Using Netstat Command

Netstat can be used to find out various things about what’s going on with your connections to the internet or your network behind the scenes of your OS. I have used Netstat to find things like malware intrusions accessing a network connection, ports being used by IP address, and dropped packets over the network (which can be a good way of detecting failing or failed hardware). Below I will list some of the common commands that I use and what their purposes are.

Netstat –n     This will list connections and ports that the connections are currently using.

Netstat –s      This will list statistics about your packet transactions info.

Netstat –s –s This can be an easier way of viewing Netstat –s because it will remove anything with the value 0 in the list.

Netstat –f      This will show you a list of all connected domains to which you are currently connected to whether it’s your ISP, internet web page, your VPN connection, or your current office connection.

Netstat –b   This displays the executable involved in creating each connection or listening port. In some cases, well-known executable hosts multiple independent components and, in these cases, the sequence of components involved in creating the connection or listening port is displayed. In this case, the executable name is in [ xxxx  ] at the bottom, on top is the component it called, and so forth until TCP/IP was reached. Note that this option can be time-consuming and will fail unless you have sufficient permissions.

These are the most common Netstat commands for me. I use them as tools to understand what’s going on with a network so I have a good basis to make an effective diagnosis.  I suggest reading up on Netstat to find the different commands that may work for you.

Dennis Foote - Systems Engineer

Give Us a Call 617-731-6319 and Ask a Professional IT Support Technician Any Questions You May Have!

Even the US Military Gets Malware

An article yesterday in the Washington Post, "Cyber-intruder sparks massive federal response," details how US military computer networks were infected by malware, dubbed Agent.btz, at some point in 2008.  An interesting read, it shows how differently the government responded to the incident, compared to the typical response in the civilian world.  However, the commonalities are also there, particularly in how the infection began.

As with many outbreaks these days, the infection came from portable media; in this case a USB thumb drive.  A favorite for people who travel and professionally network with others, USB thumb drives provide a simple way to transmit large files easily and quickly.  However, they very often also act as a vector for all types of computer infections.  Once infected, a thumb drive will attempt to infect any computer it comes into contact with, often spreading quickly throughout computer networks.

Infections caused this way are hard to block, as they bypass most of the centralized filters or safeguards on networks which protect the network from the internet.  In the case of the US military, their most critical networks are actually physically separated from the internet ("air-gapped" as they call it).  This is the ultimate firewall and content filtering system as it completely forbids any communication or transfer of data between the internal network and the public internet.  But even the best security defenses do not protect against human action, as we can clearly see from the military's situation.  At some point, a US military member used a USB thumb drive in a public internet kiosk in Afghanistan and then re-used that same thumb drive on a computer system connected to the most highly classified US military network.  Despite the military policy which forbid this exact scenario, the person clearly decided to act outside the rules.  And so the infection began.

The lesson learned here is that no matter how extensive your network protection and safeguards, ultimately the biggest liability any network will have is its users.  Users have a vested interest in getting their job done and will use whatever tools at their disposal to do it, even if this means going against a policy which they do not necessarily understand.  While it may be possible to completely lock down a network to the extent that a user can never put it at risk, the entire purpose of the network is to help the user do their job with the most efficiency possible.  This illustrates the age old challenge in security, risk versus convenience.  No matter how secure you try to make a network, you can never make it completely secure and completely usable.  Striking the balance between risk and convenience is a challenge for every organization and relies heavily on the proper education of its users.  In the case of the military, it would seem their education on security policy is a bit lacking when it comes to the IT world, though that has already begun to change in the aftermath of this incident.  Nonetheless, every organization needs to be aware of the liability of improper security training and take regular action to minimize this threat.

If you need help training your employees to understand the benefit and necessity of computer security policy, or need help developing such a policy in the first place, Contact Us today and we'll be happy to help.

Brian St. Marie - Sr. Systems Engineer

Give Us a Call 617-731-6319 and Ask a Professional IT Support Technician Any Questions You May Have!

Internet Phishing Scams: Keeping Cyber Thieves Away from Your Small Business

Phishing scams remain one of the most lucrative crimes for online cyber criminals. News reports of sensitive data from large corporations like Sony being jeopardized are increasing at a worrying rate. But contrary to popular belief, these phishing scams are just as hazardous for small business owners.

Over 300,000 complaints were filed in 2010 to the Internet Crime Complaint Center, a partnership between the National White Collar Crime Center and the FBI.  These complaints were from small businesses and individuals victimized by online phishing scams and various other Internet related crimes.

To give you a better comprehension as to why your small business is of great worth to a cyber criminal, let's take a look at what phishing is exactly. 

What is phishing?

What does "phishing" mean? Phishing is the endeavor to access private data, such as financial information, usernames, and passwords. This is accomplished by making false websites, graphics, email accounts, and phone numbers. The subject is persuaded, by one method or another, to reveal these types of data that may be used to steal their identity (social security numbers are a popular target). For small businesses, phishing scams may attempt to gain access to customer credit card information. 

Examples of small business phishing scams

Thousands of small business owners have been sent emails by an entity using incredibly realistic IRS-looking letters stating that W-4 forms or other additional forms must be filled out and returned via fax.  This frightened many owners into believing they would be audited or penalized by the IRS for not handling the issue immediately. Unfortunately, they were fake emails and these companies were fooled out of their personal information.

At the official website, IRS.gov, the IRS states that it will not contact companies through email first. Beware and use caution before clicking on a link claiming to be from them.

Your company email can be a target

Another way these thieves gain information is by concentrating on a specific person within a business by sending him or her some kind of fake communication that looks completely respectable but ends up releasing a virus or malware. This virus then infects the entire network, giving thieves access to private company data. 

Phone phishing

Phone phishing refers to deceptive phone calls where thieves pose as banks and request the victim to “verify” account numbers over the phone in order to steal confidential information.

How to protect your business against phishing

The Anti-Phishing Work Group offers wonderful advice on how to keep your small business from becoming a target of phishing. Here are a few of their tips:

• Make sure your employees are aware of what phishing scams are, and are cautious when reading and responding to suspicious emails.  Always err on the side of caution.  Instead of clicking a link, open another browser window and go to the official website.
• Never give out company financial information such as bank routing numbers to an inquiry made via email.  Your bank does not need you to confirm your account information...they already have that. An email like that even if it has your bank's logo is a fake. Make it a habit to check your accounts regularly for suspicious charges and withdrawals.
• Make sure every computer used has up-to-date virus and malware protection.  Schedule regular full system scans.  Never download "anti-virus" software from an unknown entity. It's better to stick with trusted brands.

The best way to protect oneself and colleagues from these scams is to be aware of the methods one can use to identify a scam and stay on top of the latest news on the issue.

Terminal IT Support

Give Us a Call 617-731-6319 and Ask a Professional IT Support Technician Any Questions You May Have!

KISS (Keep It Simple, Stupid) Theory Applied to Technology

When having what seems to be a complex computer or printer problem, sometimes the best method to tackle the issue may be to take a step back and try the simple stuff first.  A cable might simply be disconnected, the paper tray may be empty, or perhaps your internet just needs a reboot.  Complex issues often begin from simple issues not being discovered and this leads to the malfunctioning of equipment.  Remember, your devices are pretty smart for the most part and may fix themselves if it something small like an internet connection is lost (or if your printer needs something like a different type of paper or a cleaning).  As technicians, we look for this type of stuff to start with so we have a solid basis to diagnose a problem efficiently.  This method is also used to rule out the smaller things, saving the customer time and money.  If you are having any computer or printer problems, I'd suggest giving the device a once-over, starting from the wall it’s plugged into, to the modem or router it’s connecting to for internet or network access.

Dennis Foote - Systems Engineer

Give Us a Call 617-731-6319 and Ask a Professional IT Support Technician Any Questions You May Have!

Call the pros!

This week’s blog is more of a plea: before you get in too deep, call a professional. This week I have dealt with some problems that have been made worse by people doing things they thought would help, but didn't.

We are honest guys and girls; we genuinely want to get your problems fixed for you. If I don’t think the printer or computer is worth fixing, I will not accept the job or charge you to tell you so. I know that some problems look like they can be solved after five minutes on Google, and some can, but this is not true for the majority.  Following random online instructions may actually lead to more harm!

If you are not very familiar with a Registry, do not edit it! If you are not sure how to take a printer to pieces, please don’t try it!

Have a great weekend!

Kristen Hewes - Hardware Technician

Give Us a Call 617-731-6319 and Ask a Professional IT Support Technician Any Questions You May Have!

The Intel 4004: The Original Microprocessor

The Intel 4004 was the first CPU on a single chip as well as the first available to the commercial market. This week it celebrated it’s 40th birthday! We would like to say thank you to the microprocessor that grandfathered the CPUs we have today. A CPU is the brain of a computer. Known as the central processing unit, every piece of information in or out of a computer goes though the CPU. Just imagine what the Intel 4004, a tiny yet powerful CPU, did for the computing world in 1971. CPUs have come a considerable ways since then, but they continue to be a huge part of our everyday lives.

The Intel 4004 was originally created for a calculator, but it quickly led to technological leaps in computing. Many common products would not exist if it weren’t for the powerful CPUs born from the Intel 4004. These products include laptops, streetlights, and cell phones. The Intel 4004 quite literally grandfathered many modern technologies. Check out this article showing the evolution of technology thanks to the CPU.

We can’t say happy birthday to the Intel 4004 without mentioning the engineers responsible for its development. Federico Faggin led the planning and development of the Intel 4004 with Ted Hoff, and Stan Mazor. In this ever-changing world of technology we can lose sight of its humble origins. The Intel 4004 was no small player in this.

So take the time to appreciate the little microprocessor that grandfathered the technological world of today.

Terminal IT Support

Give Us a Call 617-731-6319 and Ask a Professional IT Support Technician Any Questions You May Have!

Free Online Space

Today’s personal web space for documents is getting a lot of attention.  For the most part, you can find the services for FREE!  There are a lot of services out there that offer a set amount of free data with low-cost, optional upgrade packages for more space.  Below are some examples of free services and space allowed with free accounts:

Google Documents - free with your free Google account; 1GB of free space

Dropbox - allows 2GB of free space for almost any file you can upload and it’s very easy to setup

Apples iCloud – offers 5GB of space and has a sync feature that most people will find unbelievable. iCloud can be setup for Mac and PC users with Apple devices and will sync all your files, folders, apps, pictures, and iTunes.  

Amazon.com - started a cloud service that also permits 5GB of free space that allows you to start using it right away if you have an Amazon account.

There are services that will give you up to 100GB for free, but it will come at a cost.  They will require you to give up 150GB of free space on your local drive.  Most are secure and it’s almost like a Share cloud; the way it works is you will house data that they add to your machine from somewhere in the world.  This is called RAID 96 and is becoming popular with those who prefer an offsite backup of their machine without having to pay the monthly cost of doing so.

Cloud is a computing, mobile technology that will only grow over time. I think with the next push of wireless devices, it’s evident that a copy of your documents online will become more and more useful to complete everyday tasks in a fast and sufficient way.  Having to rely on documents that are attached to one device seems so… well, attached. :)

Dennis Foote - Systems Engineer

Give Us a Call 617-731-6319 and Ask a Professional IT Support Technician Any Questions You May Have!

Setting up Remote Desktop on a Router

The first thing needed to set up Remote Desktop is to find your default gateway to access the routers GUI or interface. To do this, you will need to find the Run tool that is part of Microsoft Windows. For Windows XP, go to your Start menu and look on the bottom right side of the menu.  You should see the Run tool there. For Windows Vista and Windows 7, you can open the Windows menu and type Run in the search and it should come up to click on.

Once you have Run open, type CMD in the blank field and hit enter.

A black box called the command prompt should open with something like C:/Users/(name of your computer) Please type ipconfig  and you should see something like below. You should write down the Default Gateway and IPv4 Address, which is in BOLD below.

Ethernet adapter Local Area Connection:

 IPv4 Address. . . . . . . . . . . : 192.168.1.2

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

Now that you have your default gateway and IPv4 address, it’s time to close the command prompt and proceed with opening ports on your router to allow remote connections.

To do this, open an internet browser and in the address field type the Default Gateway (in my case, 192.168.1.1). This should prompt you for a user name and password. These can be found through manufactures' websites or with a bit of googling.  Cisco, a common router typically by default, has admin for a user name and admin as a password.

Once in the router you are going to look for port forwarding this is going to allow you to open ports and allow Remote Desktop through your router.  Once you find Port Forwarding, you will need to fill in some information. You should see a couple of boxes that say Port blank to Port blank. You will type 3389 in both boxes.  At the end of this string it will ask you what IP address you would like to open this port up to. Please enter the IP address that you wrote down earlier as the IPv4 address while looking up your ipconfig.  Click save and you’re done with the router part of the setup. 

Now all that’s left to do is to turn on Remote Desktop on your PC.  For this you will need to go to your computer's advanced settings. This can be found in Windows XP by right-clicking on My Computer and going to properties. Windows Vista and Windows 7 users will need to right click on Computer and go to properties and click on the Advanced System Settings.

Once in Properties, open the remote tab. You will have 3 choices to allow remote connections please choose that one that suites you best. Click Apply and OK. That should be it. You are now ready to remote into your computer. If you are away from home, you will need your public IP address.  While at home, this can be found by going to www.whatsmyip.com or www.ipchicken.com.  You will need this to get into your machine from off the network. If you are home, simply type in your IP address or the name of the computer from any other PC on your network. 

Some last few things: You will need to let Remote Desktop through your Windows firewall and or Anti-Virus. You can find these instructions with a little googling.  

Dennis Foote- System Engineer

Give Us a Call 617-731-6319 and Ask a Professional IT Support Technician Any Questions You May Have!

Locating Drivers

I do not usually endorse products, but when I come across one that is good and works well, I feel I should share the wealth.

The product is called Driver Genius, and that’s what it is! It is a driver locator software that I seem to use more and more.  I get a lot of reinstalls for computers and laptops.  Some of them come with good driver support and some do not.  Even the good ones get old. Windows 7 is good at finding a lot of drivers, but for the specific system board drivers or the hard-to-find drivers, it does not always find what you need.

Once you install Driver Genius and update the database, you just set it to scan and it will find everything you need.  I have used it on a bunch of machines at this point and it has not let me down, so check it out!

Kristen Hewes - Hardware Technician

Give Us a Call 617-731-6319 and Ask a Professional IT Support Technician Any Questions You May Have!

Don't Throw Disks Away!

This week, I want to talk about recovery disks. New computers usually come with recovery disks.  These are the disks that have a preloaded version of Windows on them.  (It is the version that came with the system when you bought it.)

I am guilty of this myself; I have been known to throw them out, thinking that I will not need them.  Please put them away somewhere - it does not matter as long as you can find them again.  I have often been asked by a customer to save their data from a failing hard drive only to find out that they do not have the recovery disks. This is a problem in 2 ways:

1. It slows down the repair of the computer. Unless you have a copy of Windows lying around, those disks are needed to get your new hard drive up and running again.
2. It will cost you more money. If your laptop is out of warranty, the manufacturer will charge you for recovery disks or you will have to buy another copy of Windows.

These disks usually have a bunch of bloatware on them and you do not have to install it all, but they also come with a full set of drivers for the machine.  This can cut down on the time needed to search for them, making the whole process just that much smoother.

Have a great weekend!

Kristen Hewes - Hardware Technician

Give Us a Call 617-731-6319 and Ask a Professional IT Support Technician Any Questions You May Have!