Effective August 22, 2017, Code42 will no longer offer new – or renew – CrashPlan for Home subscriptions, and we will begin to sunset the product over several months. CrashPlan for Home will no longer be available for use starting October 23, 2018.
What alternatives exist?
CrashPlan itself is suggesting that customers move to Carbonite for their personal computer backups. In order to get the same great combination of onsite & offsite backup that CrashPlan users are used to, Farmhouse Networking recommends using Plus package that includes the backup to an external drive. This package is on sale for $25 off the normal yearly cost. Small businesses with only one computer will also find this package to be the most secure way of backing up their important files for the least out-of-pocket costs.
If your business has more than one computer or a server, Farmhouse Networking recommends upgrading to a full business class Backup & Disaster Recovery (BDR) solution with Synology. This provides both the speed of on-site recovery with the resilience of off-site recovery via the cloud. On-site recovery is much simpler with this BDR solution as the device becomes a copy of the main computer or server in the case of failure. This takes recovery time down to minutes instead of days.
If your company is using CrashPlan for backups and are not ready for the move, then contact us for assistance.
Any Human Resources department manager will attest to the need for an Acceptable Use Policy as part of the Employee Handbook. It should clearly state the proper use of business-owned workstations and what traffic is allowed on the company network. Monitoring this policy is next to impossible for small businesses, yet ignoring it leads to infections, security breaches, and huge losses to the bottom line by wasted employee productivity. How does a company stay safe from the big, bad Internet?
Policy Creation
This may sound boring, but before any monitoring and enforcement can take place legally, there must be a clearly defined policy in place with consequences for violations. This policy must be signed by each employee. Only when signed policies are in each employee’s file, can measures can be taken to monitor and enforce the new written policy.
No Administrator Access
There is no reason for the average employee to need Administrator access to a workstation once it is setup properly for business use. Most employees do not need to install any software or make any major setting changes without first consulting management and/or network support personnel. Software and operating system updates should also be handled by network support personnel or by an automated process. Installation of additional hardware should be cleared with management and implemented by network support personnel. Workstations are a company-owned tool to be used by the employee only for the best interests of the company, not for personal file storage or entertainment purposes.
DNS Filtering
The Internet is an invaluable tool for business purposes. There are, however, many threats out there, and the common user has no idea how to avoid them. There are also innumerable distractions ranging from time wasters to those that are downright illegal. DNS Filtering inspects every internet request against a database of known sites and blocks bad traffic before it goes anywhere on the internet. This keeps your internal network assets safe from malicious sites and content that is inappropriate for business or bad for productivity. This is accomplished without interrupting or slowing down the normal flow of good traffic around the Internet.
If your company is looking to add layers of security to your network or increase productivity by limiting Internet time wasters, then contact us for assistance.
In the latest dump of purportedly top secret CIA cyber exploits from WikiLeaks, dubbed “Vault 7”, there is evidence of a home router firmware modification called Cherry Blossom. (The CIA has never publicly acknowledged the programs nor the leaked Vault 7 documents.)
What is Cherry Blossom?
“The Cherry Blossom (CB) system provides a means of monitoring the Internet activity of and performing software exploits on targets of interest,” the WikiLeaks documents state. “In particular, CB is focused on compromising wireless networking devices, such as wireless (802.11) routers and access points…to achieve these goals.”
Among the companies whose wireless routers have reportedly been compromised are Motorola, Linksys, Dell, Netgear, US Robotics, Belkin, Asus, Buffalo, DLink and Senao. Cherry Blossom relies on implanting altered versions of the products’ firmware remotely posing as wireless upgrades. An implanted device is known as a “FlyTrap” and communicates via beacon with a CIA-controlled server known as CherryTree (CT).
If your company is a consumer grade home router instead of a business grade router, then contact us for assistance.
Here is a quick powershell one liner that I came up with when I got a request from Microsoft Support to disable user protocols. I did some research and found out that they meant the protocols or services used to access Office 365 Exchange Online.
God has recently lead me to do some charity volunteer work for a worldwide organization and their IT department. My first project was to untangle their Nagios Core system and then take over the administration of that server and the monitoring of the rest of the network. Part of this volunteer work took place yesterday with deep dive into the Nagios framework, Linux and SNMP to allow monitoring APC UPS devices.
Initial Trip Off Course
My initial thought was not to re-invent the wheel and head to the Nagios Exchange to find a pre-made project that would elegantly provide monitoring APC UPS devices. I found the check_apcupsd project which looked simple and had a great screenshot. Little did I know what I was getting into. Turns out there are a couple undocumented dependencies for this including apcupsd itself and an undocumented connection to port 3551 which I could not find inside the portal page for the SMART-UPS 1500 network management card. After a couple hours of frustration I abandoned this and removed all linux packages associated with it.
Trip Down SNMP lane
After looking over other projects at the Nagios Exchange, I decided to research using SNMP to provide monitoring APC UPS devices. This lead me to an article by Mihai Radoveanu which provided the detailed steps to create monitoring APC UPS devices in Nagios Core. He details editing the command.cfg file to add the check_snmp and his own check_snmp_inverter to list of commands. (Please note that the check_snmp_inverter.sh file will need to be edited to Change the Home variable to point to the Nagios Core plugins directory) He details creating host templates, host groups, adding a separate configuration file to the main file which includes hosts and services. I prefer the more standards based approach to creating individual host files, adding them to a host group and then creating a service file that points to the host group. Made these changes to the Nagios Core framework and confirmed my configuration before making the changes live.
APC Changes Needed
Finally came the changes to the APC UPS network management card configuration:
Login to the network management card webpage, click on Configuration > Network > SNMPv1 > Access then check the box next to Enable and click on Apply.
Click on Configuration > Network > SNMPv1 > Access Control then click on a community name then type in the network SNMP community name and the IP address of the Nagios Core server. It will only need Read permissions. Click on Apply.
That is all that is needed. This introduction to the Nagios Core framework later allowed me to setup SNMP monitoring for the High Availability link ports between their Sonicwall 4600 devices.
If you are looking for expert monitoring of your network systems by highly trained technicians, then contact us for assistance.
The following steps will setup Windows Server 2012 R2 RADIUS authentication via Network Policy Server (NPS) with your Ubiquiti UniFi Security Gateway (USG) for a USG Remote User VPN. This will allow users to use their current Active Directory Domain Services (AD DS) credentials to authenticate to the Virtual Private Network (VPN).
I am using the UniFi controller version 5.4.14 hosted in Microsoft Azure on a Linux Server with PostFix for alerting.
Step 1: Configure Windows NPS Server
From the Server Manager Dashboard, install the Network Policy and Access Server role using Add Roles and Features accepting all defaults.
Once installed, open the Network Policy Server Administrator Tool. Expand the RADIUS Clients and Servers, then right Click on RADIUS Clients and click New.
Give the USG router a Friendly Name. Type in the IP Address of the inside interface of the USG on the same network as the Windows Server. (This is the IP that the RADIUS requests will come from.) Click the Generate radio button, then click the generate button. Copy this Shared Secret to be pasted later. Click OK.
In the Network Policy Server window, expand Policies, right click on Network Policies, and then click New.
Enter a policy name and leave Type of Network Access Server as Unspecified. Click on Next.
In Specify Conditions click Add.. and then select Windows Group, and pick the AD Group you want to use to allow VPN access. (If you have not already then you will need to add all users who will be accessing the VPN into a seperate group.) Click Add… then Add Groups… which brings up the typical AD search box. Type in the name of the VPN Windows Group and click on OK. Click OK again. Click on Next
Leave the Specify Access Permissions at the defaults (Access Granted, Dial-in box unchecked). Click Next.
Uncheck all authentication methods other than MS-CHAPv2. Click on Next.
Accept the defaults under Configure Constraints. Click Next.
Leave all setting at the default on this page except for under Encryption. Uncheck everything except for MPPE 128-bit. Click Next.
Check your settings on the last page. Click Finish.
Finally, move the new policy above the two default policies in the list by right clicking and choosing Move Up.
Step 2: Configure the USG Remote User VPN
To create the remote access network, in the UniFi controller, go to Settings, then Networks, and click Create New Network, give the network a name and select Remote User VPN.
Fill in the appropriate Gateway/Subnet information for your environment. Make sure it is not the same as any of your current networks.
Add Manual DNS servers, if required for your environment.
Click on Create New RADIUS Profile.
Give the Profile a name, enter in the IP address of the Windows Server 2012 R2 server that will be used for RADIUS authentication and paste in the generated shared secret.
Click Save. Click on Save again.
This allows easy access from Windows default VPN connections to network assets behind the USG device.
If your company is currently using a Ubiquiti USG device and need a Remote User VPN setup, then contact us for assistance.
Ransomware attacks continue to spread around the world this weekend, after the initial damage inflicted on healthcare organizations in Europe on Friday.
The criminals responsible for exploiting the Eternal Blue flaw haven’t yet been identified, but up to 100 countries have hit with WannaCry ransomware, with Russia, Ukraine and Taiwan among the top targets.
The ransomware first appeared in March, and is using the NSA 0-day Eternal Blue and Double Pulsar exploits first made available earlier this year by a group called the Shadow Brokers. The initial spread of the malware was through email, including fake invoices, job offers and other lures with a .zip file that initiates the WannaCry infection. The worm-like Eternal Blue can exploit a flaw in the Server Message Block (SMB) in Microsoft Windows, which can allow remote code execution. This flaw was patched in Microsoft’s March 2017 update cycle, but many organizations had not run the patch or were using unsupported legacy technology like XP.
What’s New
Today, Microsoft has released emergency security patches to defend against the malware for unsupported versions of Windows, including XP and Server 2003.
Overnight and today, it has become clear that a kill switch was included in the code. When it detects a specific web domain exists—created earlier today—it halts the spread of malware. You can learn more at The Register.
As a Webroot customer, are you protected? YES.
Webroot SecureAnywhere does currently protect you from WannaCry ransomware.
In simple terms, although this ransomware is currently causing havoc across the globe, the ransomware itself is similar to what we have seen before. It’s the advanced delivery mechanism that has unfortunately caught many organizations off guard.
In addition to deploying Webroot SecureAnywhere as part of a strong endpoint control strategy, it is essential you continue to keep your systems up-to-date on the latest software versions and invest in user education on the dangers of phishing, ransomware, social engineering and other common attack vectors.
If you have any questions about your Webroot deployment, reach out to our Support Team now.
You are a critical part of our business. Our Managed Service Providers have asked us to write you to explain why our Webroot SecureAnywhere Business Endpoint Protection experienced performance issues, and what we are doing to resolve those
issues as quickly as possible.
Yesterday, Webroot released a rule that categorized some legitimate files as malware. As a result, multiple legitimate business applications were quarantined and unable to function. This rule change was in effect for 13 minutes on Monday, April 24. To be clear, this rule change was caused by Webroot and not your Managed Service Provider.
Webroot is continuing to work diligently with our partners to restore functionality for our mutual customers. While the false positives that caused the incident have been stopped, we are still working on an automated fix to reverse the files affected. Any
resolution will be released immediately.
Webroot is a trusted partner of many Managed Services Providers and this incident is not representative of our high standards. We always strive to be open and transparent, and we are working tirelessly to fix the issue. Once Webroot has identified the root cause, we will ensure further controls are in place to prevent an
incident like this from happening again.
We apologize for the pain this has caused you. Webroot appreciates your business, and our entire team is dedicated to being your most trusted Partner.
Thank you for your patience as we work through this incident.
This article will leave out the names of the internet providers to protect against defamation of character issues, but they include a local cable internet provider and a local reseller of DSL connections who also provide T1 lines. Had a client that recently changed from using a bonded T1 line to cable internet in order to get substantially better speeds. During the winter months they experienced the issues that are typical for remote installations of cable – downtime due to issues with the vendors hardware on the poles. After consulting with them, it was decided to go with a DSL PPPoE failover connection as part of some more expansive upgrades. Here is the setup that had to take place on the provided C1100Z modem / router and the Ubiquiti USG Pro.
Setup of C1100Z Modem Router
The modem / router defaults to router mode, which puts all traffic behind a Network Address Translation (NAT) router and allows this DSL vendor their usual practice of monitoring and reselling traffic information. I chose instead to change the settings to make the device into a standard modem in “Transparent Bridge” mode. You will need to contact the DSL vendor in question to get the PPPoE username and password before performing these steps to ensure that you can setup the Ubiquiti USG Pro later. Here are the steps from their website:
1. Open a web browser and go to http://192.168.0.1.
2. Login to your modem by doing the following:
Enter the Administrator Username
Enter the Administrator Password
Select “Apply”.
3. Select “Advanced Setup”.
4.. Select “WAN Settings”.
5. Select “Transparent Bridging”.
6. Select “Tagged-201” for the transport mode.
7. Select “Apply” to save your changes.
Setup of DSL PPPoE Failover Connection on Ubiquiti USG Pro
The second part of this is to setup the failover portion of the Ubiquiti USG Pro to use the PPPoE Connection.
Login to your Ubiquiti Controller
Choose the correct site from the list at the top right
Click on the Devices icon on the left hand column
Click on the Ubiquiti USG Pro device at that site to open up its properties
Click on Configuration
Expand the WAN2 connection and add the username / password acquired from the vendor earlier along with the preferred DNS then make sure to choose the Load Balancing type as Failover then Queue Changes and Apply Changes
This will setup the DSL PPPoE failover connection to be used whenever the primary WAN1 connection goes down. If your company is currently using an unreliable internet provider and need to setup failover, then contact us for assistance.
Proper care and maintenance of external hard drives keeps small business data secure and ensures reliable backup performance.
Your external hard drives are more than just storage devices—they’re the backbone of your backup and disaster recovery strategy. Whether you’re safeguarding financial records, client data, or project files, keeping these drives in top condition is crucial to prevent data loss and ensure smooth operations. Yet, many small- to medium-sized businesses (SMBs) neglect proper external hard drive care until it’s too late.
This guide outlines practical steps your business and IT team can take to maintain your external drives, answers common questions, and explains how Farmhouse Networking can help you protect your data investment.
Step-by-Step External Hard Drive Care for Businesses
1. Store Drives Safely and Strategically Keep your external hard drives in a cool, dry environment away from heat sources, direct sunlight, and moisture. Avoid stacking them or placing them near magnets or heavy equipment. A temperature-controlled office with minimal dust exposure reduces the risk of drive failure.
2. Use Regular Backup and Testing Routines Set up scheduled backups (daily, weekly, or monthly) depending on how often your business data changes. Test your backups regularly by restoring sample files to confirm they’re not corrupted. This extra step ensures your data will be recoverable when it truly counts.
3. Avoid Unplugging During Use Never disconnect an external hard drive while it’s transferring data. Doing so can interrupt write processes, causing data corruption or even physical disk damage. Always use the “Safely Remove Hardware” option before unplugging.
4. Protect Against Electrical Surges Use surge protectors or uninterruptible power supplies (UPS) to prevent sudden voltage spikes or power failures from damaging your drives. Power fluctuations are one of the leading causes of hardware failure.
5. Label and Track Your Drives For businesses using multiple backups or rotating drives, label each device clearly with its backup date, purpose, and drive ID. Maintain a simple log so your IT team can easily identify which drive holds which data.
6. Encrypt and Password-Protect Sensitive Data Even if your drives are physically safe, data security remains a top priority. Enable encryption and use strong passwords to protect sensitive company and client information, especially for industries handling confidential data or regulated information.
7. Monitor Drive Health Use disk-monitoring software to check drive health indicators like temperature, bad sectors, or read/write errors. Common tools include CrystalDiskInfo or SMART monitoring utilities—many of which can integrate directly into business IT systems for proactive alerts.
Common Questions About External Hard Drive Maintenance
Q: How often should my business replace external drives? Generally, replace drives every 3–5 years, depending on usage and storage environment. Drives used for daily backups may wear faster than those used occasionally for archiving.
Q: What’s the best file system for business backups? For Windows users, NTFS offers stability and large file support. Cross-platform users (macOS and Windows) may prefer exFAT. The choice depends on your backup software and workflow.
Q: How can I tell if my external hard drive is failing? Warning signs include slower performance, clicking or grinding noises, frequent disconnections, or error messages. At the first sign of trouble, stop using the drive immediately and back up data elsewhere to prevent further damage.
Q: Are SSD external drives better than HDDs? Solid-state drives (SSDs) are faster and more durable (no moving parts), but typically more expensive per gigabyte. SMBs focused on speed and portability often find them worth the investment.
How Farmhouse Networking Can Help
At Farmhouse Networking, we partner with small- and medium-sized businesses to create comprehensive data protection plans that go beyond just devices. Our team offers:
Automated backup solutions that reduce the risk of human error.
Drive health monitoring systems to detect early signs of failure.
Data encryption and security compliance consulting to safeguard sensitive information.
Disaster recovery services that ensure your business can bounce back quickly from any data loss event.
We understand how critical reliable storage is to your operations. Our IT experts can assess your current backup process, recommend appropriate external drives, secure your devices, and set up reliable offsite backups or cloud redundancy.
Keep Your Data Safe — Start Today
External hard drives are a dependable and affordable part of any SMB’s data management strategy, but they require proper care to remain effective. By following the steps above and partnering with a trusted IT service provider like Farmhouse Networking, you can extend the life of your drives, reduce risk, and maintain business continuity.
Ready to strengthen your backup strategy or troubleshoot your current storage setup? Email support@farmhousenetworking.com today to learn how Farmhouse Networking can help protect your business from data loss.
And God will generously provide all you need. Then you will always have everything you need and plenty left over to share with others. As the Scriptures say,
“They share freely and give generously to the poor. Their good deeds will be remembered forever.”
For God is the one who provides seed for the farmer and then bread to eat. In the same way, he will provide and increase your resources and then produce a great harvest of generosity in you. - 2 Corinthians 9:8-10
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.