my likelist has a great list of businesses on LikeList, and I thought you’d like it too. http://t.co/VPKyQXOz @LikeList
Oct
25
Computer Ports: Their Purpose and Dangers
Ports: Their Purpose and Dangers
A port can be defined as a connection point used by software to exchange data. Two of the most common examples of computer ports are TCP and UDP ports. Both of these ports are used to exchange data among computers on the internet. In this paper I will talk briefly about a few select UDP and TCP ports including the purpose for each port, the dangers of having these ports open and how to close these and other computer ports.
The select ports I have chosen to talk about are 137, 138, 139 and 445. Ports 137-139 and 445 are SMB (Server Message Block) ports. They are all used for file and printer sharing. In Windows NT, the SMB protocol ran on top of NetBIOS and in Windows XP/2000/2003, it was made possible to run SMB directly over TCP/IP without the additional layer of NetBT. This is where port 445 replaced 137-139.
Open ports can be dangerous because they are possible back doors into your computer. By keeping these ports open you’re leaving your computer open to any knowledgeable hacker. I would recommend scanning your computer with “Shields Up” (http://www.grc.com/default.htm) to see if these, as well as any other ports are open on your machine.
While Shields Up is an amazing tool for scanning your systems vulnerabilities, it can not close the ports for you. Shields Up does however give you steps on how to close certain ports as well as precautionary measures to avoid closing ports that may have needed to stay open. The best way to find out how to close specific ports on your machine is by doing a search on www.Google.com. For example if the port is 445 that you would like to close, type something along the lines of “how to close port 445” and then follow that by typing your current operating system. There is no single way to close a dangerous port. Each port you need closed may have its own set of directions to close it.
Mathew Gajewski
http://www.drpcrepair.com
http://www.doctorpcrepair.com
Oct
22
How to Install and Configure Apache
In this write up I’m going to teach you how to install and configure Apache. First login as usual and sign in with root privileges by typing “su.” Here it will prompt you for your password. Create a folder named Lab06 in your /home/(username goes here)/ directory and then change to your tmp folder.
In this case I was installing at a school so you’ll have to work with the directions you don’t understand. From the command line, login to the class server using FTP and download httpd-2.xxx.tar.gz to your /tmp directory. Logout and uncompress/untar the downloaded file.
Place the user files in /usr/local/apache and set the enable-module to “all.” Then set the enabled-shard to “max.” Now enter in the command line enter “./configure –prefix=/usr/local/apache \
–enable-moedule=all –enable-shared=max.” Now create and install httpd. Make a backup copy of the /etc/httpd/httpd.conf file incase of any mistakes, it’s always better to be safe than sorry. The changes that need to be made are in the Document Root, ServerRoot, and
Apache does not start on boot without modification, you’ll have to manually force httpd to start in run level 3, 4, and 5 when you want it to start. Type “chkconfig –list httpd > /home/(your username here)/Lab06/chkconfig.txt and now start XWindows. Open Mozilla and enter your address. You should see notification that Apache is running (because you haven’t yet uploaded webpages.)
Now that it’s installed, here is more configuration type details to the Apache server. If you’d like to restrict your webpage to people with usernames and passwords here is how. Using Apache’s htpasswd utility, create username and passwords for login. Here you must give the location and name of the password file. If there is no password file then you must include the –c option to create to th e command line. To create a username and password type htpasswd –c /etc/httpd/conf/.htpasswd (username here). To add a password type htpasswd /etc/httpd/conf/.htpasswd (username here) (without the –c). Set the permission for .htpasswd to make it read only by a specific group(s) by typing chmod 644 /etc/http/conf/.htpasswd.
Now create an .htaccess file where you want password control by using vi to edit “/usr/local/apache/htdocs/secret/.htaccess. After changing to insert mode enter the following:
AuthName “Login Required”
AuthType Basic
AuthUserFile /etc/httpd/conf/.htpasswd
AuthGroupFile /dev/null
require user (username here) username
and now write and quit.
Now place a
Servername (IP ADDRESS HERE)
DocumentRoot /usr/local/apache/htdocs
Now restart Apache. When trying to access it you should now be prompted for a username and password. You’re almost done. Change the director to /home/(your username/Lab06 and copy /etc/httpd/conf/httpd.conf, /etc/httpd/conf/.htpasswd, and /usr/local/apache/htdocs/secret/.htaccess. Then change ownership of the directory /home/(your username/Lab06 as well of all of the files in it from root to your username and you’re all done. Enjoy your Apache web server!
Mathew Gajewski
http://www.DrPCRepair.com
http://www.DoctorPCRepair.com
Oct
21
AD, LDAP & Some Involved Services
Lightweight Directory Access Protocol, also known as LDAP, is a protocol created to gain access to directory services so that you can grab data. A directory service is a service, done by software, that organized, stores and presents access to the information stored inside it. Active directory is a type of directory service made by Microsoft. With this said, you need to follow through with LDAP in order for Active Directory to comprehend and respond back to your requests.
Now LDAP and Active Directory are not required to be used together, you have other options. There are freeware Active Directory services such as OpenLDAP. There has also been services designed that, in my opinion, goes above and beyond LDAP. Kerberos, created by Microsoft, is an Active Directory developed for just this reason.
I’ll get back to Kerberos in just a moment. LDAP is a creation for the cooperation of telecommunication companies which allowed the pulling of data from a server through TCP/IP. LDAP, designed in the 1980’s has obviously been through many changes since. Now Active Directory on the other hand, is a Microsoft product which has been created based mostly on LDAP so that the two can work together “peacefully,” if you will.
Now I’ll get back to the protocol that goes by the name of Kerberos. Kerberos is an authentication protocol within computer networking. This protocol allows nodes that are communicating through an unsecure network to securely identify themselves to one another. Kerberos is an extremely popular protocol for authentication. This is set default in the Windows 2000 and Windows 2003 environments.
How Kerberos works is that there’s a central authorization server known as the Key Distribution Center which issues a “ticket” to any client that succeeds in logging into the network. That ticket is now used as a “key” for a user or even system to use the resources on the network. These resources can include databases, printers, intranet applications and more. Anything that Kerberos supports can be shared using this key.
One of the main benefits to using Kerberos is that it enables you with a single sign on feature, extremely helpful to users in a large “mixed up” network. How this comes in handy is that once someone has been granted access by the Key Distribution Center, they won’t have a problem accessing multiple network resources without having to keep entering their provided username and password each time.
The Challenge Handshake Authentication Protocol, also known as CHAP, is a bit different ballgame than Kerberos. CHAP is more of just an authentication method. CHAP is a popular, widely compatible authentication technique which sends a different version of a user’s password instead of the password itself. The RAS (remote access server) sends a challenge to the RAC (remote access client) using the MD5 hash algorithm I’ve spoken about before for authentication. This provides a one way encryption for this authentication protocol.
Extended Research
LDAP Alternatives!
Although countless hours are put into designing software and testing it for “bugs” (flaws found in software), there are always going to be something that someone does not like about the application. This is why there are so many different versions of the programs that are out there. Just as people have different taste in music, people also have different taste in software.
For example, there are many versions of the popular instant messaging software that goes by the name of AOL Instant Messenger (AIM). Some of these alternative applications are Trillin, Pidgin (also known as GAIM), Dead AIM (an add-on to older versions of AIM), Miranda and many more. It is no different with more professional software used by companies to help run their hundred thousand or even billion dollar company. Whether you’re against using the original versions of software because of the price, compatibility or just simply the features, there are alternatives for almost every piece of software out there.
LDAP is no different. OpenLDAP is I mentioned earlier is a great authentication system which is can be used on Linux and like many software applications for Linux, is completely free. OpenLDAP is also open source which means users can edit it themselves to fit their needs or others needs but must provide the source code when distributing it.
iPlanet is another LDAP alternative only this one can run on not only Linux, but Solaris and Windows systems also. One downside to iPlanet though, is that although the directory server has a Windows NT to LDAP password system, direct authentication to the directory server isn’t possible from Windows systems. This is what leads me to believe NDS is probably the best alternative.
NDS, Novell’s directory service can run on Windows, NetWare, Solaris, and Linux. Almost all versions of Windows (even Windows 98), Linux and Solaris can all be used. It’s compliant with all standards and has been found to perform well in many situations. The only major downside to NDS though seems to be the price.
Like I said before, almost all software and services out there has alternatives to it. Have a program that you think should be free, have better features or work on a different operating system? Try going to www.Google.com and typing in the software name (and version if available), followed by the word “alternatives.” If you’re looking for a free version of the software you can try something like “freeware alternative” or for operating systems “Linux alternative.”
Mathew Gajewski
http://www.DrPCRepair.com
http://www.DoctorPCRepair.com
Oct
18
Zero Day (0 Day) Attacks
The Severity of Zero Day Attacks
A zero day attack can be defined as an attack that is performed by taking advantage of a problem or “hole” found in the creation of software (Ex: Microsoft Windows) unexpectedly. These attacks may be performed before the problem with the software is even public information. This usually occurs when a computer criminal discovers this hole by his or her self or even from a friend and decides to take advantage of it. Because antivirus software cannot protect against brand new attacks, most if not all people who step into the criminals trap are affected.
Once an attack is made public, software vendors (including the creator of the software in which the hole exists), usually work very hard on fixing the problem immediately. Two examples of zero day attacks were problems within Microsoft Excel and Adobe Reader. Due to the vast popularity of Microsoft and Adobe, attackers aim at products created by them so that a higher number of people can be targeted. The Adobe Reader attack was labeled very severe because it enabled the possibility of victim’s machines to be taken over. With over five hundred million copies of adobe distributed worldwide, the impact of this attack left millions of computers at risk. Adobe user’s social security numbers, credit card numbers and other personal information all left at the hands of criminals.
The Microsoft Excel exploit mentioned previously is one in which allows an attacker to create an “.XLS” file that can trojan a victim’s computer if opened. Even I, as an experienced computer user wouldn’t usually hesitate to open up a file that appeared to be created in Microsoft Excel, especially if it came from a family member who unknowingly emailed it to me. This proves how severe an attack like this can actually be.
This attack, the same as the Adobe attack, left millions of user’s sensitive information at risk. These two attacks could cause millions if not billions of dollars in damage to both companies and everyday people like you and I. Both of these attacks we’re fixed by creating a patch for the software that closed the “hole” that was letting attackers into your computer. To make things even worse, not only is it that the actual attackers are doing damage, but also users who help make threats like this publicized. Users who decide to make dangerous information public should be punished the same as the discoverer of these perilous holes in software.
Mathew Gajewski
http://www.DrPCRepair.com
http://www.DoctorPCRepair.com
Aug
13
Windows Warning “Warning! Your computer is infected with spyware” is Fake!
Brief Description: Here we talk about the Windows warning “”Warning! Your computer is infected with spyware.”
Windows Warning “Warning! Your computer is infected with spyware” is Fake!
Here at Dr. PC Repair (http://www.drpcrepair.com) we’ve been seeing this virus more and more lately. Both locally and via our online pc repair support option, users have been complaining if this fake antivirus software. The worst part of this is, not only the amount of people being having this issue, but how much of a pain this fake warning can be to a user (and even to a technician removing it).
Do not attempt to purchase any of their software, these aren’t people you want to give your credit card number to. This also won’t solve your problem, this fake warning message was designed to steal your hard earned cash! Fake error messages, warning “tool tip” boxes, the appearance of an antivirus scanning your computer are all signs of this very virus.
So can you solve this issue your self? You might be able to but it is highly UNRECOMMENDED. Do not bother wasting your money on antivirus software, most of them will not solve your issue and it will just be wasted money out of your pocket. This virus has to be removed manually or with special tools that are a bit harder to find than your everyday antivirus. Removing this yourself means accessing your computers registry, a very complex part of Microsoft Windows that you don’t want to fool around in. So what can you do? You’re going to need a tech for this one.
I’ve ran various virus scanners out there against this fake anti virus and was not successful a single time. My recommendation? Pay a tech to do it. Save yourself the trouble and the chance of making your computer worse and visit Dr. PC Repair. If you’re not in the New Jersey area, I recommend you take advantage of our remote/online pc repair option. Why pay a local computer geek twice the price to resolve the same issue? You work hard for your money, why give it away?
Stop struggling with this virus, quit dealing with the major annoyance of having this on your machine and fix it today! AVG, Norton, McAfee, Kaspersky, I’ve tried them all and the fake Windows warning always wins. So before you waste any money on an antivirus program, download AVG for free for regular everyday protection on your PC and pay a tech to remove this nasty annoying Windows warning right now! Go, go, go!
Written for
http://www.drpcrepair.com
http://www.doctorpcrepair.com
http://dronlinepcrepair.com
Aug
13
Slow yesterday but still made …
Slow yesterday but still made some $. Need your P.C. fixed? I can do it remotely from the office for $49, http://www.drpcrepair.com !
Aug
11
Checking out this new site htt…
Checking out this new site http://t.co/uj5zgH9
Aug
06
Checking out this new site htt…
Checking out this new site http://t.co/uj5zgH9
Aug
06
Speeding Up Your Computer Part 3
Now in the last article I mentioned how some software can negatively impact the performance of your computer. I used, and always use, AOL as an example. There are so many things packed into AOL software, so many of which not a lot of people even use, that this piece of software can be terrible for performance. A lot of customers whose computers I work on still use AOL and I completely advise against it if you’re on an older machine, or a machine lacking memory.
But before we get into that let’s talk about how to check your machines memory, and talk a little bit about how much you should probably have when running certain OS’s (operating systems) and programs. To check your memory you want to right click on “My Computer” (or “Computer,” in Vista and Windows 7.” This will be located either on your desktop (the main screen with your icons when you first start up your PC), or under your start menu (the round ball, as one of my customers calls it, in the bottom left hand corner of your screen on Windows Vista/7). After you RIGHT CLICK “Computer,” you want to left click Properties. Your memory will be displayed here.
Look for installed memory (RAM), or if it doesn’t say this, just look for “KB” “MB” OR “GB” depending on your machine. The number before this abbreviation is how much memory you have. It will also list what version of Windows you have here. Windows XP should have at least 512MB, Vista should probably have at least 3GB and Windows 7 you can probably get away with 2GB but I would prefer 3GB. Memory is fairly cheap these days, especially on Ebay and if you find a tech like me, you can have it installed dirt cheap also.
Now back to software. Things like AOL use a ton of memory. Now unless you have, for example, Windows XP with 1GB of memory, Vista with 4GB of memory, or Windows 7 with 3-4GB of memory, I’d recommend against software like AOL. Other popular software, although getting much better now, is Internet Explorer. Photo editing software uses a lot of memory, Microsoft programs such as Word can use a lot of memory. Suspicious of a memory-hog? Hold “Ctrl,” hold “alt,” then press delete. XP will start your task manager, Windows 7/Vista you’ll have to click to start task manager, but then look under processes. This will list how much memory each software is using.
Now how to replace programs like these? AOL is mainly just used for email and web browsing. This can easily be replaced. Download Firefox (www.firefox.com) to browse the web or Google Chrome (www.google.com/chrome) to browse the web even faster than AOL can handle. Email? This depends on your provider, if you’re using AOL for email, you can cancel AOL, or even keep AOL, and login to your email through www.AOL.COM. Now you’ve replaced this big chunky program without getting rid of your email or web browsing capabilities.
Looking for other software replacements? Stay tuned for part 4 of Speeding Up Your Computer.
Written for
http://www.drpcrepair.com
http://www.doctorpcrepair.com
Remote/Online Computer Repair Experts
Discounted, affordable web design,
and even more affordable online computer tutoring/training.