Latest News

Latest News

Check out the latest news in IT, and see what CAPEMS is up to!

SIP Trunk failure after upgrade to Asterisk 12 (PIAF/IncrediblePBX <-> Lync 2013)

Posted by on 1:29 am in Blog, For Techs, Phones | 0 comments

SIP Trunk failure after upgrade to Asterisk 12 (PIAF/IncrediblePBX  Lync 2013)

This seems to be the week for phone troubles. We’ve had a cable provide screw up rollover configurations on two sets of lines (two small firms moved from one suite to another) that took about 5 tries to get them to fix, Verizon outages on a small hotel for 2 days, and now an issue with an asterisk/lync setup. Hopefully this helps someone save some time if they face a similar situation!

So, we’re fans of Vitelity for SIP trunk service, and love Asterisk as Key/PBX replacement. In this case we have Vitelity -> Asterisk -> lync 2013 (single server, all roles collocated). We had PIAF <-> Lync working wonderfully for inbound/outbound but running apt-get upgrade recently messed up GRUB with the newer kernels. After trying to repair I got fed up and just fell back to the older kernel on boot until I had more time to work on the issue, which really meant creating a new VM with the newer versions of everything. However, after this brilliant plan, using the same settings as before (or so I thought) didn’t work.

lync

This shows the INCORRECT settings that existed. Change to 5061 to match the SIP binding in Asterisk 12/PIAF to correct.

The problem lies is the fact that I chose to try using PJSIP for the Vitelity trunk, and SIP for the Lync trunk. The default configuration binds 5060 to PJSIP, but then 5061 for SIP. So, if we go into the Lync Topology Editor we must change the Listening Port of the IP/PSTN gateway to match this.

Then “all that’s left” is tweaking your inbound/outbound routing. Which probably meaning dealing more with the people than the machines…

In our case, I also made the embarrassing mistake of not paying attention to cert expirations (which of course was around 30 mins after this first part was completed).

Vizio CA-27 SSD Upgrade

Posted by on 1:07 pm in Blog | 0 comments

Vizio CA-27 SSD Upgrade

We have a few of these guys deployed and are quite happy with them, even though they use mechanical laptop drives. We’re also starting to see speed issues related to hard drive performance, making them excellent candidates for solid-state drives. As expected, post upgrade performance is excellent.

Despite extensive googling, I couldn’t find any information on disassembly, so while upgrading one I took a few photos. Hopefully this will help someone else out there dealing with this model!

Giving up your rights

Posted by on 5:11 pm in Blog, Security | 0 comments

Giving up your rights

Most of our clients are small/medium sized businesses on a Managed IT Service program. Often, end users will ask: “Why can’t I install X by myself?”. This isn’t so much a result of the user being a problem as it is a result of years of big name vendors selling cheap systems and not bothering with security. Until Apple’s big comeback somehow made a locked-in ecosystem acceptable to the average consumer(to the dismay of the founders and creators of the technology it’s built on), users got confortable being able to do anything they wanted to their system. While we’re hackers at heart and always want the option to tinker, it’s not really appropriate in a business environment.

Limited User Accounts

While this isn’t such a concern with the newer OS X and Windows 7/8, I dug up this Washington Post article from 2006 on one of the simplest things you can do to secure your PC. The first account you configure on a PC is generally a full administrator. This means you can do anything you want, good or bad.

While Windows Vista and OS X introduced us to things like User Account Control, creating a “buffer” when taking actions that modified the system, it’s still too easy for unintended consequences that cost you time and money later on.

Limited User accounts prevent

  • Changing computer configuration

  • Accidental deletion or modification of data and programs

  • Malware from installation, especially when surfing

  • Kids and corporate users from installing software of any kind;

  • Using the computer for other purposes;

  • Theft of information or intellectual property;

For a long time, this simple change that provided huge improvements in security ended up creating problems for users, thanks to poor design by Microsoft and lazy third-party developers. Even Intuit took years to update their Quickbooks packages to become compatible with the LUA methodology (I think they got around to it in their 2010 version).

The cost of free software

There’s plenty of great free software out there (often better than paid stuff!), but you need to know what you’re installing. But popular packages like VLC or OpenOffice are frequently viewed as attack vectors for malware or bloatware(those stupid toolbars and popups).

If you don’t know where to download the original files, its easy enough to click the wrong link in a Google search and download a copy with something bundled it. If they’re nice, there’s probably a tiny check box buried in the install screen you can un-check, but its probably very easy to miss.

At the end of the day, our arguement is simply that it costs less to have an IT pro handle it while you sit back and relax (or more likely just work on something else). Does it really pay for you to spend time tracking down the right program or cleaning up junk from your PC later? (Our secondary arguement: exactly why is a user constantly installing programs? Is that part of their job description?)

Corporate Policies

A more delicate problem is the question of who gets admin rights (of course assuming we’ve set up a separate admin accounts for such purposes).

The problem here isn’t that we’re trying to single out an individual; we rather like most of our clients. The purpose is to prepare for the unknown. For example, if a policy is in place and followed, then it’s less likely you’ll

  • find out the hard way that your new hire isn’t such a nice person after all (at least not at the expense of your data)
  • realize you just spent two hours looking for a program to open some obscure video format
  • click the wrong download link and end up with a threat from the “FBI” that will “go away if you pay $50″

 

In conclusion…

We hope this helps sway business owners to err on the side of caution when it comes to users and admin rights. This isn’t my position or even just our company’s position, it is considered standard practice in responsibly securing a network.

Where’s my website?

Posted by on 7:02 am in Blog, Security | 0 comments

Where’s my website?

We’re often asked about Search Engine Optimization (or why a site isn’t #1 in Google).

 

Analytics

Posted by on 3:24 pm in Blog, Web Presence | 0 comments

Analytics

What it is, and what it isn’t

Let’s start off by saying (to calm the salespeople) that there are two kinds of analytics. Web analytics gives you insight on your website visitors, marketing analytics gives you data on your marketing initiatives (e.g. social media, blogging, email newsletters, etc) in order to determine the true ROI of those activities, and understand how well they’re meeting your business goals.

This is NOT Search Engine Optomization (SEO).

What we’re trying to accomplish in SEO has to do with structuring your news content for Google/Bing/Yahoo to put it in front of more people. Analytics allow CAPEMS to track and measure how effectively we’re doing this, and can give guidance on how to do it better. If SEO is a blueprint, Analytics is the ruler. (more…)

Google Security advocates shortened 0-day disclosure period

Posted by on 12:00 pm in Blog, Security | 0 comments

From the Google Online Security Blog:

…we believe that more urgent action — within 7 days — is appropriate for critical vulnerabilities under active exploitation. The reason for this special designation is that each day an actively exploited vulnerability remains undisclosed to the public and unpatched, more computers will be compromised.

Google has always been pretty good about advocating for improved security, so while it’s no surprise, we’re still very glad to hear this. Many software vendors we have to deal with tend to drag their feet with bugs/patches and could use a swift kick from someone as big as Google.

Read More

Scanner Pro adds border detection

Posted by on 9:09 pm in Blog, Gadgets | 0 comments

Scanner Pro adds border detection

Readdle has added border detection to their already useful app. If you’re using an iPhone or iPad, this is a great investment that turns it into a universal scanner on the go.

http://readdle.com/products/scannerpro/

Keep in touch

Posted by on 6:34 am in Blog, Case Studies, Web Presence | 0 comments

Keep in touch

You’ve probably already considered social media and email as forms of communication for your business, so here’s a quick overview of our preferred approach: (more…)

Securing WordPress

Posted by on 6:28 am in Blog, Security | 0 comments

Securing WordPress

From the National Republican Congressional Committee to Washington State’s Courts and LivingSocial, we’re seeing increasing cyberattacks on websites in the news, so we thought it’d be a good time to go over some common problems and potential solutions.  While there are always going to be internal threats and 0-day attacks, the following are some standard techniques to help keep you ahead of the curve.

If you’ve already been hacked, contact us immediately!   It’s going to take much more than these pointers to fix.

(more…)

Intro to Multi-factor Authentication

Posted by on 6:26 am in Blog, Security | 0 comments

Intro to Multi-factor Authentication
  • A recent study showed that using the 10000 most common passwords would have cracked >98% of 6 million user accounts. All of these problems have the potential for a huge security hazard.

Passwords aren’t enough

We’ve been urging our clients to transition to use of complex passwords (or better, passphrases) for a the past year. Still skeptical about the need to improve log-in security? Perhaps the following articles would be helpful:

There are many similar news pieces that argue for greater security, but hopefully we’ve made our point.

(more…)