Fortress Data Protection

In this brief report, I’m going to describe three of the basic aspects of computer troubleshooting that anyone can use in their attempts to diagnose and repair computer problems.

There is a strategy for computer troubleshooting, and tactics to implement. Our overall strategy I call “Divide and Conquer”. Basically this means we will go through a process of evaluation of possibilities and eliminate (or confirm) them one by one. In this step by step process, we want to use two important tactics.

Our first important tactic is to collect data. Sometimes I call this the “Discovery Phase”, because we want to get details about the problem(s) that are arising with the “troubled” computer. Maybe the video output is always black. Maybe a web browser always reports an error connecting to web sites. Maybe there is a recurring error message whenever a specific application is started.

Our next tactic is the “Substitute Known-Good” method. In this method, we have already tentatively identified a likely cause of the observed problem. For the scientifically inclined, we call this an hypothesis. We can often test our hypothesis using a “known-good” piece of hardware.

For example, say a user reports a computer has a blank screen. We can ask if any lights or fans are on, when they try to start the computer. If onsite, I will examine the computer myself and try to start it. Let’s say there is no video output, no lights on the front panel of the computer, and no fans turning inside the case. One thing we can do is test that the computer is actually getting power. Here the hypothesis may be that the computer is not getting power, because there is no power being supplied at the outlet. Let’s say a quick test using a floor lamp reveals that the outlet is supplying power (the lamp lights!). Our first hypothesis is proven wrong.

Since the most common component to fail in a computer is the power supply, our next hypothesis is that the computer’s power supply has failed. This can be tested with the “Substitute Known-Good” method. Simply replace the existing power supply with a new (or at least known-good) power supply, and see if the problem is fixed. If it is, we have proven the truth of our second hypothesis, and the computer’s problem is solved.

In our example we used the “Divide and Conquer” strategy because we collected data, looked at likely causes, and tested them in turn.

You can use the tactics of collecting data and substituting “known-good” components to solve computer problems.

Good luck and have fun!

Dr. David

Filed under: Blog by David Johnson
No Comments »

Leading antivirus vendors in the United States include Computer Associates, Mcafee, Microsoft, Symantec, and Trend Micro. Microsoft acquired several companies over the past decade, which provided security components that they have built into their Windows Defender and other product lines.

Outside the United States, several companies are building market share in the international security software business. These include F-Secure in Finland, GriSoft in the Czech Republic, Kaspersky in Russia, Panda Software in Spain, and Sophos in the United Kingdom.

The antivirus software market is a rapidly changing one. A huge amount of effort is required to find and provide fixes for viruses. Malicious programs are getting more complex and the number of them is constantly increasing. Many companies may find themselves without the resources to effectively combat this threat. Moreover, the new viruses are getting “smarter” in that they propagate themselves quickly, often moving across the local network to infect numerous computers. They often hide themselves by moving around in a system and by renaming themselves. Viruses that rename themselves to names close or identical to legitimate system files can be difficult to detect. The capabilities of malicious software has multiplied, and now there are software threats that send emails, act as servers, and provide remote control of system functions. Malicious software often combines multiple features of viruses, trojans, emailers, etc., and these are called “hybrid” threats.

Although my recommendations for a good antivirus program has changed over the years, at the time of writing, I like AVG by GriSoft.com. It comes in a free and a paid version; see the site for specifics about their licenses. AVG antivirus actually does a good job at detecting lots of different kinds of malware, including viruses, trojans, rootkits, and various adware.

For companies with about ten or more computers, it makes sense to consider a provider of endpoint security services that can roll out protection to every computer and manage it for you. Endpoint security solutions from Fortress Data Protection provide effective and totally automated antivirus and anti-spyware protection.

Filed under: Blog by Dr. David Johnson
1 Comment »

A botnet is a network of compromised computers that can be remotely controlled by an attacker. The individual computers are sometimes called zombies.

Hackers infect computers, usually via email or websites, and group them together under their control to send illegal spam, carry out attacks on web sites, or propagate viruses.

It’s usually quite difficulty to track down the owners or operators of the botnets, who are sometimes called Botmasters. A disturbing trend is an increasing use of botnets in extortion schemes. How? Imagine someone sending you messages to either pay up or see your web site crash.

Botnets can consist of hundreds of thousands of compromised machines. Such large networks can be used in Distributed Denial-of-Service (DDoS) attacks. These attacks seek to make websites unusable, as servers are inundated with targeted bogus traffic. The affected web sites are made to appear offline.

Some security researchers are using Honeypots to combat botnets. Honeypots help discover how attackers infiltrate systems. A Honeypot is essentially a set of resources that one intends to be compromised in order to study how the hackers break into or use the system.

Hobbyists can run a Honeypot. But they must be exposed to the Internet, not usually behind an effective firewall. Routers for small offices often have a “DMZ” setting that allows a Honeypot to be deployed even in a small network.

A great site for more information on this topic is The Honeynet Project (http://project.honeynet.org) which describes its objective as “To learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned.”

Filed under: Blog by Dr. David Johnson
3 Comments »