GUI (simple) interface, including renaming admin account, locking down php files plus much more.
It is also rated quote high and has over 700,000+ installs as well.
The main thing here is the fix was to restore from a backup after deleting ALL files on the host, then applying iThemes Security Pro
Make sure you backup, backup, backup. (iThemes Security Pro will do this for you as well)
If you need help with implementation of this, or assistance with a hacked website, comment here or contact Sterling IT.
