Author Archives: Web Admin

Loading
loading..

Malwarebytes Partnership Announcement

July 28, 2017
Web Admin
, , ,
No Comments

Malwarebytes Partnership Silver Partner logo

 

Covered Data is proud to announce that we are officially partnered with Malwarebytes, the leader in endpoint security protection.  We have used the Malwarebytes software for many years and are ecstatic at the opportunity to work with the experts at Malwarebytes.com in a larger way.  Our engineers and trained sales staff are at your disposable to help you design and implement the Malwarebytes multi-layer approach to security.  With the new release of Malwarebytes Endpoint Protection, you can finally within one install and one management console, cover 7 critical layers to security.
Contact us for a free trial.

[embedyt] https://www.youtube.com/watch?v=x5nNUXjRQro[/embedyt]

For more in depth description of the End Point Protection watch this video.

cyber security image

Fireball Adware – How to protect yourself

June 2, 2017
Web Admin
, , ,
No Comments

Malware Protection

The latest adware and malware on the market is what looks like a Chinese product called “Fireball” and has infected about 250 million browsers or 20 percent of the corporate networks around the world.  Several computer security companies have classified the infection as malware, but according to a Chinese digital marketing firm it is a research tool.

The danger is that it is exposing a great deal of your privacy information along with installing other unwanted plugins to your browsers.  It is all in an effort to boost advertising payments for the companies involved in releasing it.  For you, it is a dangerous software and allows others to gather information about you without you knowing.

From an overall security aspect, it is really dangerous and you or your IT department should find a way to protect you from it.  One very strong and prominent, but easy tool is from a company called Malwarebytes.  They have been around a long time and cleared millions of infected computers of malware.  We use them exclusively here at Covered Data.  If you are interested in a free trial of the latest release, please let us know.  We will send you a download link and the 30 day keys, with only a follow email from us about your thoughts on it.

Stay safe.

sb

Your Name (required)

Remove Powered by WordPress

June 1, 2017
Web Admin
No Comments

You can simply removed the Powered By WordPress credit link by placing the following in your customer CSS portion of your theme.

.site-info a {
   display:none;
}
We are using the TwentySeventeen theme that is stock with wordpress and the above CSS code removed the link for us.
We will update this post additional methods that might work for you.

Malwarebytes blocks recent ransomware Affirmation

May 13, 2017
Web Admin
No Comments

We received the following email from our good friends and partner following yesterday’s ransomware attack that hit over 90,000 computers, servers, and point of sale systems yesterday.  

We were really happy to have them reach out and reaffirm that we were covered. Are your computers covered?

Call us for free trial.

Hello Scott,

Within 12 hours, 81,000 infections were reported globally of the WanCrypt0r outbreak.

NHS reported 16 hospitals in the UK have been hit and can’t operate or admit patients because all data is encrypted and locked. Spanish telecom giant, Telefonica, was hit and responded by “desperately telling employees to shut down computers and VPN connections in order to limit the ransomware’s reach.” Banks, utilities, telecoms, healthcare and other industries are reporting similar experiences worldwide. At this time, this ransomware variant appears to be taking advantage of a known and patched Windows vulnerability.

Malwarebytes is protecting your organization against this specific ransomware variant. Our anti-ransomware technology uses a dedicated real-time detection and blocking engine that continuously monitors for ransomware behaviors, like those seen in WanaCrypt0r.

logo light

Malwarebytes 3.0 Defeats Ransomware

May 12, 2017
Web Admin
, ,
No Comments

Malwarebytes 3.0

We are sure you have heard about the latest Ransomware attacks that hit a record number of computers and servers, across a wide number of industries in Europe.  Rest assured, there were several in the United States as well.  Also, we expect that there will be more across the country, and many that we never hear about.

malwarebytes dark logoAre your PCs and Servers, mobile devices, and critical platforms protected?  It is critical to safety to take the necessary steps to secure your technology environment.  We are advising all of our clients that the first thing they need to do is make sure your computers are running Premium version of Malwarebytes 3.0.  The premium version of Mawarebytes easily defeats the recent attack that has taken over 90 thousand hospitals, hotels, point of sale systems, and more.

It does this by using the latest forensic and modern effective scan engine, software algorithms, and updated signature files on the market.  malwarebytes 3.0 went live with a completely new rewrite that was release to the public 6 months ago.  It uses the latest in computers security and incorporates the best of the best computer security from the ground up.

Contact us for a free trial of Malwarebytes 3.0.  Hands down the best malware protection software on the market. 

spam fighting

Spam Fighting – Built In Zimbra

May 11, 2017
Web Admin
No Comments

Zimbra Email and Organizational Collaboration Feature Built In

One of the great feature of Zimbra, in both the Professional Network Edition (paid and supported) and the Community Edition (free, community supported) is its built in spam prevention and antivirus solutions.  The spam feature is very easy to configure and as an administrator you have the option to be as tight or relaxed as is fit for your customers.  The use of global real time black lists is one of the best features available.  The are simple to configure by logging into the admin console/configure/Global Settings/MTA.  On that page you will find the several options pertaining to the use of RBLs.  You will click the add button in the section and then list the particular RBL that you want to use.

Here at Covered Data we use the following that are based on Zimbra recommendations and what is listed as what they are currently using:

List of Client RBLs:  zen.spamhaus.org, psbl.surriel.com, b.barracudacentral.org, bl.spamcop.net

List of Client RHSBLs:  dbl.spamhaus.org, multi.uribl.com, multi.surbl.org

List of Reverse Client RHSBLs:  dbl.spamhaus.org

List of Sender RHSBLs:  multi.uribl.com, multi.surbl.org, rhsbl.sorbs.net

Having these listed in the spam fighting configuration in Zimbra version 8.7.7 is for us, very effective.  The number of spam message reaching our inboxes is virtually zero and we are confident that it is because of this configuration.

We also have the following Protocol and DNS checks enabled:

PROTOCOL Checks:
Hostname in greeting violates FCS  (reject_invalid_helo_hostname) Checked
Sender address must be fully qualified (reject_non_fqdn_sender)  Checked
DNS Checks:
Client IP Address (reject_unknow_client_hostname) Checked.

These setting along with the standard Ham and SPAM learning features that is in effective keeps our company’s emails and those of our client clear of spam.

If you have any questions or would like a free consulation about setting up a very secure and full feature Email Server let us know using our Contact Form.  You can alsways call us as well 702.430.1849

zimbra image

Zimbra – Mail_Queue_Error FIX

May 10, 2017
Web Admin
No Comments

Our Server Upgrade

Just a quick post and sharing back to the community.  We managed, deploy, and sell service using Zimbra 8.7.7.  We recently went through an update from Zimbra 8.7.2 upgrading to 8.7.7.  After that we installed the zimbra drive and zimbra chat features.  For those you that have installed and upgraded in your past, the upgrade process is essentially doing an install.  For example, you cd (change directory) into the new zimbra software directory.  You then type the ./install.sh

zimbra image

You will be prompted to answer several questions.  The new questions we were asked is and answered yes to were when we came to zimbra drive and zimbra chat.  We said yes to both.  We were also asked if we wanted to use the zimbra repository.  Again we said yes.

Our Server Logs

Shortly after this upgrade we started to see the below in our /var/log/mail.log

May 10 20:57:18 zimbra06 postfix/postdrop[29838]: warning: mail_queue_enter: create file maildrop/229039.29838: Permission denied
May 10 20:57:28 zimbra06 postfix/postdrop[29838]: warning: mail_queue_enter: create file maildrop/229160.29838: Permission denied
May 10 20:57:38 zimbra06 postfix/postdrop[29838]: warning: mail_queue_enter: create file maildrop/229298.29838: Permission denied
May 10 20:57:48 zimbra06 postfix/postdrop[29838]: warning: mail_queue_enter: create file maildrop/229467.29838: Permission denied

Our Fix

To fix these errors we did the following:

su – zimbra -c ‘postfix stop’
killall postdrop
As root:
chown root.postdrop /opt/zimbra/common/sbin/{postqueue,postdrop}
chown root.root /opt/zimbra/common/libexec/ -R
chmod 755 /opt/zimbra/common/sbin/postqueue
chmod 755 /opt/zimbra/common/sbin/postdrop
chmod g+s /opt/zimbra/common/sbin/postqueue
chmod g+s /opt/zimbra/common/sbin/postdrop
chown root.root /opt/zimbra/common/*
chown root.zimbra /opt/zimbra/common/conf/
chown root.root /opt/zimbra/common/bin/ -R
chown root.zimbra /opt/zimbra/common/conf/*
chown zimbra.zimbra /opt/zimbra/common/conf/{master.cf,master.cf.in,tag_as_foreign.re,tag_as_foreign.re.in,tag_as_originating.re,tag_as_originating.re.in}
chown root.root /opt/zimbra/common/conf/{main*,snmp.conf}
su – zimbra -c ‘postfix start; postfix check

Final thoughts

Essentially what we believed happened, was that during the upgrade process something happened with the permission and the system was no longer able to write into the queue.  Although, email continued to flow as normal.  Our system is a relatively low use system at the moment and probably is able to handle email coming in and out and was fast enough, that mail could be delivered without having to be written.
Whereever the mistakes and or errors were created, we are no longer seeing the errors in our logs.  We pay for support from the Zimbra support team which is fabulous.  We also try to give back to the community when we can.  If anybody has comments posted them below.  Also, if you need some help or we can provide any guidance please let us know.  Use our contact form.
zimbra

How to Install/Uninstall Zimlets in Zimbra 8.7.7

May 5, 2017
Web Admin
, ,
No Comments

To install and uninstall a zimlet from zimbra 8.7.7

To Install:

As root:

You will first need to copy the zimlet into directory

/opt/zimbra/zimlets

As zimbra:  (su zimbra)

zmzimletctl install zimlet_name.zip
zimzimletctl deploy zimlet_name.zip
zmzimletctl enable zimlet_name

To Uninstall/Remove:

As zimbra:  (su zimbra from root)

cd /opt/zimbra/zimlets
zmzimletctl disable zimlet_name
zmzimletctl undeploy zimlet_name

To get a list of installed Zimlets:

zmzimletctl listZimlets

To get the details and information of a particular Zimlet:

As zimbra (su zimbra)

zmzimletctl info zimlet_name

For more information about the managing zimlets review the documentation posted here.

If we can help, contact us on our contact page.

 

Posted by Scott Barbour who has been running a zimbra server for about 6 years and currently has a hosting company and offering zimbra services.

 

 

attacking bear

Websites Under Attack – Got you covered

April 12, 2017
Web Admin
, , , ,
No Comments

I wanted to take a quick minute and tell you about our night on the web last night.  As web security experts with a long history of protecting, building, and creating wordpress websites, we have seen a quite a bit, but last night was special.  A couple of the sites that we managed and protect came under a sustained attack for a couple of hours.  These attacks had our phones blowing up with alert notifications every couple of minutes for hours.  We are used to it, and really don’t mind that much.  That is because we have over the years, become quite good at protecting our sites, and trust in our partnerships and the system that we have in place.

The graph below show you the number of attacks from last night.

attack capture

24 Hour Attack

We would love to tell you that it was the Russians, and indeed that has been the case in the past.  This time however, the attacker was from an IP adddress in the United States.   The main site causing all the noise last night was from a US based IP address of :

162.211.152.3United StatesUnited States2,157

Our security systems allow us to block most of the traffic geographically.  So, if you don’t have customer in the United states why expose your site to the rest of the world.  That is one theory anyhow, and you have to make a decision for your company, your security policy, affects on search engines finding you, etc.  In this clients situation the only country that is open is the United States.  However, country blocking wasn’t enough in this past attack.

You have to realize that in today’s world, the IP address in the U.S., might be compromised and actually be a device controlled by rogue hackers from another country.   It is critical that you have a rock solid firewall implementation that is dynamically based on live intrusion attempts across the world.  That you also protect yourself and ensure that your website is up to date constantly, and have some ability to recover if you find your site compromised and are monitoring alerts as things are happening.  Remember, the internet doesn’t sleep.

Our system can help you sleep at night and ensure your sites are always available.  Contact us for a free consultation.  Heck, we will even update your site for  you free of charge.

CD

 

New Update Facebook Page Photo

March 18, 2017
Web Admin
,
No Comments

We just recently updated our Facebook page to reflect our services.  You can see it here.

`facebook page image

Layout mode
Predefined Skins
Patterns Background
Images Background