Conficker is dead. Or is it?

Cast your minds back to 2009.  A nasty new internet worm is abroad and rampant.  These were the days of Conficker.

A lot has been written about this threat in the past.  The impact in 2009 was huge, with over 10 million infections and some of the compromised networks included the UK Houses of Parliament, and the UK MoD.  Embarrassing!  The worm was effective because it embodied multiple attack vectors simultaneously.  It famously exploited a weakness in Microsoft’s Netbios and took advantage of weak passwords.

So why mention this now?  Well, just last week a customer had their internet connection shut off because the ISP detected the tell-tale signs of Conficker – DNS requests for Conficker sinkholes coming from the customer’s router.  This cost the customer a lot in hours of support while we painstakingly scanned their network, strengthened passwords.  After a lot of searchng we found the culprit machines to be tills runnng Windows XP, with no Windows updates, hence prone to infection.  There is a moral here: expect the unexpected.  The pcs and laptops of the firm were reaonably up-to-date with Windows 10, AV protection, and updates.  No one thought the tills were a vector!

Thankfully I had been urging this customer to sign up to our AVG Managed Workplace service. This protects the customer by monitorng the devices on a network and making sure they get approved Windows patches and antivirus protection.  They had held off because of the (I would say reasonable) monthly cost.  Now they know how reasonable the monthly cost is versus the unexpected one of a virus outbreak, so they are going ahead with the AVG.  A lesson learned!

What steps can you take to protect yourself?

  • Make sure you have Windows Update working properly
  • Make sure you have effective antivirus
  • Consider the configuration of your firewall – you can use this to protect yourself and log any “dubious” traffic.
  • Be careful with Windows settings, such as “Autoplay”.  Allowing alien usb memory sticks onto your network can exploit weaknesses here and should be a no-no.

Alternatively, make life simple for yourself and engage a local friendly IT firm who can automate much of this for a small monthly fee.  We would be glad to do it for you and the cost is around £3 per machine, per month.  Not much for a whole lot of peace of mind.

 

To Purge or not to Purge…

That, for Princes of Denmark, and everyone else  is, of course, the question:
Whether ’tis Nobler in the mind to suffer
The Slings and Arrows of outrageously large Outlook profiles,
Or to take Arms against a Sea of emails,
And by opposing end them.

To what do we owe this hideous mangling of the bard’s words?  I seek to enlighten users of Outlook on this vexatious topic.  Purging here refers to the final deletion of emails that you have already placed in the deleted folder.  To use current terms it is “hard” deletion rather than “soft” deletion.  Once you have purged the emails they are gone for good – the only way back is to find them from a backup – if you have one.

So why would you purge?  The idea is to minimise the size of your Outlook .pst file, or profile.  Over time the profile grows and performance becomes sluggish.  You may experience instances of the dreaded “Outlook is not responding”.  Purging makes it all better.

You can purge manually or automatically: Microsoft tells you how.

 

 

Why does Word screw up URLs?

I’ve been using Word for a long time – more than 20 years!  I recently stumbled upon a “feature” which has caused me a bit of grief over the years and how to turn it off!

This is described in a Microsoft article, on using absolute hyperlinks.

The thing is that the option to use an automatic relative hyperlink is selected by default.  So unless you un-select it those lovingly crafted absolute links of yours along the lines of http://mydomain/webthingy/index.html will get turned to files:///c:users/dopeyworduser/appdata/webthingy/index.html when you save!

Perhaps someone could point out to me the benefit of having this defaulting to “on”?  I ask this as a long time “Dopey word User” who now knows better.

What are my email settings?

Mail settings you might need when we are your email provider

 

Name of setting      Setting Description
Full Name Choose your sender name as you would like it to appear in messages that you send. Example: Eric Flounder
Email Address Your email address for this account, such as flounder@flyingflounder.co.uk
Incoming mail server settings – use the bold settings
These settings are for downloading messages (receiving email) from your email provider’s mail server.
Account Type Choose IMAP*, POP  IMAP
Description Choose the name that Mail will use for your account, such as Job or Home
Incoming Mail Server (host name) The host name of the incoming mail server, such as mail.domain.com. mail.flyingflounder.co.uk
User Name Your user name is the same as your full email address as your user name. flounder@flyingflounder.co.uk
Password The email password you use to sign in to your account. as supplied by us
Port The port number used by the incoming mail server. Common port numbers for incoming mail are 143 and 993 for IMAP accounts, and 110 and 995 for POP accounts. Port 993
Authentication Choose Password, MD5, NTLM, Kerberos, or None, as directed by your email provider. Password or MD5
Use SSL? Does the incoming mail server support SSL (Secure Sockets Layer) or TLS (Transport Layer Security) encryption? STARTTLS
Outgoing mail server (SMTP) settings – use the bold settings
These settings are for uploading messages (sending email) to your email provider’s mail server.
Outgoing mail server (SMTP) The host name of the outgoing SMTP (Simple Mail Transfer Protocol) server, such as smtp.example.com.mail.flyingflounder.co.uk
Port The port number used by the outgoing mail server. Common port numbers for outgoing mail are 25, 465, and 587.Port 587
Use SSL? Does the outgoing mail server support SSL or TLS encryption? STARTTLS
Authentication Choose Password, MD5, NTLM, Kerberos, or None, as directed by your email provider. If None, you may need the additional settings below to send email when you’re on a different network, such as from a Wi-Fi hotspot or Internet cafe.  Password or MD5
 We are here, and happy to help if you get stuck!