Tuesday, April 30, 2013

Warning signs that your email may be an attempt at "phishing"


Sometimes I send tips to all of my users about identifying threats on their computers. This will generally happen after someone's work email is hacked and everyone else in the company is sent a misspelled email from that person. I'd like to include one here in case it's useful to anyone as a quick user-friendly explanation of phishing.

You may receive a malicious email from internal to the company that attempts to trick you into entering your email password into a website. This attempt is called "phishing". Phishing emails are not always easy to detect, but these are some things you should look for in the future.




Taken individually, these signs don't necessarily mean the email is phishing. If something looks suspicious, then make sure you verify that the sender meant to send you the email. There is little IT can do to prevent this kind of attack, it's up to the individual to identify and handle these threats.

Saturday, February 23, 2013

Branch Office Move

My IT experience in the Marine Corps didn't include cable management, because well, in the Marine Corps there is no such thing. I recently finished moving the IT assets for one of our branches; servers, computers, phones. The project took two days and I think it looks pretty clean. I'll include some before and after pictures. We were moving from a 2-post to a 4-post rack. Let me know if you have any suggestions for our next office move. Here's the old server room:


Here's the new:



Contributors:
Matt Callaghan
Jesse Lawrence


Wednesday, February 13, 2013

ESET Full System Scans are actually a waste of time.



We receive a number of complaints regarding the timing of weekly ESET scans and the length of time they take to complete, stating the computers are unusable while its in progress. Also, the currently weekly procedure is flawed in that users can easily circumvent scans if they are in the after hours scan group by taking their computer offline. We could force the scan, but those same users would be stuck at 8 AM waiting for their computer to finish scanning for ~2 hrs (we have a lot of old computers running WinXP that ESET really takes its time with). 

We ran a report to find out how many threats are detected by the weekly OnDemand scan versus the other methods (Startup, Real-time, HTTP filter, Email filter). Using the Remote Administrator web interface, we charted a quick breakdown of the last 30 days:


Scanning tool detecting threats in the last 30 days.