Archive for April, 2012

By Chuck Romano
Concluding my series about the worst IT mistakes I’ve witnessed in my 10+ years as a technician, I’ll highlight two notable IT atrocities I’ve seen people make. So let’s dive right in:
  • Not Logging Off the Remote Network

Remote desktop applications enable easy access to the corporate network, but failing to log out of a session can wreak havoc, leaving a connection to a corporate network wide-open to anyone who happens upon the device, not to mention if the user starts to wonder into the shady depths of the internet unknowing still connected to a company network that can be at risk of malicious data.

  • Ignoring the Social Engineering Threat

All the greatest security technology in the world is no match for good social engineering tactics.  Millions of dollars can be spent to prevent hackers from compromising a system, yet a simple phishing techniques can easily hand over passwords over to the bad guys (or gals).  Social engineering is an all around security threat, not just a remote access threat, but again, with the high usage of mobile devices in public places, a simple “over-the-shoulder” technique can compromise an entire network.

Anybody else have “war stories” to share? I’d like to hear about it in the comments.

Chuck Romano is owner of MoonCat Computer Repair and has more than 10 years experience in the IT sector.

By Chuck Romano

This week, I continue on the worst IT mistakes I’ve seen in my 10+ years as a repair tech, building on last week’s tip about always being cognizant of the vulnerabilities of SSL VPNs. Taking that a step further, it’s critical to know the difference between VNC and RDPs. Let me explain.

  • Not knowing the difference between VNC vs RDP

Coming from a computer repair background, I have used both VNC (Virtual Network Computing) and RDP (Remote Desktop Protocol, software protocol developed and owned by Microsoft) to gain remote access to a client’s computer for support. But there are important differences between the two that should be kept in mind. Here’s some important things to remember about VNC:

            1) It is not secure by default- you need to use add an encryption method to make it secure

  2) VNC ports over mouse and keyboard commands and does not create a new user session, meaning you take over control of the desktop as-is.  If you are helping a customer with support, they can see everything you are doing.

3) VNC needs a client running at both endpoints

As to RDP:

            1) It has limited security and additional protocols are recommended.

 2) RDP creates a new session, meaning only one user can access a machine at a time. This will boot off any current users logged in and close programs, unless the same user that is accessing remotely is the current user.  This is a key point to remember especially when developing remote access solutions for customers.

            3) RDP is Microsoft specific, it can connect to any Microsoft OS computer within the network that have RDP turned on

The lesson:  Know your protocol and know the path you are taking to the remote PC.  Don’t just take it for granted and neglect basic security. In fact, RDP recently faced some security issues.

“Leaving RDP open basically increases your attack surface,” says Rainer Enders, CTO Americas at NCP engineering. “If you have it running, you have an active connection that can be attacked. And the way it’s used, an app can be used from any machine.”

Chuck Romano is owner of MoonCat Computer Repair and has more than 10 years experience in the IT sector.

Lots of news from NCP engineering, as we gear up for Interop 2012. Today,  NCP announced the preview release of the first third-party IPsec VPN client available for Android 4.0.  Now available for free download in the Google Play store, the client represents the next step forward in enterprise network security for workers using Android devices.

The VPN supports the Android 4.0 (“Ice Cream Sandwich”) platform, and will be available for preview through June 30, with further versions released later this year that include a number of other important features, such as central management capabilities for enterprise network administrators.

Earlier this week, NCP announced its Entry and Juniper Edition VPN clients now support Windows 8. The Windows 8-compatible clients boast identical benefits to NCP’s other IPsec clients, including being equipped with an intuitive graphical user interface, simple enough for any employee to understand and control.  In fact, Microsoft too, is making usability a core component of Windows 8, outfitting its newest operating system with a revamped user interface optimized for both mobile and touch screen deployment.

By Chuck Romano

If you do any kind of tech work today, then you must be very familiar with doing help desk support or administration using remote access.  Your scenario could be administering 100s of PCs on a corporate network, spread across different geographical locations, or it can be providing help desk support to a residential or small business client.

In my 10+ years of experience as a repair tech, I’ve seen my fair share of mistakes that can be made in the world of IT and remote access. In fact, here’s a very common scenario that comes up: You are tasked with removing malware from a remote PC.  Time constraints, efficiency, and location make remote access the best way to clean the computer. Yet this presents challenges right off the bat, because not only do you need to remove the problem on the target computer, but you have to make sure that the computer and network that you are working from stays clean.  Anyone else deal with that?

Sure, each scenario will present unique challenges and specialized configurations, but they really boil down to making reliable remote connections while retaining the proper level of security. Here’s my list of the worst IT mistakes related to remote access that I’ve seen.

  • Ignoring the Vulnerabilities in SSL VPNs

This is probably one of the most important security aspects in a VPN or remote access situation.  Remote access is basically creating a connection between two endpoints.  Once that connection is established, those endpoints can share information, good or bad.  No matter what kind of connection software and encryption methods are being used, viruses, malware, worms, and malicious code can easily port from a patch neglected endpoint to a company network.  Many people get fooled into thinking that their SSL VPN connection is private, secure, and encrypted, so everything is safe.  They neglect to realize that the security is in the tunnel, but care still needs to be taken for the security of each endpoint.

Chuck Romano is owner of MoonCat Computer Repair and has more than 10 years experience in the IT sector.