Small Office and Home Routers Vulnerable To Web Hack

Who is affected with Small Office and Home Routers Web Hacks?
Anyone with a router or firewall is advised to make sure you are using something other than the default password or a simple password.

We have heard of this type of security risk before but until this week we have never seen the problem first hand. We have had 2 cases of routers being hacked and DNS entries being changed in 3 days and I expect that number to grow.

How It Works
What happens is malicious code is used to exploit DNS setting on routers with weak or default passwords. Once these DNS settings are changed, any PC attached to the device that uses those DNS records will be redirected to sites other than the site they were looking for.

What To Do
The best action to take is to prevent the attack by changing your router password to something secure using letters, numbers and special characters. Simply adding a “!” to an existing password makes your security exponentially better. We recommend your password be at least 10 characters long with a combination of letters, numbers and special characters.

If you are already affected you will need to contact your internet provider and see what DNS servers to use and then use those settings on your router. You will also need to change your password or you will risk having the same problem all over again.

If those settings are correct and you are still having problems it may be caused by something else. You can also contact us and we will help you.

We suspect that the attack is coming from a website that was visited but it could also come from spyware already on your PC. It is highly unusual to get such a rare attack on two completely different systems so close together and I expect the problem to grow over the next few weeks. Even if you are not affected, it is still recommended to improve your security by updating your password.

We secure all routers and firewalls we install for both our home and corporate clients but if we did not install your device you could be at risk and as a precaution we will be logging on to our corporate clients firewalls to confirm the security. If you need help or want more information feel free to contact us.

Using Windows 7 As A File Server In A Peer To Peer Network Fix

Windows 7 Peer to Peer Setup Fix

If you are using Microsoft Windows 7 Peer to Peer as a file server to share files to other XP or Windows 7 Computers on the network you may find that the network slows down or fails to connect after a short amount of time. You may also fin the following error in the Event Viewer of the Windows 7 Peer to Peer File Server:

Source: srv 
Event ID: 2017 
Level: Error 
The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.

If you need to share files off a Microsoft Windows 7 Computer to other PCs on the network you need to tell it to allocate resources correctly or you may experience problems after the share has been active for a while or when transferring files.

To fix the problem you need to set the following registry key to ‘1′ on the Windows 7 Peer to Peer File Server:

HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\LargeSystemCache

and set the following registry key to ‘3′:

HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\Size

Reboot after making these changes and you will find the problem no longer occurs.

Fix Errors When Opening Adobe PDFs in Windows 7

Occasionally Adobe PDF file will display an error and fail to open because of a problem with IE 8.

To correct the problem follow the steps below to configure Adobe to open PDF file in Adobe rather that in a browser:

1. Open Adobe Reader.

2. Click Edit | Preferences.

3. Click Internet in the left Categories pane.

4. Under Web Browser Options, deselect the Display PDF In Browser check box and click OK.

Change Default Libraries Folder In Windows 7

In Windows 7 when opening Windows Explorer it defaults to a libraries folder instead of opening up to a pane that has a list of current drives and there sub folders. There isn’t a way to change it in any setting in control panel but you can manually change the folder that opens when opening the explorer shortcut or using the shortcut Windows Key + E.

In Windows 7 hold the SHIFT key down, right-click on the shortcut and choose Properties:

To change the startup folder to (My) Computer, use this target path:

  • explorer.exe ::{20D04FE0-3AEA-1069-A2D8-08002B30309D}

Where the GUID {20D04FE0-3AEA-1069-A2D8-08002B30309D} represents the My Computer folder.

To change the startup folder to (My) Documents, use this target path:

  • explorer.exe ::{450D8FBA-AD25-11D0-98A8-0800361B1103}

Enable God Mode In Windows 7

There is a hidden feature within Windows 7 that allows a user to control and tweak features of their computer from one place. Generally users must dig threw the control panel and have to go threw various menus to tweak one feature of Window, but by using ‘God Mode’ a user can access just about every tweak for Windows in one place.

First users need to right-click an empty area of the desktop and choose “create new folder”

Once the folder is create right-click the folder and choose to rename it, copy and paste the following ” GodMode.{ED7BA470-8E54-465E-825C-99712043E01C} ”

Once created you can double click on the new God Mode icon, within God Mode users can tweak various settings within Windows

 

Solution: SBS 2008 Monitoring Database Full

When monitoring a Small Business Server if there are reports of numerous slow downs which can be caused when the database is full or nearly full. When the database logs are full there will be

1. Run services.msc.
2. Stop the Datacollectorsvc service(Windows SBS Manger Service), SQL Server(SBSMONITORING) service (To be able to unlock monitoring database files)
3. Change the name of those 2 files in case you will use them in the future:
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Data\SBSMonitoring.mdf
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Data\SBSMonitoring_log.ldf
to
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Data\SBSMonitoring-bak.mdf
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Data\SBSMonitoring_log-bak.ldf
4. Download http://cid-6ca40dd0d4c9caa6.skydrive.live.com/self.aspx/.Public/sbsmonitoring.zip file.
5. Unzip the zip file and copy those two files to C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Data\ folder
Note: you don’t need to do detach or attach database in SQL Management Studio. And that database has already been tuned by the SQL command above.
6. Start the SQL Server(SBSMONITORING) service
7. Start the Datacollectorsvc service(Windows SBS Manger Service)

Solution: OWA 2007, send as another user

In 2010 you can add the “From: “ option in the settings. Problem solved if you have the permissions as listed below.

 

In 2007 (exchange) things run differently. You have to log into the server and give yourself send-as and full access permission in the exchange management console. Just right click the user mailbox and it should be in there.

 

After a certain mystery period of time, the changes will take place. It can be several hours in some cases and I thought it didn’t work up until it suddenly began working.

 

Next, log into OWA using IE which is usually at https://mail.domain.com/owa. Log in as your main user. On the top right you should be able to click your name and then enter another mailbox. Type the name you want, such as “bmurray” and then click Open.

 

It should open in a new tab and show you that mailbox. Any replying or sending from here will be from that mailbox. Test sending mail and if you get a permissions error then it could be that it needs more time or you need to add yourself under send-as in the server.

 

Useful commands that may also need to be run: (I ran these first and it did not work, but it could have been delayed so I’m not sure which part of this is necessary)

 

Get-mailboxserver <servername> | add-adpermission –user <service account> -accessrights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin

Note: <service account> is your user and doesn’t need the <>. Same with <servername>.

 

Add-MailboxPermission -identity “user” -user “serviceaccount” -AccessRights FullAccess

Note: ‘serviceaccount’ is the person who wants permission on the mailbox for ‘user’

Solution: Common Server Slowdowns

Need IT support for my slow server“My server is slow”

A lot of the general server slowness I’ve been seeing recently has been with clients who use SQL daily. Some common solutions are below.

Do you Need Technical Support?

If the steps below do not work or you do not want to risk your data by trying to troubleshoot the problem your self, we can help. Simply call us or fill out the Free Onsite Evaluation form to setup a time for us to look at your issue and come up with a solution. We are not like other computer repair companies, we are computer network support specialists.

How can you tell it’s SQL slowing the server down?

Go into the processes in task manager and look for sqlservr.exe. If it’s taking up a lot of RAM, then it usually is part of the problem. For example, theirs is running at 2gb total between 2 processes. Normally it should be under 500mb but it depends on the system. There are cases when this is not true and they are fully functional with huge databases, but it is something to consider as part of diagnosing a slow server.

Open SQL Databases

Run MSSMSE (Microsoft SQL Server Management Studio Express) and connect to a database. Sometimes they are listed automatically. Server type should be Database Engine. Server name should be server_name\database_name such as APPSERVER\SBSMONITORING. Authentication should be Windows Authentication. Sometimes you can’t find the right names in the GUI and you can literally type them in and see if they open. You can also go into Services and check for database names in the SQL and MSSQL areas (for example, SQL Server (SQLEXPRESS) would be one). Sometimes you can click the dropbar for Server name and go to Browse and find them that way as well.

Once you connect, expand Databases to see the names. You can ignore anything that says System, master, tempdb, model, or msdb.

Shrinking SQL Databases

Shrinking databases is sometimes a good thing. It acts like defragmenting a hard drive and can help the server get to data quicker and easier. This should be done on large log files or databases if there are complaints about a program being slow.

First, view the log files by clicking on the database name and then clicking the New Query button. Type dbcc sqlperf(logspace) and then press the Execute button. Below the log file sizes are listed in the results tab. Anything over 20mb can be considered large. Take note of the names of the large databases.

If any log files are large, then run the following on it, replacing database_name with each database name:

  • backup log database_name
  • with truncate_only
  • dbcc shrinkdatabase(database_name, truncateonly)
  • Run dbcc sqlperf(logspace) again to see the new size, it should be under 1mb.

You can also use the GUI in MSSMSE to shrink the databases themselves. They can take minutes to hours to complete, depending on size, so give yourself adequate time to do this after hours, or just stick to weekends.

Right-click on the database name and go to Tasks, Shrink, Database. Click OK and let it execute. It should disappear when it completes. If you get any errors, it might be too large to shrink or busy at the moment. Like defragmenting, sometimes it requires space to shrink so you may have to increase the Initial Size and try again, which will be covered below in Optimizing. You can try again after shrinking the files. Right-click on the database name and go to Tasks, Shrink, Files. Under File Type, choose Data or Log and then click OK to shrink them. Make sure to go back and do BOTH Data AND Log. Do these same steps for each database that is necessary.

Optimizing Databases For Speed

There are a couple settings that will make databases slower or are bad in combination. Normally these settings can be ignored for small databases (under 50mb) since they don’t make a huge difference in speed for those, but large databases can be very slow because of them.

First, open MSSMSE and open the appropriate connections. Right-click on the database name and go to Properties. Under Options, we want to set Auto Close to False and Auto Shrink to False. Auto Close keeps the database closed between access and can make it very slow when it is constantly opening and closing. Auto Shrink is good for saving space on the hard drive but it can slow down a server if every time it expands the database to make room, this process shrinks it back down and they battle for size.

Next, go to Files. Here you can change the Initial Size (MB) to larger if you are unable to shrink a database down (see above) because the database is 500mb but it says 25mb as initial size. Increase it to over 500mb in that case so it have some room to shrink down. Normally this setting can be ignored. Autogrowth is the focus of this section. I suggest setting the Data File Type to By 100mb, unrestricted growth and the Log File Type to By 10mb, 25mb, 50mb, or 100mb in either restricted or unrestricted. If the log file is very small (< 5mb), then it doesn’t need to increase by 100mb each time, 10mb would be fine.

Corrupt SBS Monitoring Database

In MSSMSE, open SBSMonitoring, expand databases, right click it and go to Properties. If the size is over 2gb then it might be corrupt. Once it reaches 4.5gb it will be impossible to shrink down, and you know for sure it is corrupt.

Every SBS 2008 server has the database SBSMonitoring running, which can get corrupted and grow up to 4gb big. As your database is completely filled up, then you can replace it with a clean empty one, to install your new clean database, please follow these steps:

1. Run services.msc.

2. Stop the Datacollectorsvc service(Windows SBS Manger Service), SQL Server(SBSMONITORING) service (To be able to unlock monitoring database files)

3. Change the name of those 2 files in case you will use them in the future:

C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Data\SBSMonitoring.mdf

C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Data\SBSMonitoring_log.ldf

to

C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Data\SBSMonitoring-bak.mdf

C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Data\SBSMonitoring_log-bak.ldf

4. Download http://cid-6ca40dd0d4c9caa6.skydrive.live.com/self.aspx/.Public/sbsmonitoring.zip file. (I have these files now if we need them in the future)

5. Unzip the zip file and copy those two files to C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Data\ folder

Note: you don’t need to do detach or attach database in SQL Management Studio. And that database has already been tuned by the SQL command above.

6. Start the SQL Server(SBSMONITORING) service

7. Start the Datacollectorsvc service(Windows SBS Manger Service)

Solution: Corrupted updates for Symantec Mail Security (SMSME 6.5)

Upgrade to one of the following versions:

6.0.12 or higher
6.5.5 or higher

These versions increase the time allowed for the copy process to five (5) minutes.

 

If this issue persists increase the copy timeout using the following steps:

 

1. Run regedit.
2. Create the following DWORD registry key:

64 bit Operating System: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\SMSMSE\<version>\Server\DefsUpdateTimeInSecs
32 bit Operating System: HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SMSMSE\<version>\Server\DefsUpdateTimeInSecs

NOTE:  Replace <version> with the version of SMSMSE installed.  For example on a 32-bit system with 6.5 installed the key is: HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SMSMSE\6.5\Server\DefsUpdateTimeInSecs.

3. Set the value of the key to be the timeout in seconds.  For example to set a ten (10) minute timeout set the value to 600.
4. Close Regedit.
5. Restart the following SMSMSE service:

Symantec Mail Security for Microsoft Exchange

Solution: SBS 2008 Remote Computers

When you use mail.domain.com/remote to log in via remote desktop instead of setting up port forwarding. SBS has a way of automating this process. Remember to add users to each machine after you add it here so they can log in.

To connect a client computer to the network by using the internal Web site

  1. On the client computer, open a Web browser.
  2. In the address bar, type http://connect.
  3. Click Start Connect Computer Wizard.
  4. Follow the instructions in the Connect Computer Wizard to do the following:
    • Verify computer requirements.
    • Specify a user name and password.
    • Specify or verify the name and description of the client computer.
    • Assign users to the client computer.
    • Move existing user data and settings.
    • Assign the level of use for users of the client computer.