Loading ...

Category: Servers

Anatomy of a Breach

Read an amazing article published by Microsoft detailing the roadmap a hacker uses to breach a computer network. You can read the full article here:

https://cloud-platform-assets.azurewebsites.net/anatomy-of-a-breach/

Summary of a Breach

Phase 1: Break-In: Hackers are still using phishing emails, bad passwords, social media links, and poorly patched systems to make their way in with the initial infection. Employee training is the first step towards preventing breaches for 9 out of 10 companies now (and it is included in the price for all our monthly clients).

Phase 2: The Inside Man: Once inside the hacker will scan the network for further vulnerable systems, employees with more access rights than they need, and systems that allow access into other parts of the network. Having systems in place that detect strange or malicious activity are key to stopping an infection in its tracks.

Phase 3: Spread Out: This is where the hacker has all the access they need and start to find the data that is worth selling. Hackers will usually start moving data to places it doesn’t belong on the network then downloading it to their computers for resell. This is where strong access policies that are clearly defined and enforced make the greatest impact to protect sensitive data. 

Phase 4: The Long Con: Once a hacker has taken all they need for the short term payout, they will setup remote access back doors to allow for future access whenever they want to. It almost pays to assume that a breach has already occurred and continually scan the network for these kinds of activity to catch the hackers in the act.

Take the time to read this article, it is a wake-up call on security.

If you would like to learn more about creating an effective cyber defense strategy and mitigating risk, then contact us for assistance.

Is the power out again?

Power Outage - Grants Pass, OR

It seems lately that the power company in the area has not been able to offer consistent service power to the city. This has left many businesses down without the technology they need to operate properly. These power outages cause data loss and damage computer components.

My own unexpected outage

Once upon a time, about two weeks ago, the unexpected happened at our offices. A semi-truck carrying a large backhoe on a trailer drove between two buildings in the area. The landlord had wired power between buildings and the truck driver did not lower the arm of the backhoe low enough. Sure enough the wire was snagged by the backhoe’s arm and pulled from the building. Needless to say the power was out to that part of the building until the landlord took care of the matter.

What can be done?

Farmhouse Networking recommends that all business workstations, servers, and networking equipment be protected by an uninterruptible power source aka UPS or battery backup. When the power goes out the right size battery backup will keeps things running for about 15-30 minutes to allow the last touches to be added to whatever was being worked on and things to be shutdown gracefully.

If your company is looking to better protect itself against power outages, then contact us for assistance.

 

Celebrating 3 Years of Serving Grants Pass

3 years in business

It is official – the month of September marks three years in business for Farmhouse Networking. We have been truly blessed by God to have been able to serve the Grants Pass and surrounding business communities by providing exceptional IT managed services. We look forward to many more years of giving you the highest level of support possible so that you can focus on getting business done. With this anniversary we plan on rolling out some enhancements to our monthly service offerings:

Enhanced Monthly Maintenance


Standard Maintenance: For those who are not current managed clients, these basics have always been a part of our service offering:

  • 5-year Technology Plan & Budget
  • Full Network Inventory
  • Hard Disk Checkups (Bi-Monthly)
  • Hard Disk Defragmentation (Monthly)
  • Temporary File Cleaning (Weekly)
  • Anti-Virus Software (Constant Monitoring)
  • Operating System Updates (Weekly)
  • Error Log Monitoring (Constant Monitoring)
  • Power Settings Management (Constant Monitoring)
  • Windows Services (Constant Monitoring)

Continued Improvements: Over the past 3 years we have also added the following features to our service at no additional costs:

  • Ticketing System Portal
  • Email Support to Create Tickets
  • Security Incident Response Plan
  • Vendor Information Tracking
  • Third-Party Software Updates (Monthly on Firefox, Chrome, Acrobat Reader, ….)
  • Email Blacklist Checking (Daily)
  • Warranty Checking (Monthly on All Major Brands)
  • Operating System Intrusion Detection (Constant Monitoring)
  • Support for MacOS & Linux (Constant Monitoring)
  • Server Applications (Constant Monitoring)
  • Hardware Events (Constant Monitoring)

Enhancements to Come: In September, we will be adding these new exciting features to our service:

  • DNS filtering – this will further protect your network from external threats by stopping accidental surfing to malicious sites. It also can increase productivity and network speeds by limiting wasteful frivolous surfing during company time.
  • Dark Web Scan – Each monthly client will have the “Dark Web” scanned to see if any email addresses connected to the company have been involved in a previous password breach.
  • Weekly Security Newsletter – Farmhouse Networking is partnering with a national security non-profit to deliver up-to-date news and information about how to stay safe online. These weekly newsletters will be packed with valuable information and delivered to everyone in your organization.

As our service offering has expanded, we have deepened our ability to monitor our customers networks to proactively respond to alerts before they become problems. We have continued to add levels of protection to make sure that our clients systems are safe from the ever-expanding list of threats. All this has been done at no additional cost, despite inflation, up to this point. To continue offering this high level of service, Farmhouse Networking is making a couple small changes to its prices that will be effective September 1st, 2018.

  • Monthly Maintenance Clients – our services are based on a per device basis and the cost per workstation will be $25 per month for remote maintenance and $50 per month for full service maintenance. All other prices will remain the same for every other device on the network. This will only effect clients whose contracts are renewing after September 1st, 2018 – any renewed before that will keep their prices the same for the next 12-month term.
  • Small Business Clients – those who do not have a server and have less than 5 workstations, our hourly rate will be $80 per hour for on-site service and $40 per hour for remote service (billed in 15-minute increments). That is only $10 more for on-site support and $5 more for remote support.
  • Standard to Medium Clients – those with a server or more than 5 workstations, our hourly rate will be $120 per hour for on-site service and $60 per hour for remote service (billed in 15-minute increments). That is only $10 more for on-site support and $5 more for remote support.
  • Tier-3 Clients – those technology companies that utilize our advanced expertise to better serve their clients, our hourly rate will be $40 per hour for remote service (billed in 15-minute increments). That is only $5 more for remote support.
  • Charity Clients – those non-profits that pay for support, our hourly rate will remain at $70 per hour for on-site service and $35 per hour for remote service (billed in 15-minute increments).

For all our monthly maintenance clients, we will be calling to schedule our semi-annual meeting to check-in with you during the month of September. At that time we will be performing another network inventory to insure that all network assets are covered properly under your current contract. We cannot thank all our clients enough for your continued use of our IT services. We look forward to continuing to serve you.

Know the state of your flocks,
and put your heart into caring for your herds,
for riches don’t last forever,
and the crown might not be passed to the next generation.
After the hay is harvested and the new crop appears
and the mountain grasses are gathered in,
your sheep will provide wool for clothing,
and your goats will provide the price of a field.
And you will have enough goats’ milk for yourself,
your family, and your servant girls.
Proverbs 27:23-27

Are You in Need of Technical Help?

broken internet - Grants Pass, OR

We have a bench of Tier 3 engineers ready that have been trained in industry best practices, compliance and are comfortable supporting your network and computers.

Put an End to Stressful Computer Support

By utilizing one of our industry trained Helpdesk Specialists, you can free your employees from wasting time on computer support tasks.

Our Helpdesk Specialists are capable – but not limited to – the following tasks:

  • Desktop operating system maintenance, troubleshooting, and diagnosis
  • Desktop connectivity troubleshooting
  • Network systems maintenance, troubleshooting, and diagnosis
  • Network connectivity troubleshooting
  • Server operating system maintenance, troubleshooting, and diagnosis
  • Server connectivity troubleshooting
  • Application installation and support
  • Client VPN installation and support
  • Microsoft Office Suite & Google G-Suite support
  • Security & access management
  • Anti-malware administration and resolution

Learn more about the benefits of our Dedicated Remote Support Solutions here.

Simple Lightweight File Sync – Backvp2

backvp2 - Grants Pass, OR

Simple Lightweight File Sync – Backvp2

Not sure if you have seen the same but it seems that techs who do server replacement work are using Distributed File System (DFS) to sync the file shares between two servers. This is overkill in my opinion and I recently found a simple lightweight file sync tool called Backvp2 from Switzerland. Now I setup similar shares on the new server then run this software from the new server. Configuring the target and destination are super easy and the syncing happens flawlessly. If there are issues with sync it has handy error codes that made troubleshooting file permission issues simple in a recent migration. I highly recommend it for all techs.

Network Drives Disconnect

Network Drive Disconnected - Grants Pass, OR

Had a client that repeatedly had troubles with network drives disconnect happening randomly. I did explain that this would happen normally if they kept their workstations logged into the server, but they did not want to change their habits. I performed the usual registry fixes on the workstations and the server, but these did not seem to work. Finally I got to look at the error and figured out the Group Policy Object that was causing the problem.

Usual Registry Fix:

The default method for this is to edit the registry as follows on both and run a command on the server to lengthen the disconnect time on the workstations and disable disconnect on the server.

Workstations:

  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate and then click the following key in the registry:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters
  3. In the right pane, click the KeepConn value, and then on the Edit menu, click Modify. If the KeepConn value does not exist, follow these steps:
    1. On the Edit menu, point to New, and then click REG_DWORD.
    2. Type KeepConn, and then press ENTER.
  4. On the Edit menu, click Modify.
  5. Click Hexadecimal.
  6. In the Value data box, type ffff, and then click OK.

Server:

  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate and then click the following key in the registry:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters
  3. In the right pane, click the autodisconnect value, and then on the Edit menu, click Modify. If the autodisconnect value does not exist, follow these steps:
    1. On the Edit menu, point to New, and then click REG_DWORD.
    2. Type autodisconnect, and then press ENTER.
  4. On the Edit menu, click Modify.
  5. Click Decimal.
  6. In the Value data box, type 0, and then click OK.

Finally the following command should also be run:

net config server /autodisconnect:-1

Kerberos Policy - Maximum lifetime for user ticket

Group Policy Object Fix:

Even though I changed the systems as above, it still disconnected regularly. The clients were getting this message when disconnected -“The system has detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you.” Some research found that Windows Small Business Server created a Group Policy Object that by default times out authentication to the server after 10 hours. Here is how I changed it:

  1. Open Group Policy Management
  2. Look for Default Domain Policy
  3. Click on the Settings tab and then Show All
  4. Under Account Policies/Kerberos Policy look for Maximum lifetime for user ticket which by default was 10 hours.
  5. Right click on the policy and choose Edit
  6. Dig down to Computer Configuration > Windows Settings > Security Settings > Account Policies > Kerberos Policy
  7. Change the Maximum lifetime for user ticket to 100 hours (>4 days)
  8. Change the Maximum lifetime for user ticket renewal to 4 days

This combination will keep the ticket lifetime timeout longer than the time for renewal which will cause the renewal to happen before the timeout. Problem solved.

If your company is having issues with Network Drive Disconnect, then contact us for assistance.

 

 

Synology Active Directory Server

Synology Active Directory Server - Grants Pass, OR

Recently provided some assistance to a local IT company that exclusively uses Synology devices instead of servers for their clients. They approached us to create Group Policy objects based on this new feature of the Synology. The Synology Active Directory Server app is based on the Samba 4 Protocol, here are some details of available features:

  • Support for Windows RSAT
  • Support for TLS domain controller certification
  • Support for custom NetBIOS domain names
  • DNS auto registration
  • Support for single domain controllers

Account & Privileges

  • Group membership and policies
  • Roaming user profiles
  • Account single sign-on
  • Home folder support

Security & Access Control

  • Kerberos-based authentication
  • Password reset via email
  • Password strength policies
  • Account lockout policies

Domain Clients

  • Microsoft Windows 7 and above
  • Linux

Take Aways

Here are some basic take-aways from our experience creating these Group Policy Objects (GPO) on the Synology Active Directory Server.

  1. Need to install Remote Server Administration Tools (RSAT) on the most up-to-date desktop or server OS version in the organization to allow for best compatibility with all earlier OSs when creating GPOs
  2. Need to modify Synology Active Directory Server control panel Domain Options to allow Domain Admins to have admin access – without this you will get Access Denied every time a GPO is attempted to be added
  3. Windows Servers, Active Directory and domains are not dead, they are just becoming a “Container” which makes them much cheaper for small businesses to adopt.

If your company is utilizing a Synology Network Attached Storage device and would like the functionality of an Active Directory domain, then contact us for assistance.

The Latest Technology, No Upfront Costs

Technology as a Service - Grants Pass, OR

Technology As A Service (TaaS)

Access to the latest technology your way.

FLEXIBLE, SIMPLE AND COST EFFECTIVE.

Technology as a Service [TaaS] enables organizations to procure the latest hardware, software, and services, without the expense of a large, upfront purchase. With TaaS, it’s easy to configure and deploy an all-inclusive solution to meet all of your needs, for a single monthly payment.

Orders can be fulfilled from a wide variety of new or refurbished equipment, and can include cloud software, services, and tech support – all in one monthly invoice.

Realize lower total cost of ownership [TCO] with payments spread out over time, while still enjoying the latest technology to meet the business needs of today.

Once a contract is up, the equipment can be returned or purchased at a reduced rate. Or, you can simply extend the contract – in some cases, month-to-month.

WHY TAAS?

  • Simple–Experts help to make product selections.
  • Variety–Choose from a wide range of hardware, software and services
  • Flexible–Ability to choose short-term rentals provides maximum flexibility

BENEFITS:

  • Upgrade to newer, faster equipment at the end of the contract
  • Easier to budget expenses more effectively with a recurring monthly invoice
  • No up-front capital expenditures means lower TCO over time
  • More flexible financing options so you can tailor your payments
  • Easier to implement hardware initiatives as needed without waiting for funding
  • Reduce the risks associated with owning the technology

If your company is looking to upgrade to the latest technology or just doing a hardware refresh, then contact us for assistance.

Is Email Down Again?

Email Down

While troubleshooting an email encryption issue after a WHM / cPanel web server migration, my thoughts turned to email down time and what it is worth to a small business. This is the core concept behind business continuity – “Business continuity encompasses planning and preparation to ensure that an organization can continue to operate in case of serious incidents or disasters and is able to recover to an operational state within a reasonably short period.” (Wikipedia) The best way to recover from a disaster is to have planned in advance for the eventuality and have systems in place that provide redundancy when the incident occurs. When it comes to business email continuity only one name comes to mind:

Microsoft Office 365

Guaranteed UptimeMicrosoft provides a Service Level Agreement (SLA) that financially backs their services based on a guaranteed amount of uptime per month. If service is down for more than 45 minutes (99.9% uptime) in a month then a 25% credit will be given, if service is down for more than 7 hours (99% uptime) in a month then a 50% credit will be given, and if for some reason they are down for more than 36 hours (95% uptime) in a month then a 100% credit will be given. Considering the literal billions of users of their products, having to give away credits for downtime would seriously cost Microsoft so it is in their favor to keep the services flowing.

Geographic Redundancy – Microsoft has Office 365 data copied to servers in no less than 8 datacenters around the United States including one nearby in Washington. This means that a hardware failure or lost data in one center will not effect the other 7 datacenters – email will continue to be routed through the others until services can be restored to the one. With redundancy like that there should be no worries about downtime or data loss.

Unparalleled Support – Office 365 email is running on Microsoft Exchange being administered and supported by the people who created it. There is nothing like going to the creator of something to talk to them when there is a problem. They have the breadth of experience that comes from using their own products for the past 20 years. This level of knowledge is unparalleled in the industry and it shows in the quality of service and support that is received. 

If your company needs the best in class reliability and service that comes from switching to Office 365, then contact us for assistance.

Categories

Plant a Seed 541-761-9549
233 Rogue River Hwy #873 Grants Pass, OR 97527
Mon-Fri: 9:00am-5:00pm
support@farmhousenetworking.com
© 2016-2018 - Farmhouse Networking. All rights reserved
Terms and Conditions Privacy Policy

Evaluation Signup

Something went wrong, try refreshing and submitting the form again.