" />

Custom Technology Solutions, Inc

Corporate Blog

WordPress hackers highlight SMB risk of website loss

What company today operates without a website? Practically every firm in every business segment has a web-facing front end to act as a customer store front and product or service information channel. If your company’s website ‘goes down’ for any reason, the loss of face and reputation can be long lasting for customers who can quickly become disenchanted by lack of service. With this ‘reliance’ on website uptime in mind, some valuable lessons have been highlighted this month by the hack that occurred on the very popular open source web content management tool WordPress. The service was attacked and as hundreds of thousands of small to medium sized businesses (SMBs) use WordPress as the engine behind their web presence, the botnet behind this attack will have caused concern among many firms who have suffered from their websites being unavailable on both the front (user-facing) and back (company-facing) end. A total of some 64 million websites are built using WordPress and an estimated 371 million people read content posted on this service in any one month. The BBC News service this month reported that the botnet targets WordPress users with the username “admin”, trying thousands of possible passwords. Surprising though it may sound, many users still exist with the “admin” username left unchanged from the point of initial sign in, thus leaving themselves more susceptible to malware based attacks of this kind. Other users with more personalised usernames are also thought to have been affected. The attack itself began a week after WordPress confirmed that it had improved its own security systems by introducing an (albeit it optional) two-step authentication log-in option. According to instructions from WordPress itself, “When you log in to your WordPress.com account, we’ll prompt you to enter a secret number. To get that secret number, you’ll need to download the Google Authenticator App on your smartphone. It generates a new number every 30 seconds, making it virtually impossible to guess.” Again turning to the BBC report, it appears that this attack was perpetrated by hackers using what was described as a “relatively weak” botnet constructed by a group connection of home PCs. This network was then engineered to build a much larger botnet of far more powerful connected servers that could spread the attack further. Once again we come back to the very real threat this kind of malware presents to the small to medium sized business who commonly use these kinds of free and open source tools to build up and maintain their online presence. While hackers continue to derive value and pleasure out of disrupting the lives of ordinary citizens and companies, the best option is to adopt strong password policies, two-factor authentication options (where they exist) and robust anti-virus and malware security software throughout the business, such as AVG Business Edition 2013 .   

Read the article:
WordPress hackers highlight SMB risk of website loss

Running DHCP Server on Windows Server 2012 Essentials

[This post comes to us courtesy of Rituraj Choudhary from Microsoft Commercial Technical Support] Windows Server 2012 Essentials is enabled to run on a network with the DHCP Server service running on the router. This blog post describes the method to configure DHCP Role on the Windows Server 2012 Essentials, if you prefer so. The first step in this process is to assign a Static IP to the server. On a Command Prompt , type ipconfig , and make a note of the IPv4 address, Subnet Mask and Default Gateway. Open the Network Card properties. Click Internet Protocol Version 4 (TCP/IPv4) , and then click Properties. To assign a Static IP, click to Use the following IP address , and enter the same details that were noted down earlier for the IP Address, Subnet mask and the Default Gateway. At this point, stop and disable the DHCP Server service running at the existing computer or device . Please note that during the process of migration the network clients will not be able to obtain IP address; if you have business critical servers on the domain, assign them a Static IP. Let’s now install the DHCP Server role on the Windows Server 2012 Essentials. On the Start screen, type Server Manager , and open it from the results displayed. On the Server Manager window, click Manage on the Title bar, and then click Add Roles and Features . It will open the Add Roles and Features Wizard . On the Before you begin page, click Next . On the Select installation type page, choose Role-based or feature-based installation , and then click Next . On the Select destination server page, verify that the Windows Server 2012 Essentials is chosen, and then click Next . On the Select Server Roles , click to select DHCP Server . After this option is selected, you may see a pop up to add additional features. Click Add Features on this popup window. It will redirect back to the Select Server Roles page. Click Next . On the Select features page, do not select anything and click Next . On the Confirm installation selections , click Install . Do NOT select the option Restart the destination server automatically if required . On the Installation progress page, or click Close . Once the installation is complete, the same is notified under the Notification icon on the menu bar of the Server Manager window. If the installation went fine, you will get a successful message as: To complete the DHCP deployment, click on Complete DHCP configuration on the Post-deployment Configuration under the Notification icon. The DHCP Post-Install configuration wizard is quite straight forward. On the Description page, click Next . On the Authorization page, verify that Use the following user’s credentials is selected and the Administrator user name is put there. On the Summary page, check the status of the post install configuration and then click Close . Here is the final status that you should see on the Server Manager . It is now time to configure the DHCP Server. On the Start screen, type DHCP , and click to open DHCP console. On the DHCP console, expand the Server name, and then right-click IPv4 . Click New Scope… It will open New Scope Wizard . Follow this wizard to name the Scope conventionally, e.g. Scope [192.168.1.0] fabrikam.local . Add the IP Address Range for the client computers, e.g. 192.168.1.3 to 192.168.1.50 . Add the Default Gateway (IP of the router), DNS Server (IP of the Server itself), and activate the scope. Your server is now ready to lease out new DHCP addresses to the network clients. More Information: There is a service named as Windows Server LAN Configuration that gets installed on a computer when it joins Windows Server 2012 Essentials. The purpose of this service is to detect the presence of the Windows Server 2012 Essentials, which by default, has a DHCP Server assigned IP. To explain, let’s say you have a laptop which is joined to a Windows Server 2012 Essentials domain. When this laptop is taken to a different network, it gets a new IP assigned by the new network’s DHCP Server to connect to this network and the internet. When the laptop comes back into its home domain, it again gets a new IP from the DHCP Server (Router) on the Windows Server 2012 Essentials domain. The Windows Server LAN Configuration service now comes to play; it detects the presence of Windows Server 2012 Essentials on the domain, obtains the IP of the server, and overwrites the DHCP Server assigned DNS Server address for the client, which helps this laptop resolve Active Directory. After rehoming the DHCP Server at the Windows Server 2012 Essentials, it would have a Static IP. This DHCP Server IPv4 Scope Options would also carry the DNS Server information (which is the Static IP of the Windows Server 2012 Essentials). At this point, the services of Windows Server LAN Configuration is not required, and may be turned off. Leaving it turned on does not harm either.

See more here:
Running DHCP Server on Windows Server 2012 Essentials

Windows Server Essentials Integration Module for Windows Azure Backup is Now Available

[Today’s post comes to us courtesy of Yang Cao and Ashish Sukhija] Hello everyone, we would like to update you on an Add-In software that is now available for Windows Server 2012 Essentials. We have updated the Windows Server Essentials integration module for Windows Azure Backup and is now available for download from the link below: http://go.microsoft.com/fwlink/?LinkId=288906 More Information A reboot might be needed if you don’t have the Visual C++ redistributable installed because it requires the server to reboot. After reboot, please launch the add-in installer again. If you already have an old version of the Add-in software installed, then you need to: Uninstall the old Add-in from the Dashboard; Uninstall the Windows Azure Backup agent from the Control panel; Reinstall the new Add-in NOTE: During step #3, we’ll automatically reinstall the new Windows Azure Backup agent. Known Issue If you update the Windows Azure Backup agent before uninstalling the previous Windows Server Essentials Integration module for Windows Azure Backup, the Dashboard will crash. This is because of the compatibility issue between the old add-in and the new Windows Azure Backup agent. To fix this issue, follow the steps below: Open the Dashboard in safe mode. Disable the online backup add-in. Go to Dashboard to uninstall the add-in. Reinstall the new add-in. Visit the Windows Azure Backup Forum http://social.msdn.microsoft.com/Forums/en-US/windowsazureonlinebackup/threads

See the original post:
Windows Server Essentials Integration Module for Windows Azure Backup is Now Available

Effective ways for small businesses to use Facebook

As the world’s largest social network with some 1.06 billion monthly active users, Facebook has become a must, not only for consumers but for businesses too. Facebook’s business pages have been around since 2007 and millions of companies now use the platform to strengthen their brand, advertise and connect with customers. But simply having a Facebook business page isn’t enough, if you want to get the most out of the platform, you have to work a bit harder. As a small business you may think you don’t have the resources to focus on this but there are plenty of ways to make the process painless.   Here are our top five tips for small businesses on Facebook:   1.  Use Facebook’s tools to highlight your important posts Often when you post something on Facebook it’ll get lost, not only on people’s news feeds but on your own Facebook page as you add more posts. If there is something you want to highlight or give priority to an extended period of time there are a number of timeline features to help. You can pin a post to the top of your timeline so that it will stay at the top regardless of how many other posts you have. You can also highlight a post which makes the post stretch across the width of your page, taking up two columns.   2.  Use exclusives and offers to keep fans engaged and encourage more Often your customers will expect something in return for their continuing engagement with your Facebook page. It’s a nice idea to offer exclusive news and updates via Facebook but there is also the opportunity to give your fans discounts on the platform through the “Offers” option. It’s free to create and post these “Offers” which will appear in your fans’ timelines and can help to drive sales.   3.  Post relevant content regularly It’s a good idea to post as regularly as possible if you want your Facebook page to be a success. Post your own content such as news or advice pieces which may come from your company blog or newsletters which your fans will find interesting. Try and remember that Facebook tends to be a place for lighter more entertaining content than the more serious stuff. But if you don’t have time to concentrate on creating new editorial, don’t be afraid to post content by other people. Bringing your fans’ attention to relevant content written by others is perfectly acceptable and it’s good to foster a mix of in-house and external posts.     4. Make sure you avoid Facebook scams and malware Your love affair with Facebook will quickly fizzle out if your business gets caught out by a Facebook scam or hack. There are a number of ways you can avoid falling prey to these tricks. Make sure your employees are all trained to recognise a scam or malicious link and stay clear of them. Also make sure your internet security protection is up to speed and running well. AVG’s Internet Security Business Edition 2013 software for example has built in social networking protection to check links exchanged through social networks.   5. Use a third party platform to manage your Facebook and other accounts Chances are if you have a presence on Facebook, you are also active as a business on Twitter, LinkedIn and Google+. Keeping on top of all of these and making sure you post regularly can become a trial but there are platforms which help you to manage these social accounts simultaneously. Services such as HootSuite and Sprout Social are designed with busy business owners in mind and let you post to all of your networks with one press of a button.  

Visit link:
Effective ways for small businesses to use Facebook