Category: Internet Security|Webmaster

Spyware and Adware

Posted on by talhaahmed18

Spyware-adwareSpyware and Adware are programs that are installed on a computer that perform operations that the user probably doesn’t want. Spyware is a program that was created for the purpose of collecting information and sending it to a designated entity. The information it gathers can be from which terms or phrases you are searching and which websites you are visiting, to personal and financial information like your date of birth, social security number, or credit card information. Adware has a different purpose. It will usually ‘pop-up’ advertisements in websites when you search for a specific term or phrase, or it may be an entirely separate pop-up window on your desktop that advertises something.

Now you may be thinking: “Who would install such a program?” The answer is: “More than you would think.” These programs are typically installed without the knowledge of the user. They are usually packaged together with other ‘free software’ downloaded from the internet. Think of the phrase “nothing in life is free.” This holds true for computer software. If you got it for free, there is a big chance the creator is making money somehow. Often it’s by accepting payment from companies in return for adding these programs to their ‘free software’.

Here are some identifiers that may indicate your computer is infected:

  • Your computer is slowing significantly
  • You are redirected to a different website than the one you entered
  • You get random informational or advertising pop-ups
  • Your internet connection seems very slow or stops working

There are some things you can do to prevent the installation of these programs. Some software has the option of ‘Customized Installation’ which allows you to deselect the spyware or adware program from being installed. Another way is to read the ‘Agreement’ for any indication that these programs are included, granted they are being honest in disclosing that in addition to their program, other ‘alternate’ or ‘third party applications will be installed. However, these methods do not guarantee that you won’t have spyware or adware installed. Many programs may not disclose this or the program will not function without it. Sometimes these programs can be installed by visiting an unreliable website.

The only surefire way to avoid having spyware and/or adware being installed on your computer is to only install trusted software from trusted sources, and visit only trusted websites. Trusted companies like Apple, Microsoft, Adobe, and others do not include these programs in their installation packages. More and more methods are being developed to deploy these unwanted programs.

If you suspect your computer contains spyware or adware, use a special program to find and remove these unwanted programs. Some reliable programs that are highly recommended are Ad-aware and Spybot. Remember though, some spyware and adware programs might have already done some damage to your computer that may require a qualified technician to repair. Global IT, a leader in internet security, staffs certified technicians that can restore your computer back to a level of optimal performance.

https://info.globalit.com/wp-content/uploads/2012/12/Spyware-adware.jpg

Internet Security|Webmaster

How to Configure Spam Settings

Posted on by talhaahmed18

How to increase or decrease your spam settings and how to add users to the blacklist or whitelist.

Most users will just use steps 1 through 5. Step 6 is for advanced configuration, should only be used by advanced users.

1.  Access Control Panel

cpanel_log_in

  1. Type: https://yourdomainname.com:2083 into your preferred Internet browser.
  2. Enter your Control Panel username into the Username field.
  3. Enter your password into the Password field.
  4. Click Log in.

2.  Access SpamAssassin Settings

access_spamassasin

3.  Enable SpamAssassin

To enable SpamAssassin:

  • Simply click the Enable SpamAssassin button on the SpamAssassin home screen.

enable_spamassasin

4.  Automatically Delete Spam

This function automatically deletes messages that meet or exceed the score limit. Activate this function by clicking the Auto-Delete Spam button under the Filters heading.

WARNING – Email tagged as spam will be deleted completely from the server.

auto-delete

When you click Configure SpamAssassin, you can add email addresses that should be filtered automatically by typing the address into the “blacklist_from” box. A whitelist can be created in the same way at the bottom of the page. It is also possible to specify scores that SpamAssassin should use for each particular test.

 

5.  Set Required Spam Score             

 

SpamAssassin examines every email message for spam characteristics, then assigns it an overall score. Enter the score required for a message to be considered spam.

changing_score

5 is the default setting, this is not very aggressive.
1 is very aggressive and in most cases, this setting is never used.

We recommend, adjusting 1 point setting each day until you achieve the desired result.

 

6.  Configuration SpamAssassin       

This feature allows you to add emails and/or domains to blacklist (spam, blocked) or whitelist (clean, allowed through).

configure_spamassasin

Note: You can always email support@globalit.com for assistance with black or white listing of emails and IP addresses.

6.1 Add Addresses to the Blacklist

Enter addresses whose email is often allowed past the spam filter, but from whom you do not wish to receive email.

You may use * as a wildcard for multiple characters, or ? as a single-character wildcard.

  • user@example.com — Blacklists a single email address.
  • *@example.com — Blacklists all the addresses at example.com.
  • ?ser@example.com — For example, User@example.com would be blacklisted, but AUser@example.com would not be blacklisted.

By default, 5 text boxes appear, allowing you to add 5 addresses. To add more than 5 addresses:

  1. Fill in the first 5 text boxes.
  2. Click Save.

When you return to the page, more text boxes will appear.

 

6.2 Add Addresses to the Whitelist

Enter addresses whose email is often blocked, but from whom you wish to receive email.

You may use * as a wildcard for multiple characters, or ? as a single-character wildcard.

  • user@example.com — Whitelists a single email address.
  • *@example.com — Whitelists all the email addresses at example.com.
  • ?ser@example.com — For example, User@example.com would be added to the whitelist while AUser@example.com would not be added.

By default, 5 text boxes appear, allowing you to add 5 addresses. To add more than 5 addresses:

  1. Fill in the first 5 text boxes.
  2. Click Save.

When you return to the page, more text boxes will appear.

 

Remember:

  • Click Save to store the configuration changes.
  • A whitelisted address is automatically allowed past the filter.
  • A blacklisted address will automatically be filtered by SpamAssassin.

 

https://info.globalit.com/wp-content/uploads/2013/08/enable_spamassasin.jpg|https://info.globalit.com/wp-content/uploads/2013/08/cpanel_log_in.jpg|https://info.globalit.com/wp-content/uploads/2013/08/spamassasin2.jpg|https://info.globalit.com/wp-content/uploads/2013/08/enable_spamassasin1.jpg|https://info.globalit.com/wp-content/uploads/2013/08/spamassasin.jpg|https://info.globalit.com/wp-content/uploads/2013/08/cpanel_log_in1.jpg|https://info.globalit.com/wp-content/uploads/2013/08/control_panel_login.jpg|https://info.globalit.com/wp-content/uploads/2013/08/access_spamassasin.jpg|https://info.globalit.com/wp-content/uploads/2013/08/auto-delete.jpg|https://info.globalit.com/wp-content/uploads/2013/08/changing_score.jpg|https://info.globalit.com/wp-content/uploads/2013/08/configure_spamassasin.jpg

Internet Security|Webmaster

Identifying IT Security Threats

Posted on by talhaahmed18

The Complexity of IT Security

Modern businesses – of all sizes – are becoming increasingly vulnerable to security breaches even as they enable their workforces with state-of-the-art technologies.
cyber-attacks-on-rise

  • Cyber attacks are up 100% since 2010.
  • Cyber attacks can be costly. The average time to resolve a cyber attack is 24 days at an average cost of $591,780, or nearly $25,000 per day.
  • The most costly cyber-crimes are caused by malicious code, denial of service, stolen or hijacked devices, and malevolent insiders.

Threat 1: Data Loss & Leakage

  • Unintentional distributioninformation-leakage
    of sensitive data:

    • financial
    • employee
    • customer data
    • intellectual property
  • Due to:
    • loss or theft of laptops or mobile phones.
    • electronic transmissions, such as unencrypted emails, IM, webmail and file transfer tools, hacking, virus

     

 

Threat 2: Denial of Service Attacks

denial-of-service-attacks

  • DoS attacks flood a network with more traffic than it can handle, consuming bandwidth or server resources.
  • Distributed DOS attacks use multiple systems to launch the offensive, making them difficult to shut down.
  • DDOS attacks are growing in size – to more than 50GBps in 2012 ‒ and last more than 30 hours, according to data from Prolexic.

 

 

 

 

Threat 3: Malware

  • Malicious software (aka malware) is unwanted software installed without consent.malware
  • Examples include:
    • viruses
    • worms
    • Trojan horses
    • spyware
    • Botnets, Zombie

     

 

Threat 4: Phishing/Social Engineering

phishing-social-engineering

  • Cyber criminals use phishing and “social engineering” schemes to trick people into sharing personal information, such as:
    • account information
    • credit card data
    • social security numbers
    • passwords
  • Phishing  and social engineering are done typically with links to fill-in forms from:
    • e-mails
    • Websites
    • social media

Threat 5: Human Error/Malevolence

human-error-malevolence

  • More than 50% of security problems are due to employees or IT staff inadvertently:
    • failing to follow procedure
    • being careless
    • lacking expertise
  • Insiders or former insiders, such as disgruntled or malicious employees or contractors can be dangerous attackers because they know the organization’s:
    • security codes  and measures
    • computers and applications
    • actions that will cause the most damage

     

Understanding Data-Centric Security

Before you even think about technology, you need to determine who will be responsible for security. The development and communication of your security strategy is critical.

  • Understand present, potential and future riskscomplexity-of-it-security
    • Employee vulnerabilities
    • Internet, cloud vulnerabilities
    • LAN vulnerabilities
    • Premises security
  • Implement
    • Minimum security codes and measures
    • Define business and personal computer and applications use
    • Define consequences for violating company security policies
    • Educate users

https://info.globalit.com/wp-content/uploads/2013/09/cyber-attacks-on-rise.jpg|https://info.globalit.com/wp-content/uploads/2013/09/complexity-of-it-security.jpg|https://info.globalit.com/wp-content/uploads/2013/09/information-leakage.jpg|https://info.globalit.com/wp-content/uploads/2013/09/denial-of-service-attacks.jpg|https://info.globalit.com/wp-content/uploads/2013/09/malware.jpg|https://info.globalit.com/wp-content/uploads/2013/09/phishing-social-engineering.jpg|https://info.globalit.com/wp-content/uploads/2013/09/human-error-malevolence.jpg

Internet Security|Webmaster