Diary of a Network Geek

Because having a disposable email means having privacy.

I hate spam. I mean, I really hate spam and spammers with a passion. As a system administrator, which is what I really am no matter what fancy title I may currently have, I can tell you that dealing with spam is the single most time-consuming and irritating thing about having an email server. The last time I checked, spam accounted for something like 75% of all email communication. The problem is, a lot of the time, to get the one thing you want from a site, you are forced to sign up for an email newsletter that you don’t really want. Now, don’t get me wrong, I actually like email newsletters. I subscribe to several and I’m even working on setting up one of my own. But, for those times you really just want the one “free” download a site is offering and don’t have any intention of coming back, what are you to do? Or, what if you’re not even sure that it’s a legitimate download or website? Maybe you’re afraid that a hacker has set up a site just to collect personal information, what then?
Well, then, you use nBox by notif.me to setup a free, anonymous and private “burner” email for any site you want to sign up for. You can then choose how and when you’re notified when they send something out. You can even delete the addresses you’ve used for sites you don’t want to be bothered with any more and *poof* they’re all gone, all at once.
And, yes, it’s free. How? Well, it’s free because it’s notif.me’s way of advertising and getting the word out about their service.
So, why not try it and take control of your email notifications this fine Friday?

No, that’s not a typo.

This month, I’ve been dealing with a higher than normal amount of phishing emails at work. For those of you not in IT, those are the emails you get that have links which look like legitimate links, say to your bank, but that actually redirect you to a compromised website that collects your username and password for a hacker’s later use. They’re worse than regular spam email, but not quite virus payloads. Either way, they cause me no end of grief. Normally, I don’t have a hard time spotting them, but even I have to admit, these cyber crooks have gotten really clever lately.
So, this week I’m bringing you something rather more important and educational than it is strictly “fun”. Still, if you bear with me, and follow the link, you’ll be helping yourself and endearing yourself to your IT Department. Trust me.
The link is to Google’s phishing quiz and it’s meant to both test your knowledge and skill at avoiding phishing emails. As an IT professional, I can tell you, it’s harder than it looks. Honest. The first time I ran through the quiz, I missed three of the eight questions, though, one was a “false-positive”, which means I was leaning more toward safety by the end of the quiz. In any case, after you answer each question, the site takes you through what was wrong, or right, about each email.

So, yeah, not the most traditionally “fun” thing for a Friday, but it is a kind of game, so I’m going to count it!
And, with any luck at all, by this coming Friday, I may be finally able to reveal one of the things that’s been keeping me from writing up better stuff for you on Friday’s the past month or so.

This post originally appeared on Use Your Words.

There’s a special place in hell for scammers that take advantage of the technologically weak.

Okay, yes, in some sense, my entire career is based on being more tech savy than pretty much everyone around me, but I’m pretty open about what I’m doing. Also, I’m actually trying to help and, frankly, it’s what I get paid to do. I mean, I make a deal with someone to actually help them with technology for money. What I don’t do is create a problem before I help solve it. That is both unethical and, for the most part, illegal.
Two plus years ago, when I was looking for work, I actually got a call from someone claiming to be from the “Windows department” and trying to convince me that I needed to let them on my computer so they could fix a Windows problem for me. I’m afraid that my twenty-five year and change of IT experience and having to fix the problems caused by these bastards led me to really hammer this scammer hard. I mean, to the point of calling him back and literally yelling at him over the phone about how he was a terrible human-being for trying to take advantage of people who are afraid of technology on which they rely. And, my own mother, who is in the scammer’s favorite category; older, retired, and with at least some disposable income, has stories of dealing with scammers like this trying to get her to give up her credit card information. Thankfully, I’ve trained her better than that and she didn’t fall for it.

Now, I know that these scammers aren’t limited to tech-related issues. They’ll come at you trying to convince you that they have cheaper airfare for you, or some other “too good to be true” deal. My mother and I have both been know to play with scammers like this, I suppose because we have a similar sense of both humor and justice. But, guess what? There are people who have elevated this to a real art. Or, maybe a sport. In any case, they’re brilliant and some of them have recorded their exploits for our entertainment. You can finally see and hear some of these scum-sucking bottom-feeding scammers get what’s coming to them at the hands of some scam-baiting artists over at Engadget’s blog post Making A Living Scamming The Scammers. Some of these go on for quite a bit, but it’s terribly fun to watch these scam-baiters messing around with terrible, heartless scammers.
Besides, how are you going to waste time on a Friday?

This post originally appeared on Use Your Words!

Frustrated with email limitations on big attachments?

Lately, I seem to be offering up solutions for email problems. I guess, email is on my mind lately. Don’t get me wrong, I love email. I frankly think it’s one of the most incredible things about the internet and quite possibly the greatest invention since sliced bread. Seriously. Think about it. Email connects us almost instantly with virtually anyone else in the world who has an email address. No time spent waiting for postal carriers to get a letter from where we are to where they are which might take days or weeks. Just near instantaneous communication.
Of course, there are some limitations. Obviously, I can’t send someone physical objects directly via email. I suppose, though, that when 3D printer technology catches up to our imaginations, we could send the digital files for some object and then you could print it locally, but that’s far, far in the future. Also? Most email systems have pretty strict limits on how big a file you can even send. Most top out around 25 megabytes, but some are really strict and are capped at as little as 5 megabytes. So, what can you do to keep those limits from killing your ability to share your big, beautiful Photoshop files? Where there’s a will, there’s a way!
In this case, the way is Send by Firefox. Yes, by the people who make the Firefox web browser, but, no, you don’t have to have Firefox to use it. You can watch a small video of how it works here, but really, it’s just a matter of uploading a file and following the instructions. They do recommend that you keep files under 1 gigabyte, but if you’re sending files that big, you’re really better off talking to your IT Department about setting up an FTP server for you. (Don’t worry, they’ll know what that means.)
In any case, this should be a simple solution for you under most circumstances.
And, that’s about the best you can hope for on a Friday!
Enjoy your weekend and I’ll see you back here next week!

This post originally appeared at Use Your Words!

In the Christmas spirit of giving, give the scammers a headache.

I don’t know about you, but this time of year, I seem to get twice the number of scam and spam email that I normally get. It’s pretty terrible. I mean, most of the year, it’s bad enough, but we are all extra busy this time of year and have even less time than normal to deal with these bottom-feeders of cyberspace. I’m NOT an advocate of the infamous “hack back” strategy, even for well-heeled corporate IT departments that can staff skilled anti-hackers, but the idea of an artificially intelligent email bot that annoys and harasses email scammers is a little different. For one thing, it’s just annoying email. For another, it’s automated.
All you have to do is forward the scam email to me@rescam.org and let the games begin. The Re:scam email bot will reply to the scammer and tie them up with an almost endless stream of questions and “personal” anecdotes so the scammers are kept busy and, yes, tortured just a little bit. And, they’ll forward you the email conversations afterward, for your amusement.
No, it’s not nice, but, let’s face it, these email spammers aren’t exactly on Santa’s “Nice List”, if you know what I mean.

So, head over to Boiing Boing and read about the Re:scam email bot and enjoy your Christmas shopping!

This post originally appeared at Use Your Words!

Or, at least, all robocallers.

So, lately, I’ve been digging through my files, finding links I saved ages ago to share with you, my few loyal blog readers, and I’m the first to admit that it’s been a mixed bag.  Some have been fun.  Some have been lame.  But, this one actually solves a problem for you.

Do you get automated calls?  Maybe you signed up for a catalog ages ago, or maybe you thought that timeshare in Miami was going to…
Read More

No, not your personal name, network names!

Yeah, since I’ve been thinking about computer security a little in this new year and new decade, I’ve noticed a slightly disturbing trend.  Spammers have been working at redirecting you to compromised domains.  One way they do it is something called DNS cache poisoning.  Another is straight-up DNS hijacking.

Okay, let me back up a second.  For my slightly less-technical readers, DNS stands for Domain Name System.  That’s the system of servers that translates website names, like “www.google.com”, into addresses that your computer understands and can connect you to via a browser.  It’s how you found my blog, though you may not have even realized it.
DNS Hijacking is usually accomplished via a “rouge” server, which is a server setup by spammers to publish bad information.  The more usual method, I think, and more insidious, is DNS cache poisoning.  With that method, spammers trick good, valid DNS servers into updating their records with bad information.  Giving them poisonous information, if you will.

So, now, back to the hard-core server admins.  Last week I was reminding everyone that the start of a new year is a great time to change passwords, but it’s also a great time to check on other security issues, like your DNS.  Luckily, Michael Kassner over at TechRepublic has written a blog post titled Test your DNS servers for spoofability.  It’s worth a read and worth running through.  Maybe even making it a regular practice, to see if your DNS has been compromised.

Oh, and if you all want to read more about DNS, and how to implement it, there’s a great book from O’Reilly titled [amazon_link id=”0596100574″ target=”_blank” ]DNS and BIND[/amazon_link] that’s well worth owning.  Trust me.

Advice from your Uncle Jim:
"May you live all the days of your life."
   --Jonathan Swift

It’s a dangerous digital world out there!

As I’m sure you’ve seen this year, there have been lots of warnings about increased malicious activity.  Everything from phishing to new malware, the cyber-criminals are really working overtime to make your life a living hell.  There’s plenty you can do to stay safe, like only going to sites that you know and not opening attachments from strangers, or even from friends that don’t normally send you attachments.  But, let’s face it, sometimes, things slip by you.  So, what else can you do, especially when you don’t have money to spend on high-end security tools?

Well, check out eWeek’s list of 9 Free Security Tools to be Thankful for and start using them.  At least make sure you have some kind of anti-virus installed.  There are several suggestions on that list.
And, be careful out there!

Advice from your Uncle Jim:
"Some cause happiness wherever they go; others whenever they go."

Wow, even computer crime is a “family” business these days!

Hey, look, I’m from Chicago, where you can’t hardly swing a dead cat and not hit a mobster, but this surprised even me!  Apparently, according to an article that ran on CNet, 85% of all stolen data last year was linked to some kind of organized crime.  And, 38% of data breaches used stolen credentials.

But, also, people are getting rich protecting us from the threats they create!  Seriously!  According to this article at eWeek, that’s just what some of the botnet crooks are doing.  And, remember, this is BIG business.  We’re not talking about a couple hundred infected PCs, we’re talking about tens of thousands.  There are websites dedicated to the buying and selling of the data these things collect and renting out the zombie PCs to do your dirty work, like send spam.  It’s big business and where there is big money to be made doing illegal things, there’s always been organized crime.

More and more, life is becoming like a William Gibson novel…