KRACK Attack Mitigation Simplified

As of this writing, wireless device manufacturers are scrambling to address the new KRACK attack, a flaw in the ubiquitous Wi-Fi Protected Access 2 (WPA2) protocol that allows an attacker to gain access to your Wi-Fi network. We’ve been watching carefully the response from several Wi-Fi manufacturers. To date, we like the Security Advisoryfrom LinkSys as the most rational and pragmatic. You can go a step further too, and in your wireless router change your… Read more »

Zimbra 8.8 Upgrades Are Coming – Are You Ready?

Zimbra 8.8 upgrades will be unlike any previous Zimbra upgrades. In this post I explain how and why, and how your upgrade migration options change. Zimbra 8.8 – The Killer Release Zimbra 8.8 is a melding of the refined code base from Zimbra 8.7, the Administration modules from the proven Zextras Suite and some nice new features including the reintroduction of Chat, Zimbra Drive for file sharing, a high-performance IMAP engine and a ton of… Read more »

Windows 10 In-Place Upgrades? Nope…

With the Creators Update version of Windows now well-sorted and generally available, a number of our clients have asked us to upgrade their existing workstations to Windows 10. We respectfully, but incontestably, refuse. While it may be that an existing workstation could technically be able to be upgraded to Windows 10, in our experience, except in large shops that make use of remote imaging, it is always more expensive to do so than buying new… Read more »

Software Quality, Bugs and Cash Liabilities

In the tech business, there’s an old adage that “All software has bugs; all hardware eventually fails.” As we all know, some software is a lot crappier than other software.  In certain industries (like aviation), software goes through some pretty rigorous unit testing and quality assurance (“QA”) processes.  Glitches like the Boeing Dreamliner generator bug, which caused the FAA to issue an immediate Airworthiness Directive without any time for comments (because things like “…loss of… Read more »

WannaCry Ransomware, AlienVault, Barracuda and BitDefender

The news media is worrying that tomorrow (Monday May 15) may be a big day for the WannaCry ransomware as folks get back to their offices to greet their PCs. If you see this image below, you’re infected. Unplug your computer’s network cable and/or turn off wireless so the thing can’t spread any further and give us a call. This weekend gave IT staff everywhere a chance to catch up and, if necessary, scramble to… Read more »

AlienVault Security – Year In Review

Reliable Networks recently celebrated our one-year anniversary as an AlienVault Managed Security Partner, and I thought it would be helpful to share some of the stories as to how our AlienVault clients benefitted during the past year. For those new to AlienVault, the service is a USM (Unified Security Management) platform that provides five essential security functions in one integrated deployment: Asset Discovery Vulnerability Assessment Intrusion Detection Behavioral Monitoring SIEM (Security Information and Event Management) A… Read more »

The Case For Carrier-Diverse Redundant Internet

As more and more applications and data move to a Cloud environment, it becomes increasingly important to deploy carrier-diverse redundant Internet in one’s offices, along with a firewall/router that can do automatic failover/failback between the two carrier’s circuits. Challenges We recommend this even for clients who are still hosting on-premises, because if you have just one circuit and your ISP goes down, your customers, suppliers and remote employees can’t reach you, and vica versa. The problem… Read more »

Zimbra NYC Commit Wrap Up

Two weeks ago I was in NYC for a few days attending Zimbra NYC Commit, a summit ostensibly for the Open Source community but also for Zimbra Partners. Now that I’ve had a chance to catch up I wanted to share with you what we learned. Code Refactoring First, Zimbra development staff during the past six months have pretty much kept their heads down doing some fairly massive code cleanup and putting the new agile deployment plan… Read more »

Spam Control – Size Matters

During the past few weeks we’ve seen increasing amounts of spam sneak by our multi-layered anti-spam protections in front of our clients’ Zimbra and Exchange email servers. Over the weekend we cracked the code and made some changes to our Barracuda anti-spam system to address this. The quickie back story is that pretty much all spam filtering appliances have some criteria by which email is not fully examined because it is almost assuredly not spam…. Read more »

Anatomy of a Phishing Scam

As the saying goes, “Even nice people get phished…” and when we work with a client to set up a security test, typically some staff fall for the phishing email we set up to test them (and let them know that the test was coming, too!). Well, today several of us received a phishing email purporting to be from Zimbra (we are a Zimbra Partner), and I thought it would be helpful to use this actual… Read more »