What Is A Firewall?

Article (PSA-0006)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: What Is A Firewall?
Original release date: October 15, 2017

What Is A Firewall?

The word firewall was borrowed from firefighting and fire prevention, where the word was used to indicate a barrier used to prevent the spread of fire. In network and computer security the “firewall” serves a similar purpose by providing a barrier between “trusted” and “untrusted” networks. A “trusted” network can be described as a controlled internal network, such as your home or business network. An “untrusted” network is an outside network which you do not control, such as the Internet.

A firewall can be hardware, software, or both.

How Does A Firewall Work?

A firewall monitors incoming and outgoing traffic and allows or blocks specific traffic based on a defined set of security rules. A firewall is used to help screen out hackers, viruses, and worms that try to reach your computer over the Internet.

At their most basic, firewalls work as a filter between your network and the Internet. You can configure your firewall so it knows what you want to allow in and what you want to allow out. Everything else is blocked.

There are several different methods firewalls use to filter out information, and some are used in combination. These methods work at different layers of a network, which determines how specific the filtering options can be.

Firewalls use one or more of three methods to control traffic flowing in and out of a network:

  1. Packet filtering – Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded.
  2. Proxy service – Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa.
  3. Stateful inspection – A newer method that doesn’t examine the contents of each packet but instead compares certain key parts of the packet to a database of trusted information. Information traveling from inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.

Do I Need A Firewall?

Yes. If you are using a computer and connecting to the internet with it, then you should have an active, up-to-date, firewall. If you are using a Microsoft Operating System you have a firewall already. It is called “Windows Firewall”, and can be configured to protect your computer. In most instances, the modem/gateway/router provided by your Internet Service Provider also functions as a hardware firewall, and can be configured by utilizing the provided web access interface.

If you are unsure if you have a firewall, or whether it is configured correctly – give us a call to set up an appointment to have a technician come out and make sure you do!

High availability – following the backup rule

Article (PSA-0005)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: High availability – following the backup rule
Original release date: September 23, 2017
Updated date: August 16, 2019

[High Availability is a characteristic of a system, which aims to ensure an agreed level of operational performance, usually uptime, for a higher than normal period. Modernization has resulted in an increased reliance on these systems. For example, hospitals and data centers require high availability of their systems to perform routine daily activities. Availability refers to the ability of the user community to obtain a service or good, access the system, whether to submit new work, update or alter existing work, or collect the results of previous work. If a user cannot access the system, it is – from the users point of view – unavailable. Generally, the term downtime is used to refer to periods when a system is unavailable.] – Wikipedia.org

Reliable backups are one of the foundations of “high availability”. Catastrophe can hit any business, no-matter how small or big you are, and catastrophe can come in many forms such as: hardware failure or “ransomware”. The more data lost, the greater the impact on your business. Part of getting your business back up and running after a disaster, is being able to restore operations to where they were before the problem occurred. Businesses who have learned the value of backups employ the 3-2-1-0 rule.

3: Maintain at least three copies of your data and applications. That’s the one copy you’re using and two backups. This way, if one of your backups is unavailable for any reason, you can still recover what you need in a reasonable amount of time.

2: Store your backups on at least two different types of media. One reason for this is each type of media has its own vulnerabilities, and you don’t want both of our backups susceptible to the same problem. By utilizing different media, you can reduce your exposure to the same incident preventing access to both of your backups.

1: Keep one of the backups in a different location. Consider a catastrophe at your business, such as a break-in, fire or natural disaster. If all of your backups are at the same location, they will all be affected. This can result in total data loss for your business.

0: Verify your recovery plan has zero errors. It is not uncommon for businesses to implement a backup plan but fail to verify it is performing as expected. Regular testing is critical to ensuring you can recover your business data and applications in the event of disaster.

It doesn’t matter if you are a business or home computer user, if you have anything on your computer that matters to you, it is your responsibility to make sure you have a backup plan in place. In my 20+ years of experience in the IT industry I have seen brand new hard drives fail within 90 days of purchase. I have seen years of family pictures vanish by accidental deletion and I have seen “un-tested” backups fail to restore important business files – files which everybody “thought” were being backed up.

How Antivirus and Antispyware Work

Article (PSA-0004)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: How Antivirus and Antispyware Work
Original release date: July 18, 2017

Both antivirus and antispyware software monitor your computer for potential threats.
If your computer is connected to the internet, you should have a functioning, properly licensed and updated antivirus and antispyware program. At a minimum the software you choose should offer “real-time” scanning, as well as “scheduled” scanning functionality.

“Real Time” scanning allows the software to continually scan files as they are downloaded to your computer, and will notify you if the file(s) you receive contain malware.

“Scheduled” scanning allows the software to scan all the existing files (or selected files) on your computer hard disk in a systematic effort to locate existing files that “look like” a virus.

  • For those of you using Microsoft Windows 7, Microsoft offers a free anti-virus product called Microsoft Security Essentials in 32-bit and 64-bit versions. It can be used by home users and small businesses with up to 10 computers. See Microsoft Software License Terms for more information.
  • For those of you using Microsoft Windows 8 or higher, Windows Defender comes integrated with the operating system and provides antivirus and antispyware protection.
  • Both Microsoft Security Essentials and Windows Defender come at no additional cost – there’s nothing to buy, no subscriptions and no nagware – yeah I know, awesome!

Most antivirus and antispyware tools can identify suspicious software based on a list of known threats called “definitions.” Definitions should be updated automatically by the software and new updates should be provided when new threats are discovered.

Preventing Infection with Antivirus and Antispyware Software

Antivirus and antispyware software are basic tools that no home or business should be without.

In short, a single antivirus program, a single antispyware program and a single configured firewall is adequate. Installing more than one of any of these programs can generate a few notable issues. Let’s take a few moments to look at the biggest issues.

  1. Each program running on your computer is using some of your system memory (RAM). The more programs running, the more RAM is used. When there is no more RAM available, your computer will begin to use your hard disk as a “type” of RAM. Hard disk access is not as fast as RAM access, and when your system has to start using the hard disk as RAM it greatly degrades the performance of your entire system.
  2. Having more than one of these programs running on your system can result in a software conflict. If both programs are scanning your computer for “malicious activity” there is a high probability they will see each other as “malicious activity” causing a software conflict. This particular problem can be extremely frustrating and can lead to the next very challenging side effect.
  3. Files necessary to the other scanning program can often be identified as “malicious”, and will be quarantined (made inaccessible) or removed, leaving the program corrupted. Trying to repair a program in this condition can be problematic to say the least.
  4. Finally, maintaining the licensing and updates for your programs can be time consuming and expensive. I am a firm believer that “less is better”.

What to Do if You Suspect Infection

There is no guaranteed way to keep malware out. Installing and using antivirus and antispyware software, along with a healthy dose of “common sense” is a good start. But what does it look like when these tools fail? And what can you do about it?

The following may indicate your computer is infected with malware:

  • Lots of pop-up windows or unexpected messages on your screen
  • Unexpected toolbars appear in your web browser
  • New icons or programs appear on your computer
  • Your web browser home page changes or you are redirected unexpectedly to unknown websites
  • Your computer suddenly seems slow, freezes, or crashes during regular use

If you suspect infection, you should:

  • Download the most recent definitions for your antivirus and antispyware software
  • Run a full scan using both tools (this will usually be much more in-depth and will take longer than the regular monitoring scans)
  • Follow the software’s instructions to remove suspected malware

If removing malware this way doesn’t work, or if the malware returns when you reboot your computer, you should seek professional help from a qualified computer service provider. There are a few qualified local service providers, but PSA, LLC offers a “no-fix, no-pay” work guarantee – most shops do not. Call us at (707) 506-6228 for service.

Conclusion

No home or business should be without malware protection. Antivirus software, along with a firewall, coupled with a healthy dose of common sense are the key components to protecting your computers and networks from malware.

IC3 Annual Report – 2016 Internet Crime Report

Dear Reader,

The FBI is the lead federal agency for investigating cyber attacks by criminals, overseas adversaries, and terrorists. With each passing day, cyber intrusions are becoming more sophisticated, dangerous, and common. We continue to transform and develop in order to address the persistent and evolving cyber threats we face.

The FBI’s Internet rime Complaint enter (IC3) provides the public with a trustworthy and convenient reporting mechanism to submit information concerning suspected Internet-facilitated criminal activity. The I3 also strengthens the FBI’s partnerships with our law enforcement and industry partners.

The 2016 Internet rime Report highlights the IC3’s efforts in monitoring trending scams such as Business Email Compromise (BEC), ransomware, tech support fraud, and extortion. In 2016, IC3 received a total of 298,728 complaints with reported losses in excess of $1.3 billion.

This past year, the top three crime types reported by victims were non-payment and nondelivery, personal data breach, and payment scams. The top three crime types by reported loss were BEC, romance and confidence fraud, and non-payment and non-delivery scams.

This year’s report features a section on the importance of law enforcement collaboration and partnerships with the private sector and Intelligence Community. For example, the FBI continues to expand Operation Wellspring (OWS), an initiative through which state and local law enforcement officers are embedded in, and trained by, FBI cyber task forces and serve as the primary case agents on Internet-facilitated criminal investigations. Overall, OWS task forces opened 37 investigations in 2016 and have worked 73 total investigations since OWS was launched in August 2013.

We hope this report will assist you as we work in partnership to protect our nation and combat cyber threats.

Scott S. Smith
Assistant Director
Cyber Division
Federal Bureau of Investigation

Read the full report here: https://www.ic3.gov/Media/PDF/AnnualReport/2016_IC3Report.pdf

Survey Response – Don Herriott

Don Herriott
Rio Dell, CA

1. What would you rate your technicians performance?
Excellent, Great, Okay, Bad

2. How quick was your order completed?
Very Fast, Fast, Okay, Slow

3. How do you feel about our prices?
Excellent, Great, Okay, Bad

4. How was your overall experience?
Excellent, Great, Okay, Bad

5. Would you recommend us to a friend?
Of Course, Maybe, Unsure, No

Review – Billy Joe did everything that we requested and then spent a long time explaining how to do functions on our computer.

Introduction to Malicious Software

Article (PSA-0003)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: Introduction to Malicious Software
Original release date: March 27, 2017

The Internet has become a dangerous place, and computer security threats are a very real concern for any organization or home that uses a computer. Symantec, a computer security provider, reported discovering more than 430 million new unique pieces of malware in 2015. That number is up 36% from the previous year. Kaspersky Lab, another computer security provider, reported close to 2 million registered notifications about attempted malware infections aimed at stealing money via online access to bank accounts.

So why is there so much malware, and what is the point? It really comes down to theft. Stealing, and selling your personal information, your banking and credit card information is a huge money making industry. These attackers not only steal your information, but once they have compromised your computer system, they can use it to attack others, and perform other illegal activities – masquerading as you!

Methods for infecting computers with malware are often quite sophisticated. Malware can spread through, what appear to be, legitimate files, links, or websites. What’s even worse is “attack toolkits,” can be downloaded for free or purchased from the internet making cybercrime easy and inexpensive to commit and can be perpetrated by relatively unsophisticated attackers.

It’s important for all computer users to have a basic understanding of these threats and to learn how to protect themselves. This series of short articles will provide an overview of malware threats, suggestions for infection prevention using antivirus, anti-spyware and firewall software, and steps to take if you suspect your computer is infected.

What Is Malware?
The word “malware” is a portmanteau, blended from the words “malicious” and “software.” It is most often used as a catchall term for computer related threats such as viruses, spyware, adware, and other software installed without a user’s consent or knowledge.

Malware can get into your system in a variety of ways. Here is a short, not exhaustive, list:

  • Infected email attachments
  • Infected removable storage such as portable “thumb-drives”
  • Downloaded software
  • Links in email, social media websites, or instant messages

Here are a few categories of malware, again, not exhaustive:

  • Viruses are a kind of self-replicating software that can slow down or cripple systems, and destroy or alter data.
  • Spyware is software that spies on computer users’ activity to steal passwords, online banking login credentials, and other personal information, typically by using a “keylogger”. A keylogger records the keys you press and sends it back to the attacker.
  • Adware displays annoying pop-up ads.
  • Scareware mimics a legitimate antivirus or anti-spyware service, saying a computer has been infected, then encouraging users to download (and pay for) a fake security solution. The downloaded software is usually spyware.
  • Ransomware encrypts files on a computer, making them inaccessible until a specified ransom is paid. More information on ransomware can be found in these two articles:
  • Botnets are networks of infected computers used for illegal activities, such as sending spam emails or “denial of service” attacks.

Do You Need to Worry About Malware?

So you may be thinking this all sounds scary, but does it really affect me at home or at my place of business? Yes! It is not just large companies or government organizations that need to protect themselves. Anybody, home user or business, can be a victim of malware if not properly protected.

If you are a business, your customers trust you with their personal information. If you are a home user you probably have precious family pictures or important documents stored on your computer. If you’re not taking steps to secure your data, including using antivirus, antispyware and firewall software, your information is not safe. Information security breaches can have major financial and legal consequences.

In the next article we will discuss how antivirus and antispyware software works.