Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Alex Allen

Pages: 1 [2] 3
6
News and Events / Closed Hours for Access Control Programming
« on: June 26, 2015, 12:25:39 pm »
Dear Valued Clients,

Please email me your closed hours for the 4th of July if you will be closed pre or post days.

Thank You
Alex

7
News and Events / Introducing EyeBlock
« on: May 25, 2015, 12:22:47 pm »
Dear Valued Clients,

As we try to surpass your expectations and protect you from the outside in, EPS would like to announce a new service we have put in place, EyeBlock. As some of you might have noticed you are no longer getting "DMIPC create fail" and "HTTP Server crash". For our Beta sites that were attacked more frequently, it has been eliminated or reduced dramatically. We would like to announce that we rolled this out for All our clients as well as clients of our CCTV partners.

With this service EPS has effectively blocked 1,945,354,182 IP addresses and counting from accessing your system and the program maintains a 7 day log that is available upon request. Currently most US IP addresses have access to systems until they violate your DVR. When this occurs they are put in our master list and ALL EPS monitored DVRs will check for new Blocked IP every two days and add it to your DVR.


Thank You for your Trust,
Alex Allen

8
News and Events / Windows Critical Updates
« on: November 21, 2014, 04:10:00 pm »
Dear Valued Clients with Domain Controllers;
FYI; an out of cycle patch by Microsoft has released an update to patch a critical security hole that is being actively exploited to hack Windows-based servers. A flaw in the Windows implementation of the Kerberos authentication protocol allows attackers with credentials for low-level accounts to remotely hijack extremely sensitive Windows domain controllers that allocate privileges on large corporate networks. The privilege elevation bug is already being exploited in highly targeted attacks and gives hackers extraordinary control over vulnerable networks.

From SANS NewsBites Vol. 16 Num. 93
--Microsoft Issues Emergency Patch for Flaw in Kerberos Authentication Protocol (November 18 & 19, 2014) Microsoft has released an out-of-cycle update (MS14-068) to address a critical flaw in the Kerberos authentication protocol that is being actively exploited. The vulnerability can be exploited to elevate privileges to those of the domain administrator. The issue affects all currently supported versions of Windows and Windows Server. The protocol manages authentication for Windows PCs on local networks. The problem is more serious for Windows Server than for Windows home users.


https://technet.microsoft.com/library/security/MS14-068
http://arstechnica.com/security/2014/11/unscheduled-windows-update-kills-critical-security-bug-under-active-attack/
http://www.theregister.co.uk/2014/11/18/youll_most_definitely_believe_what_microsoft_did_today/
http://www.zdnet.com/details-emerge-on-windows-kerberos-vulnerability-7000035976/
http://krebsonsecurity.com/2014/11/microsoft-releases-emergency-security-update/


Internet Storm Center:
https://isc.sans.edu/forums/diary/Microsoft+November+out-of-cycle+patch+MS14-068/18967

9
How Tos / Changing Access Control Schedule for Doors
« on: November 13, 2014, 12:40:58 am »
Dear Valued Clients,
If you are up for the challenge here is a howto in programming your doors. Of course EPS will do this for you, we need your store Holidays and at least 2 hour heads up on door schedule change. I will post a Holiday How To in the coming weeks. I have included a link to the manual below for your convenience.

As always, it is a pleasure working with you.
Alex Allen


Programming your door hours can be done from your remote application away or at your office. Follow these steps and it will walk you to your system.

Step 1) From Internet Browser, navigate to your Website built for you by EPS. This is generally bizname.eyeconsolutions.net. If you are unsure of your website please call your EPS contact to resend link. Select corresponding location whether you are onsite or offsite for Access Control illustrated in Figure 1.


Figure 1



Step 2) System Selection page, select ASWEB link illustrated in Figure 2.


Figure 2
*Note* If you receive a page cannot be displayed or any other type of error please add site to compatibility view. For help call and speak with EPS contact or I and we will help you add to compatibility mode or follow this link  http://windows.microsoft.com/en-us/internet-explorer/products/ie-9/features/compatibility-view for instructions.



Step 3) Login to your system. Username and password are the same as DVR if you are authorized User. Illustrated in Figure 3 If you need authorization please speak with owner or person in charge of security at your location to have account created in the AsManager System. Authorization forms will be needed, signed by Owner or known Management at your business and can be obtained by calling Technical support.


Figure 3
*Note*
Want to know if your Internet Passwords are safe?
If you would like to test your password go here.
https://www.microsoft.com/en-gb/security/pc-security/password-checker.aspx
If your password reports back "weak" please contact us and we will change it to something stronger on EPS managed services.



Step 4) When you log into your system click the "Controller List" icon. Illustrated in Figure 4


Figure 4



Step 5) After the Controller has loaded into window, select gear with pencil. A blue square will surround gear. Illustrated in Figure 5


Figure 5



Step 6) Use mouse and select door you wish to reschedule. Illustrated in Figure 6


Figure 6



Step 7) When you have selected the door you wish to change the box on right will fill with door configurations. Select "Authentication Schedule".  Illustrated in Figure 7


Figure 7



Step "8") The next screen is the time programming for the desired door. From here you will select whether you wish the doors to be "released"(unlocked) indicated with blue or "Card or Common Mode" (locked) indicated with yellow. At first it will be a little tricky, however; changes do not take effect until you click "Save". When you move the mouse over the time span you will notice a red line indicating where it is at on the schedule. Single clicking and holding down, you will be able to drag the time either way for that day. The time will display as you adjust and depending on where you are located, it may be a little slow. They are in 5 minute increments. Figure 8


Figure 8

You will have to adjust each day accordingly. To change another door just select the door you wish to change following Steps 6 though "8").


Once you have made your adjustments click save and log out, schedule has been changed. Due to the importance I highly recommend testing doors the first few times you make adjustments. Once you get the hang of it you will gain more confidence in setting the doors time.

Of course if you have any issues or problems you may call me anytime, 24/7 if needed.

Resources

Manual For the Nerdy Nerds, please note that the manual is for AsManager Version 4.2.3. This is the latest version and your system may be 1 or 2 version behind, however; the programming is pretty much the same. If you are wanting to upgrade your AsManager please call EPS technical support and we will be more than happy to upgrade remotely.

Manual download http://eyeconsolutions.com:85/eps-snapshots/ZZZ-Tutorials/AsDoorSchedule/GV-ASManager User Manual(ASMV423-A-EN).pdf

Mobile Access to control your doors, gates and other devices. Download "GV-Access V1.0" and give us a call to assist in setting up! Please remember, a user will need to be created before access to system from smart phone can happen.
http://www.geovision.com.tw/english/5_8_App.asp

10
News and Events / Computer Security for your DVR
« on: May 11, 2014, 05:58:42 pm »
What is happening?

As most of you have seen in your topics we monitor your DVR's firewall for malicious activity in the "Computer Security" topic. Your DVR is internet facing, meaning that it is open to the world so you can get to it from your computers and mobile devices from outside your business. Unfortunately, so can everybody else that finds it and can try to break into it.

Geovision has a feature that will only allow 20 connections to the Web portion of the DVR, this helps reduce the attack surface of the DVR and gives password bots only 20 tries before it crashes. (Believe me brute force attacks can range in the thousands!) On our end when this happens we receive an email that the application has crashed and we look into your DVR's firewall and log find offending IP and block the entire range that it belongs to. When your DVR is attacked by a compromised US system we only block the IP unless it is a smaller ISP; then we block all their IP's and send out a cease notification of attack to the Domain admin of IP.

During this attack when the Web server goes down we do not loose your cameras, Geovision has many processes to ensure its availability on the monitoring side. This only affects when you try to access your cameras from your computer and smart phone.

Am I safe from hackers?

Once a month we perform Microsoft Updates and Security Patches on your DVR's, this is another reason we use a computer based DVR; most Linux based systems are never updated. If you understand the Process of Updates then you know it must be broken before it can be fixed. Therefore, there is always the possibility that a compromise can occur. With this in mind, EPS has programmed your DVR to only accept calls from our static IP's and block everyone else on our remote applications. The web portion is the only program vulnerable, so we monitor it.

As our company grows we anticipate the attacks to increase and possibly to be targeted by professional hackers. We have already noticed cross site hacking attempts from one hacking IP to different clients. To protect your DVR's when we see an increase without a decrease we will move your DVR's web facing port to a different port; so basic scanning will not detect open port. This does not mean you are invisible but sort of hidden from drive by port scanning. If this doesn't remedy the attacks, we will have to shut down your web server temporarily and re-enable later and monitor for continued attacks.

Want to know if your Internet Passwords are safe?
If you would like to test your password go here.
https://www.microsoft.com/en-gb/security/pc-security/password-checker.aspx
If your password reports back "weak" please contact us and we will change it to something stronger on EPS managed services.



What am I looking at in my post?
To help you understand what your are seeing in your posts I have included a sample with descriptions.

     IP Address assigned to: BRAZIL <--This is the country attacking your system.

     IP Address: 189.112.76.100 is located within the following Network:

     Network: 189.112.0.0
     CIDR: 189.112.0.0/16
     Mask: 189.112.0.0/255.255.0.0
     Network Range: 189.112.0.0 - 189.112.255.255
     Total addresses: 65,536 <--These are the amount of IP's that we block in your DVR's firewall

     Reputation Score for 189.112.76.100 = 4. <-- if you see this in your post, chances are they are pros and the higher the number the worse they are



After accumulating over 60 million blocked IP's from your DVR systems collectively; I started posting in the forum and stopped logging them. Once an IP or an range of IP's are added the your DVR's firewall they are blocked from attacking the surface.

If you have any questions feel free to reply or call me any time.

Alex Allen

Pages: 1 [2] 3