You’ve Got Spam!

Article (PSA-0015)
Submitted by: Rebekah Long, Technician
Company: PSA Computer Services
Titled: You’ve Got Spam
Original release date: June 10, 2021

Getting spam is a hassle. No argument there, but what’s even worse than that?

Unknowingly sending it.

When fake, unverified, and potentially virus ridden emails go out with your email address, it can look bad. And not only do you look bad, but you also have to deal with the emails that bounce back due to dead addresses.

There’s one reassurance in all of this, your computer is not actually sending out spam, and your computer and IP address are still safe. Unfortunately, there is still some bad news.

If spam is being sent from your email address, your address has either been “spoofed” or “hijacked.” Either way the spam isn’t coming from your computer, and probably not from the bad actors computer either. It’s most likely being sent from someone’s “Malware-Infected” computer – and they probably don’t even know they’ve been hacked!

Spoofing an address is when someone sends email with your email address as the sender, even though they don’t actually have access to your email account.

Unfortunately, as of now, there is no way to prevent spoofing. Additionally, there is no way to know for sure who sent the spoofed emails and no way to stop it from happening.

Fortunately, these bad actors tend to change the email address’s they spoof often, and they will move on from your email address eventually. Your email service provider may administratively block your email address for a period of time when they notice the large amount of email being sent from your email account. If this happens, you will need to contact them to “unblock” your email address.

Hijacking can be much more devastating. In the case of a hijacking the criminal takes control of your email account. This includes them having the ability to read your email, and contacts list. They can then use this information to specifically target people in your contacts. A hijacker can also lock you out of your own email account by changing your password.

Thankfully, unlike spoofing, something can be done about hijacking.

If you can still receive email, try logging into your email account on another computer or by using your internet browser’s private mode. When the login fails, try the services “Forgot your password?” or “Need help?” link. The service will email you a password reset link. You will need to act fast and get the password reset email before the bad actor.

If that fails you’ll have to contact your email service provider and explain the problem. If you have access to the internet, then perform an internet search similar to “I can’t sign into my Gmail account” or “I can’t sign into my Outlook account” or the name of whatever email service you use. This should get you to a support page for your email service provider.

If you’ve been using the same password for other services – you should change those passwords immediately to stop the hacker from moving onto other services you use.

Once you have your email account back under control, don’t forget to email apologies to everyone who received spam from your email address.

Here are four things you can do to help prevent your accounts from being hacked in the future:

  • Use passwords that are 9 characters or more. Utilize upper and lowercase letters, numbers and a special character or two (if allowed).
  • Use different passwords for each different account (don’t be lazy, you’ll regret it later!)
  • If the account offers multi-factor authentication, use it.
  • Do not send passwords in emails …. ever!

If you’ve been hacked and need help give us a call.

What Is Dynamic DNS And How Can It Help Me?

Article (PSA-0014)
Submitted by: Billy Joe Long, Owner
Company: PSA Computer Services
Titled: What Is Dynamic DNS And How Can It Help Me?
Original release date: August 14, 2020

What Is Dynamic DNS And How Can It Help Me?

If you are going to be setting up a server to host a service which you plan on offering to the ‘outside world’ (external to your network), a problem you may run into revolves around your ISP (Internet Service Provider) providing you with a dynamic public IP address instead of a static public IP address.

Dynamic IP Addresses

A dynamic IP address is given to you for a designated amount of time. At the end of this designated time your ISP may give you a different IP address or reassign the same IP address to you again. This does not affect any services on your local network, and in most cases is completely transparent to you and your local network users. It does become a significant problem when you are offering external services, such as a website or hosting a game server for instance.

Static IP Addresses

A static IP address, as its name states, does not change. Static IP addresses geerally cost extra – if your ISP even offers the service.

What Is DNS? And Why Is It Necessary?

DNS stands for Domain Name System. Domain names are easier to remember than a bunch of numbers. For example, most people type google.com to visit the search engine instead of typing its IP address – 172.217.5.110. Another example is typing psa-2.com to visit the PSA Computer Services support website instead of typing its IP address – 23.235.214.21. Think of DNS like you would phone numbers stored on your phone. You typically look for a name when you want to make a call. It is the same principal – the name has a phone number associated with it. When you click the name to make a call, your phone converts that action to the phone number and completes your call. DNS services work in a similar fashion – it uses a name, such as psa-2.com, and associates the name with an IP address. When you type psa-2.com into your browser, it is converted to an IP address, and you are then connected to the service using the IP address.

The Dynamic IP Address Issue

This dynamic IP address provided to you by your ISP is a problem because your IP address is how external users can find your network and the service(s) you are hosting on the internet. You can think of your IP address as a street address. It tells people how to get to your webserver, game server or other service you are offering. If this address is constantly changing, then you you would need to contact your users and let them know what your current IP address is every time it changes, if you want them to have access to your hosted service. For most people or businesses hosting public services from their local networks, this is not feasible.

The Dynamic DNS Solution

This is where dynamic DNS comes in. Dynamic DNS is a service that you can setup directly on most routers or on a server directly using a dynamic DNS client application. A dynamic DNS provider, such as DynDns or NoIP, provides you with a custom domain name. The dynamic DNS service then associates your new custom domain name with your current dynamic IP address. Every time your dynamic IP address changes, the service updates your custom domain name with your new IP address. Now all you have to do to allow your users access to your public service is provide them with your custom domain name provided to you by your chosen dynamic DNS service provider. Every time your IP address changes the service will update your custom domain name with the new IP address, and your users will continue to have access to your service.

Problem Solved

If you would like more information about Dynamic DNS and what it can do for you or your business give us a call.

Remote work in the age of COVID-19

Article (PSA-0013)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: Remote work in the age of COVID-19
Original release date: May 13, 2020

Remote Work In The Age of COVID-19

What a strange time in world history. Who could have predicted the Wuhan Coronavirus (COVID-19) would close down the US economy? Because of this unforeseen event, many businesses have been taking precautions to reduce exposure and transmission among employees. Global business giants like Amazon and Twitter, as well as local businesses, are implementing precautions which include work travel bans, cancelling in-person meetings and conferences, and encouraging employees to work from home or “self-quarantine” until a vaccine or cure has been found.

With millions of people working from home for many weeks now, there has been a real need for remote desktop services, and video conferencing services to help keep businesses functioning, and to keep families and friends, who are separated by distance, connected.

There are quite a few companies and products that facilitate remote working. Zoom, Google Meet, and Microsoft Teams provide quality video-conferencing services, and TeamViewer and LogMeIn provide remote desktop services.

Working from home can be a real challenge, but with the right set of tools, a healthy dose of patience, and a solid internet connection, you can still connect with your colleagues and access your remote computers to accomplish the work you need to get done.

While working from home, keep these three ideas in mind:

  • Set time boundaries between work and personal time. Working from home can seriously blur the lines between work hours and personal hours. This constant connectivity, if not controlled, can lead to increases in your stress and anxiety levels. It can also make you a very distracted individual –
  • Get some exercise. Going for a walk around the block a couple of times a day can make a world of difference to your stress and anxiety levels. Remember to leave the phone at home –
  • Connect with another person. Take time to sit down and talk with someone in your home, without distractions, and you will feel better for it. If you live alone at home, this can be a little more difficult, considering the stay at home order, but you need contact, so on that walk you’ll be taking, if you see someone else, don’t be afraid to say, “Hi”.

I hope you and your families are well during this time. If you would like more information or have questions about how you can use remote services give us a call.

Windows 7 End of Life – What You Need to Know

Article (PSA-0012)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: Windows 7 End of Life – What You Need to Know
Original release date: October 30, 2019

Windows 7 End of Life – What You Need to Know

Microsoft will end support for the Windows 7 operating system on January 14, 2020. This includes all editions of the Windows 7 operating system: Starter, Home Basic, Home Premium, Professional, Enterprise and Ultimate. If you have not upgraded by January 14, 2020, you will be using an unsupported operating system.

You may wonder what Microsoft means by “ending support”. This means they will no longer provide support for laptops and desktops with Windows 7 installed. If you run into a bug in the operating system, Microsoft will not fix it – so don’t bother calling them.

An issue often overlooked when discussing the end of support for Windows 7, is the third-party application issue. Many software providers will not support their software if it is installed and running on an unsupported operating system. Additionally, some software you purchase may not install on Windows 7 at all. This will become more prevalent as time passes.

Additionally, Microsoft will stop patching Windows 7 with security updates. The patches provided by Microsoft for Windows 7 help keep the operating system secure, and as time passes the un-patched operating system will become more and more insecure and prone to compromise by hackers.

One bright spot on the horizon, if you choose to upgrade to Windows 10 from a properly licensed and activated copy of Windows 7, is that you may not need to pay for Windows 10. As of this writing, I am able to upgrade Windows 7 computers to Windows 10 and activate them with a valid and legal digital license at no cost other than the $100 flat rate I charge to perform the upgrade. That is a savings of approximately $140 – $200 per computer, depending on the edition you get.

If you need help upgrading your desktop, laptop or a whole organization give us a call.

Security Update – 2019

Article (PSA-0011)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: Security Update
Original release date: February 16, 2019

Security Update

“From the sudden spread of WannCry and Petya/NotPetya ransomware, to the swift growth in coinminers, 2017 provided us with another reminder that digital security threats can come from new and unexpected sources. With each passing year, not only has the sheer volume of threats increased, but the threat landscape has become more diverse, with attackers working harder to discover new avenues of attack and cover their tracks while doing so.” – Excerpt from Symantec 2018 Internet Security Threat Report (ISTR), volume 23, clarifications by Billy Long.

The Internet can be a dangerous and costly place. Network and computer security threats are a very real concern for businesses and home users alike. Symantec, the world’s leading cyber security company, reported an astounding 8,500% (yes, that’s correct eight thousand five hundred) increase in detections of coinminers on endpoint computers, a 92% increase in new downloader variants and an 80% increase in new malware on Macs.

Data and identity theft are a profitable sector, but that is not the only thing at risk in today’s Internet connected world. Your network connected device has processing power and that processing power has become a commodity to many “bad actors” who are diligently punching in to work each day.

These “attack teams” or “attack groups” are constantly developing methods for infecting devices and computers with malware for their own nefarious purposes. Malware can spread through, what appear to be, legitimate files, links or websites. What’s even worse is “attack toolkits,” can be downloaded for free or purchased from the Internet making cybercrime accessible and inexpensive to commit and allowing these crimes to be perpetrated by relatively unsophisticated attackers.

It’s important for all Internet users to have a basic understanding of these threats and to learn how to protect themselves. This article is the first in a series of articles which will provide an overview of malware threats, suggestions for infection prevention and steps to take if you suspect your computer is infected.

What Is Malware?

The word “malware” is a portmanteau, blended from the words “malicious” and “software.” It is most often used as a catchall term for computer related threats such as viruses, spyware, adware, and other software installed without a user’s consent or knowledge.

Malware can get into your system in a variety of ways. Here is short, non-exhaustive list:

  • Infected email attachments
  • Infected removable storage devices such as portable “thumb-drives”
  • Downloaded software
  • Links in email, social media websites, or instant messages

For more information on methods of attack and attack terminology, check out the “Threat Glossary” being compiled at the PSA Computer Services support website: https://psa-2.com/threat-glossary/

Do You Need to Worry About Malware?

So, you may be thinking this all sounds scary, but does it really affect me at home or at my small business? Yes! It is not just large companies or government organizations that need to protect themselves. Anybody can be a victim of cyber-crime if not properly protected.

If you are a business, your customers trust you with their information. If you’re a home-based user, you may have family pictures, important documents or business data stored on your computer. If you’re not taking appropriate steps to secure your network and data, your computer and information are not safe. Preliminary statistics indicate 1 in 3 people were hacked in 2018. Information security breaches can have major financial and legal consequences.

In the next article we will look at what network and computer protection is available to you and how to exercise common sense Internet usage to help reduce the probability of you or your business being compromised.

Directory Structure and File Name Conventions

Article (PSA-0010)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: Directory Structure and File Name Conventions
Original release date: October 19, 2018

Directory Structure and File Name Conventions

When storing data we, as responsible digital citizens, need to ensure our directory structures and file names are human readable and well organized. This ensures the digital information stored within your company (or home) can be retrieved efficiently and accurately. We start this discussion by looking at a few directory structure conventions and a usage example.

As with most things in life, consistency is critical. Organize directories in a way that makes sense within the context of your home or company, and then stick to it. It should make sense to anyone who happens to be working within the directory structure. For example, I work from a home based office, so my computer contains not only personal data (pictures, documents, ect), but also business data. The root of my storage directory structure clearly describes that distinction by providing two directories: ‘Personal’ and ‘Business’. Within the ‘Personal’ directory I have organized my personal digital life, and within the ‘Business’ directory I have organized my business digital life.

Once the initial directories were in place, I began to make more distinctions about the type of data the directory contained by using descriptive names and nesting related directories, where appropriate, in a hierarchical fashion.

Here is a simple example; let’s say you have hundreds (or more) pictures collected over many years. To efficiently organize these pictures, we first, create a ‘Pictures’ directory (one probably already exists on your computer). Then organize the pictures further by creating a year directory within the ‘Pictures’ directory, eg. 2018, 2019, ect. Then within each year directory you could include month directories, eg. JAN, FEB, ect. This directory structure can be as simple or complex as necessary. Personally, I adhere to the ‘keep it simple and consistent’ policy. Next, let’s take a look at ‘File Naming Conventions’.

A file name should be distinguishable among other files. Groups of files should be easily sorted for efficient reviewing and searching. File names should also be unique. Over time files can be moved and without the existing folder structure, important descriptive information about the contents of the file could be lost. Carefully consider whether your filename would be meaningful outside of your directory structure.

Here are guidelines I use consistently for file names within my company as well as at home:

  1. If the date the file was created is important, include it in the filename. If you are going to use the date, be sure to pick a date format and stick to it consistently. I like to use the MMDDYY format (two digit month, two digit day, two digit year.)
  2. If the file is related to a project, consider using an abbreviation of the project name as part of the file name.
  3. If the file is part of a multi-organizational effort, consider using your organizations initials in the name. Be sure your initials are unique among the other involved organizations.
  4. If there will be multiple versions of the file, consider using a ‘zero padded’ numbering system as part of the name. You will need to make an educated guess as to how many versions there may be, and pad the version number appropriately. At a minimum, I pad file versions with two zeros, eg. 001, 002, ect.

Finally, here is a list of the “Do’s and Don’ts” of file naming.

  1. Don’t use spaces and punctuation, except for the hyphen and underscore.
  2. Do use underscore or “camelCase” between file name elements, eg. my_data_file.txt or myDataFile.txt . Neither approach is better – but whichever one you pick, stick to it!
  3. Don’t use spaces, tabs, semicolons or periods in your filename.
  4. Do try to keep the file name to a maximum of 25 characters in length if possible.

A well thought out directory structure coupled with an equally well thought out file naming convention makes searching and sorting information a very straightforward task. If you work at a company, be sure to check and see if they have employee guidelines to directory and file naming conventions … they really should! One day we will retire, will the guy or gal replacing us be able to find anything efficiently? It’s really up to us.

Introduction to Virtual Private Network (VPN)

Article (PSA-0009)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: Introduction to Virtual Private Network (VPN)
Original release date: July 17, 2018

Introduction to Virtual Private Network (VPN)

A VPN provides a secure way of connecting to a remote network over a public network (the Internet). This remote network is typically a private network, such as your workplace or home network. A “tunnel” is created through the public network to your private network at the other end. All network traffic through this tunnel is encrypted to ensure it is kept secure and private.

What can you do with VPN?

With a VPN you are able to do a number of things you wouldn’t otherwise be able to do with a standard network connection. For example:

  • Network Security & Privacy: All network traffic through your VPN connection is encrypted and therefore secure. This allows you to use public networks (motels, coffee shops, etc.) knowing your network traffic is safe and secure. Without VPN it is relatively easy for other people to view your network traffic, see what you are doing online, and possibly steal your information and login details.
  • Access Your Workplace/Home Remotely: You can connect to your workplace/home VPN and have access as if you were physically in the office/house. You can then do things like access file servers, computers, databases, email, internal webpages, and other services you might not have access to outside of your work network.
  • Access Restricted Content: By connecting to a VPN server in another location you can make it appear to websites, using geolocation, that you are physically in the correct location for access. So when you’re travelling overseas you can still view websites you would normally use at home, such as television, movie and music streaming websites.
  • Avoid Censorship: VPN allows you to bypass censorship and access websites and services which may otherwise be blocked. Some countries impose censorship on Internet access while in that country, and a VPN provides a way to still maintain access to the services you would normally use.
  •  
    How does VPN work?

    A typical VPN consists of two components: a VPN client and a VPN server.

    A VPN client is software that allows you to connect your computer to a VPN server and establish a VPN connection. It is installed on your computer and communicates with the VPN server to create a secure link for your network traffic. The VPN Client is what you use to control the VPN connection. A VPN server is setup at the location you want to connect to, such as at a workplace or at home. A VPN server performs authentication to ensure only registered users can connect to the VPN.

    All network traffic through the tunnel created between the VPN client and the VPN server is encrypted to keep it private and secure.

    Should you use VPN?

    Even if you have no need to be able to access a private network remotely, a VPN is vital to ensure the security and privacy of your network traffic.

    Public networks, and in particular public wireless networks, provide an easy way for hackers and malicious users to listen in (“sniff”) on your network usage. This may allow them to see what web pages you are viewing, steal username and passwords, steal session information to be able to log into sites as you, and extract other private data. In addition, skilled hackers may perform a “man in the middle” attack. This allows them to not only monitor in depth your network traffic, but also alter your traffic or inject their own traffic in an attempt to fool a user into revealing important data.

    Using a VPN protects you from such attacks.

    If you are thinking about utilizing VPN services, I would encourage you to contact your IT guy (or gal) for their input. “There is wisdom in a multitude of counselors”.

    Introduction to Proxy Servers

    Article (PSA-0008)
    Submitted by: Billy Joe Long
    Company: PSA Computer Services
    Titled: Introduction to Proxy Servers
    Original release date: April 17, 2018

    Introduction to Proxy Servers

    You may not know it, but every time you visit a website or connect with someone online, your internet connection gives your “computer address” to the site or person you’re connecting with.

    This is done so the site or person knows how to get the requested information back to your computer. This “computer address” is technically known as your public Internet Protocol address or simply your “public IP address”.

    Without a public IP address, you wouldn’t be able to do any online activity and other people and services online wouldn’t be able to reach you either. IP addresses are how the online world connects to one another.

    Where does your IP address come from?

    Your public IP address comes from your Internet Service Provider or ISP. In our area the most common ISP’s are Suddenlink, AT&T, 101Netlink, or Frontiernet. Whoever you pay for Internet service is responsible for assigning your public IP address, as well as for your Internet connection. Your smart device also uses an IP address when you’re browsing the web or using an app.

    Most of us are happy to ignore the details of how all of this Internet stuff works, but there are a few concepts and security concerns about public IP addresses that we should be aware of as responsible Internet citizens. For example:

  • Your IP address identifies where you are in the world.
  • It links your name and home address to your IP address. Your name and information are used to purchase the Internet service, and the service provider gives you your public IP address thereby creating a direct link to you.

  • Many people are not comfortable with their personal information being so readily available on the Internet. If it bothers you as well, there are a few things you can do to make it more difficult to directly link your public IP to your other personal information. A solid first step is to use a proxy service or proxy server.

    So what is a “proxy server”?

    The word proxy means “substitute.” In computer networks, a proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. It works like this: a client (you) are using a web browser to visit the psa-2.com support website, and your browser is setup to use a proxy server. After you type psa-2.com into your browser address bar, the request is sent to the proxy server. The proxy server then sends the request on to my server where psa-2.com is hosted. The homepage of my website is returned to the proxy server which then returns my homepage to your browser for viewing. This results in my website seeing the proxy server as the visitor, not you.

    What Are The Benefits?

    Now that you know the basics of how a proxy service or proxy server works, let’s see what the benefits are for you.

    Proxy servers can hide your IP address (if they are set to do this), can send a different user agent so that your browser is not identified and can block cookies or accept them but not pass them to your PC or device. Therefore, when using a proxy server, you can be a lot more anonymous than when using a direct connection to the Internet.

    Proxy servers may also have a role in improving security, especially when used in business networks. They can be set to block access to malicious websites that distribute malware and they can also provide encryption services so that your data is not easily mined by third-parties.

    Fair Warning

    Using proxy servers is not all about benefits and good stuff. They can pose problems as well, such as:

  • When using unencrypted connections, the proxy server can alter the responses you receive, both in good and bad ways. For example, an infected or malicious proxy server can be used to load malware into your browser or redirect you to a phishing website.
  • A proxy can alter the requests you make to a website or service on the Internet to generate results that meet someone else’s intentions.
  • A proxy server monitors and logs your activity. Therefore, it stores lots of information about you that can be used for identification at a later date.
  • Depending on how it was configured, a proxy server can provide unencrypted data where encrypted data was previously provided by the website or service you are using. This can expose you to network sniffing and having others monitor what you are doing on the Internet.

  • Conclusion

    As you can see, proxy servers can be very beneficial, but if not careful, they can also be problematic. It all depends on how they are configured, how they are secured and by whom they are administered. A proxy server may provide all the benefits mentioned above or none of them. It all depends on how it was set up and why it was set up.

    If you are thinking about utilizing a proxy service or proxy server, I would encourage you to contact your IT guy (or gal) for their input. “There is wisdom in a multitude of counselors”.

    What Are Managed Services

    Article (PSA-0007)
    Submitted by: Billy Joe Long
    Company: PSA Computer Services
    Titled: What Are Managed Services?
    Original release date: January 15, 2018

    What Are Managed Services?

    Managed services allow business managers/owners to offload specific IT operations to a service provider. This service provider is known as a Managed Services Provider. The managed service provider assumes ongoing responsibility for monitoring and managing designated equipment and resolving technical problems for selected IT systems and equipment on your behalf.

    Managed services providers can offer services such as alerts, security, patch management, data backup and recovery for different client devices: desktops, notebooks, servers, storage systems, networks and applications. Offloading routine infrastructure management to an experienced managed services professional lets you concentrate on running your business, with fewer interruptions due to IT issues.

    Managed services providers usually price their services on a subscription basis. Depending on the services they provide, pricing is usually based on the number of devices, with different packages priced at different levels. Some provide customer support onsite when required.

    Basic services often start with a monitoring service, which notifies you of problems, which you resolve on your own. At the upper end of the spectrum, service providers offer fully managed services that cover everything from alerts through problem resolution.

    Typically they perform an initial assessment of your current IT environment and management requirements to help you decide what services and service levels you need.

    Does My Small Business Need Managed Services?

    Just like larger companies, small businesses need technology to operate efficiently and to compete effectively. But as reliance on IT grows, the resources to support an increasingly complex IT environment may not. In many small businesses, IT resources are scarce, and can be quickly overwhelmed with the day-to-day responsibilities of keeping the IT infrastructure that the business depends on up and running.

    If you fall behind in keeping up with things such as backups, patches and security, the odds are that you’ll face an IT outage or another problem down the road that will negatively impact your business. For instance, if your e-mail server, customer relationship management system, financial application or network goes down unexpectedly, you face substantial productivity and revenue losses as a result.

    MSPs act as an extension of your IT department, taking care of routine IT infrastructure monitoring and management around the clock—freeing up your IT staff to focus on higher-value projects. By proactively monitoring and maintaining your systems, an MSP can help you avoid many technology problems in the first place. Should an issue occur, an experienced MSP can troubleshoot and resolve it more efficiently.

    Unlike traditional outsourcing situations, where you surrender complete control of your IT assets, you decide what you want the service provider to take care of, and what you want to handle. You retain full visibility into the process and management of your systems. In addition, the MSP subscription model gives you more expense predictability than a consultant-type time and billing model.

    MSP Considerations?

    With so many different types of MSPs and offerings, the MSP label can be a confusing one. So, when considering managed services, think first about your requirements. How satisfied you are with the level and quality of support that you have today? Where are the gaps, pain points and inefficiencies in IT infrastructure management? How do downtime, outages and other problems impact your business?

    With these requirements top of mind, evaluate MSPs that map to your IT, business and budget requirements and provide a flexible, proactive approach that can adapt with you as your needs evolve.

    If you need a Managed Service Provider or need more information on the subject – call PSA Computer Services at (707) 601-1408 to set up an appointment to get a quote.

    What Is A Firewall?

    Article (PSA-0006)
    Submitted by: Billy Joe Long
    Company: PSA Computer Services
    Titled: What Is A Firewall?
    Original release date: October 15, 2017

    What Is A Firewall?

    The word firewall was borrowed from firefighting and fire prevention, where the word was used to indicate a barrier used to prevent the spread of fire. In network and computer security the “firewall” serves a similar purpose by providing a barrier between “trusted” and “untrusted” networks. A “trusted” network can be described as a controlled internal network, such as your home or business network. An “untrusted” network is an outside network which you do not control, such as the Internet.

    A firewall can be hardware, software, or both.

    How Does A Firewall Work?

    A firewall monitors incoming and outgoing traffic and allows or blocks specific traffic based on a defined set of security rules. A firewall is used to help screen out hackers, viruses, and worms that try to reach your computer over the Internet.

    At their most basic, firewalls work as a filter between your network and the Internet. You can configure your firewall so it knows what you want to allow in and what you want to allow out. Everything else is blocked.

    There are several different methods firewalls use to filter out information, and some are used in combination. These methods work at different layers of a network, which determines how specific the filtering options can be.

    Firewalls use one or more of three methods to control traffic flowing in and out of a network:

    1. Packet filtering – Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded.
    2. Proxy service – Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa.
    3. Stateful inspection – A newer method that doesn’t examine the contents of each packet but instead compares certain key parts of the packet to a database of trusted information. Information traveling from inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.

    Do I Need A Firewall?

    Yes. If you are using a computer and connecting to the internet with it, then you should have an active, up-to-date, firewall. If you are using a Microsoft Operating System you have a firewall already. It is called “Windows Firewall”, and can be configured to protect your computer. In most instances, the modem/gateway/router provided by your Internet Service Provider also functions as a hardware firewall, and can be configured by utilizing the provided web access interface.

    If you are unsure if you have a firewall, or whether it is configured correctly – give us a call to set up an appointment to have a technician come out and make sure you do!