Recent Posts

Pages: 1 [2] 3 4 ... 10
11
News and Events / Introducing EyeBlock
« Last post by Alex Allen on May 25, 2015, 12:22:47 pm »
Dear Valued Clients,

As we try to surpass your expectations and protect you from the outside in, EPS would like to announce a new service we have put in place, EyeBlock. As some of you might have noticed you are no longer getting "DMIPC create fail" and "HTTP Server crash". For our Beta sites that were attacked more frequently, it has been eliminated or reduced dramatically. We would like to announce that we rolled this out for All our clients as well as clients of our CCTV partners.

With this service EPS has effectively blocked 1,945,354,182 IP addresses and counting from accessing your system and the program maintains a 7 day log that is available upon request. Currently most US IP addresses have access to systems until they violate your DVR. When this occurs they are put in our master list and ALL EPS monitored DVRs will check for new Blocked IP every two days and add it to your DVR.


Thank You for your Trust,
Alex Allen
12
How Tos / Using GV Access Android
« Last post by Shannon on February 09, 2015, 03:17:20 pm »
<a href="http://www.youtube.com/v/wWWzxTORlNk" target="_blank" class="new_win">http://www.youtube.com/v/wWWzxTORlNk</a>


http://www.geovision.com.tw/upload/en/mobileap/GV-Access.pdf
13
News and Events / Smash & Grab Alert
« Last post by Daniel Grejeda on December 09, 2014, 09:39:00 am »
Dear Valued Clients,

The industry is seeing an increased number of Smash & Grabs over the last few months. Here at EPS we have seen more attempts in the last few months then we have seen over the last 4yrs. The thieves can be in and out of a dealership with a pipe gate in under 6 minutes, leaving your local police department very little time to respond and stop the thieves or track them down and recover your merchandise. These thieves are going in for the handheld equipment and anything that can be carted off quickly and easily.

We ask that you assist us in keeping your property and merchandise as secure as possible by taking the following measures.

1. Block all entrances & gates with large equipment.
2. Move handheld equipment away from the doors and windows.
3. Run cabling or chain through equipment. (Especially those properties that have no gates or fence lines. This will assist in minimizing any loss.)

If you have any questions please don’t hesitate to contact me.

Sincerely,

Angela M. Logan
CMS Manager
Cell: (903) 922.0085
Email: alogan@epsmonitoring.com
14
News and Events / Windows Critical Updates
« Last post by Alex Allen on November 21, 2014, 04:10:00 pm »
Dear Valued Clients with Domain Controllers;
FYI; an out of cycle patch by Microsoft has released an update to patch a critical security hole that is being actively exploited to hack Windows-based servers. A flaw in the Windows implementation of the Kerberos authentication protocol allows attackers with credentials for low-level accounts to remotely hijack extremely sensitive Windows domain controllers that allocate privileges on large corporate networks. The privilege elevation bug is already being exploited in highly targeted attacks and gives hackers extraordinary control over vulnerable networks.

From SANS NewsBites Vol. 16 Num. 93
--Microsoft Issues Emergency Patch for Flaw in Kerberos Authentication Protocol (November 18 & 19, 2014) Microsoft has released an out-of-cycle update (MS14-068) to address a critical flaw in the Kerberos authentication protocol that is being actively exploited. The vulnerability can be exploited to elevate privileges to those of the domain administrator. The issue affects all currently supported versions of Windows and Windows Server. The protocol manages authentication for Windows PCs on local networks. The problem is more serious for Windows Server than for Windows home users.


https://technet.microsoft.com/library/security/MS14-068
http://arstechnica.com/security/2014/11/unscheduled-windows-update-kills-critical-security-bug-under-active-attack/
http://www.theregister.co.uk/2014/11/18/youll_most_definitely_believe_what_microsoft_did_today/
http://www.zdnet.com/details-emerge-on-windows-kerberos-vulnerability-7000035976/
http://krebsonsecurity.com/2014/11/microsoft-releases-emergency-security-update/


Internet Storm Center:
https://isc.sans.edu/forums/diary/Microsoft+November+out-of-cycle+patch+MS14-068/18967
15
How Tos / Changing Access Control Schedule for Doors
« Last post by Alex Allen on November 13, 2014, 12:40:58 am »
Dear Valued Clients,
If you are up for the challenge here is a howto in programming your doors. Of course EPS will do this for you, we need your store Holidays and at least 2 hour heads up on door schedule change. I will post a Holiday How To in the coming weeks. I have included a link to the manual below for your convenience.

As always, it is a pleasure working with you.
Alex Allen


Programming your door hours can be done from your remote application away or at your office. Follow these steps and it will walk you to your system.

Step 1) From Internet Browser, navigate to your Website built for you by EPS. This is generally bizname.eyeconsolutions.net. If you are unsure of your website please call your EPS contact to resend link. Select corresponding location whether you are onsite or offsite for Access Control illustrated in Figure 1.


Figure 1



Step 2) System Selection page, select ASWEB link illustrated in Figure 2.


Figure 2
*Note* If you receive a page cannot be displayed or any other type of error please add site to compatibility view. For help call and speak with EPS contact or I and we will help you add to compatibility mode or follow this link  http://windows.microsoft.com/en-us/internet-explorer/products/ie-9/features/compatibility-view for instructions.



Step 3) Login to your system. Username and password are the same as DVR if you are authorized User. Illustrated in Figure 3 If you need authorization please speak with owner or person in charge of security at your location to have account created in the AsManager System. Authorization forms will be needed, signed by Owner or known Management at your business and can be obtained by calling Technical support.


Figure 3
*Note*
Want to know if your Internet Passwords are safe?
If you would like to test your password go here.
https://www.microsoft.com/en-gb/security/pc-security/password-checker.aspx
If your password reports back "weak" please contact us and we will change it to something stronger on EPS managed services.



Step 4) When you log into your system click the "Controller List" icon. Illustrated in Figure 4


Figure 4



Step 5) After the Controller has loaded into window, select gear with pencil. A blue square will surround gear. Illustrated in Figure 5


Figure 5



Step 6) Use mouse and select door you wish to reschedule. Illustrated in Figure 6


Figure 6



Step 7) When you have selected the door you wish to change the box on right will fill with door configurations. Select "Authentication Schedule".  Illustrated in Figure 7


Figure 7



Step "8") The next screen is the time programming for the desired door. From here you will select whether you wish the doors to be "released"(unlocked) indicated with blue or "Card or Common Mode" (locked) indicated with yellow. At first it will be a little tricky, however; changes do not take effect until you click "Save". When you move the mouse over the time span you will notice a red line indicating where it is at on the schedule. Single clicking and holding down, you will be able to drag the time either way for that day. The time will display as you adjust and depending on where you are located, it may be a little slow. They are in 5 minute increments. Figure 8


Figure 8

You will have to adjust each day accordingly. To change another door just select the door you wish to change following Steps 6 though "8").


Once you have made your adjustments click save and log out, schedule has been changed. Due to the importance I highly recommend testing doors the first few times you make adjustments. Once you get the hang of it you will gain more confidence in setting the doors time.

Of course if you have any issues or problems you may call me anytime, 24/7 if needed.

Resources

Manual For the Nerdy Nerds, please note that the manual is for AsManager Version 4.2.3. This is the latest version and your system may be 1 or 2 version behind, however; the programming is pretty much the same. If you are wanting to upgrade your AsManager please call EPS technical support and we will be more than happy to upgrade remotely.

Manual download http://eyeconsolutions.com:85/eps-snapshots/ZZZ-Tutorials/AsDoorSchedule/GV-ASManager User Manual(ASMV423-A-EN).pdf

Mobile Access to control your doors, gates and other devices. Download "GV-Access V1.0" and give us a call to assist in setting up! Please remember, a user will need to be created before access to system from smart phone can happen.
http://www.geovision.com.tw/english/5_8_App.asp
16
News and Events / Central Monitoring Station is back up and running.
« Last post by Daniel Grejeda on November 06, 2014, 10:45:39 am »
Dear Valued Clients,

We are happy to announce that we have completed our move and our Central Monitoring Station will be back to normal operation at 5p today. We apologize for any inconvenience during the last few days. Also, we did have a few phone issues in the last few days and want to apologize for any confusion while we were getting that all sorted out. Please contact me with any questions or concerns. I will be happy to help you or get you to someone that can assist you. Hope you have a wonderful weekend!

Thank you again!
Angela M. Logan
CMS Manager
(903) 922.0085
alogan@epsmonitoring.com
17
News and Events / We Are Moving!
« Last post by Daniel Grejeda on October 27, 2014, 09:11:02 pm »
Dear Valued Clients,
 
EPS is excited to announce that we are moving! Our business has expanded in leaps and bounds over the last few years and we have found that we have outgrown our original Central Monitoring Station. We are planning to make the move to our new offices, Monday, November 3rd - Wednesday, November 5th, and are doing everything in our ability to make this as quick and seamless as possible with as little of an inconvenience as possible to you, our client. 
Unfortunately, to make this transition smooth we will have to shut down our monitoring services for a short period of time. The security of your property is of utmost importance. During this transition, since we will be unable to monitor your business, we recommend you contact your local Police or Sheriff’s Department and request courtesy patrols.
We hope to be back up and running as quickly as possible and will keep you informed of our progress.
Please don’t hesitate to contact me if you have any questions.
 
Sincerely,
Angela Logan
CMS Manager
(903) 922.0085
alogan@epsmonitoring.com
18
News and Events / Computer Security for your DVR
« Last post by Alex Allen on May 11, 2014, 05:58:42 pm »
What is happening?

As most of you have seen in your topics we monitor your DVR's firewall for malicious activity in the "Computer Security" topic. Your DVR is internet facing, meaning that it is open to the world so you can get to it from your computers and mobile devices from outside your business. Unfortunately, so can everybody else that finds it and can try to break into it.

Geovision has a feature that will only allow 20 connections to the Web portion of the DVR, this helps reduce the attack surface of the DVR and gives password bots only 20 tries before it crashes. (Believe me brute force attacks can range in the thousands!) On our end when this happens we receive an email that the application has crashed and we look into your DVR's firewall and log find offending IP and block the entire range that it belongs to. When your DVR is attacked by a compromised US system we only block the IP unless it is a smaller ISP; then we block all their IP's and send out a cease notification of attack to the Domain admin of IP.

During this attack when the Web server goes down we do not loose your cameras, Geovision has many processes to ensure its availability on the monitoring side. This only affects when you try to access your cameras from your computer and smart phone.

Am I safe from hackers?

Once a month we perform Microsoft Updates and Security Patches on your DVR's, this is another reason we use a computer based DVR; most Linux based systems are never updated. If you understand the Process of Updates then you know it must be broken before it can be fixed. Therefore, there is always the possibility that a compromise can occur. With this in mind, EPS has programmed your DVR to only accept calls from our static IP's and block everyone else on our remote applications. The web portion is the only program vulnerable, so we monitor it.

As our company grows we anticipate the attacks to increase and possibly to be targeted by professional hackers. We have already noticed cross site hacking attempts from one hacking IP to different clients. To protect your DVR's when we see an increase without a decrease we will move your DVR's web facing port to a different port; so basic scanning will not detect open port. This does not mean you are invisible but sort of hidden from drive by port scanning. If this doesn't remedy the attacks, we will have to shut down your web server temporarily and re-enable later and monitor for continued attacks.

Want to know if your Internet Passwords are safe?
If you would like to test your password go here.
https://www.microsoft.com/en-gb/security/pc-security/password-checker.aspx
If your password reports back "weak" please contact us and we will change it to something stronger on EPS managed services.



What am I looking at in my post?
To help you understand what your are seeing in your posts I have included a sample with descriptions.

     IP Address assigned to: BRAZIL <--This is the country attacking your system.

     IP Address: 189.112.76.100 is located within the following Network:

     Network: 189.112.0.0
     CIDR: 189.112.0.0/16
     Mask: 189.112.0.0/255.255.0.0
     Network Range: 189.112.0.0 - 189.112.255.255
     Total addresses: 65,536 <--These are the amount of IP's that we block in your DVR's firewall

     Reputation Score for 189.112.76.100 = 4. <-- if you see this in your post, chances are they are pros and the higher the number the worse they are



After accumulating over 60 million blocked IP's from your DVR systems collectively; I started posting in the forum and stopped logging them. Once an IP or an range of IP's are added the your DVR's firewall they are blocked from attacking the surface.

If you have any questions feel free to reply or call me any time.

Alex Allen
19
News and Events / Smart Phone Security Alerts
« Last post by Alex Allen on March 15, 2014, 10:03:55 am »
Dear Values Clients,
Heads up users of the device models Nexus S, Galaxy S, S2, and S3, and Galaxy Tab 2 10.1, you might want to call vendors to fix back door that can compromise your data. Possible back door has been found, I will keep you posted here as this back door is looked into further.

Alex

http://news.cnet.com/8301-1009_3-57620281-83/samsung-galaxy-devices-may-have-backdoor-to-user-data-developer-says/

http://www.theregister.co.uk/2014/03/13/samsung_remote_file_backdoor/
20
News and Events / Linksys Security Alerts
« Last post by Alex Allen on February 18, 2014, 03:19:44 pm »
FYI to Owners of Linksys Business Routers;

A self-replicating worm is spreading among a number of different Linksys home and small business routers. Researchers at the SANS Institute reported the outbreak 2-17-2014 and have not been able to determine whether there is a malicious payload or if the worm connects to a command and control server. Johannes B. Ullrich, chief technology officer at SANS said the worm appears at the moment to be doing little more than scanning for other vulnerable routers and seeding itself “The vulnerability allows the unauthenticated execution of arbitrary code on the router. We haven’t published all the details about the vulnerability yet as it appears to be unpatched in many routers,” Ullrich said, adding that Linksys has been notified.

Ullrich said an Internet service provider in Wyoming alerted SANS to the unusual network activity and SANS researchers were able to capture samples of the worm in its honeypots. SANS released an early list of vulnerable routers that could be vulnerable depending on the firmware version they’re running: E4200, E3200, E3000, E2500, E2100L, E2000, E1550, E1500, E1200, E1000, and E900.

When EPS is given permission to control or access routers remotely we normally only allow remote access to router Administration page from our static IP range or 1 static IP in range, depending on router. As for your home routers, Lynksys does not expose port 8080 by default so should be safe from this Worm. I will follow up in the upcoming days on what unfolds as they figure out what it is doing.

Alex

Information extracted from http://threatpost.com/moon-worm-spreading-on-linksys-home-and-smb-routers/104268
Pages: 1 [2] 3 4 ... 10