Paul Cooke Auctions embrace technology with Livebid online auction features

Conveniently located in a 4 acre auction complex in Naas just off the M7 motorway, Paul Cooke Auctions are Irelands leading auction complex for Car Auctions, Van Auctions, Plant Auctions, Machinery Auctions, Trucks & Equipment Auctions. Paul Cooke Auctions team have decades of experience in the auction industry and are well respected across the country for the work they have done.

Paul Cooke Auctions core beliefs are to provide the highest standard of service to their customers, to get the best results on the market through an honest and transparent process, to improve and evolve their service constantly making it accessible to everyone and complete customer satisfaction.

Their management team come from a long background in auctioneering and project management and have managed some of the largest auction events in the country. Paul Cooke Auctions have been highly involved in re marketing assets and vehicles around the country on behalf of garages, hire companies, Government Bodies, Insolvency Practitioners, Financial Institutions, Councils, Small Business Owners & Construction Companies through out stable economical times and the recession.

Paul Cooke Auctions hold weekly car & van auctions every Monday Evening and Monthly Plant Auctions, Machinery Auctions & Disposal Auctions from their Naas Auction Complex which are completely open to the public for buying and selling. If you require Paul Cooke Auctions to sell a large volume of vehicles or assets in situ from your premises, Paul Cooke Auctions can even bring their mobile Auction Facility to you. Paul Cooke Auctions also provide asset valuations, storage and transport & recovery services for all their clients.

When using Paul Cooke Auctions you can be sure that you are in safe hands, their team will guide you step by step through the auction process and will recommend the best way to sell your goods. Paul Cooke Auctions are dedicated to getting their customers the best results at an affordable cost.

To Find Out more about Paul Cooke Auctions please contact them on 045 254 250 or by visiting their website at http://www.paulcookeauctions.com

Password Reset Dell Powervault MD3200i

The Dell PowerVault MD3200i is an iSCSI SAN device.  It comes with two raid controller each with it’s own management network interface, located on the back of the unit.

Generally speaking, most management of the unit is done through the “Dell Modular Disk Storage Manager” application.  Problems can arise if you’ve purchased the Dell PowerVault MD3200i used / from someone else and have no idea what the IP and or username / password is.

Please see below for the steps to reset the Dell PowerVault MD3200i to factory default settings.

You will need the serial management cable.  This cable has a connector that resembles a PS2 plug on the one side and RS232 COM port on the other and can be purchased directly from Dell or through eBay.

Plug this into your PC or laptop and make sure its connected to “controller 0” on the Dell PowerVault MD3200i (The top one)

When the lead is connected,  use Putty to establish a serial connection.  You will need to set the baud rate to 115200 ( see details below )



To get into the service menu you need to press the following keys in the Putty Terminal Windows:
<Ctrl> & Pause / Break

Then type CAPITAL S for Service Interface followed by the enter key.
The default password here is “supportDell” – case sensitive.

From here you can:

  • Display the Current IP configuration
  • Change the Current IP  configuration
  • Reset Storage Array Administrator Password

 

It is a pretty straight forward text based menu procedure to complete any of the steps above.  Please note that you will have to reboot the Dell PowerVault MD3200i for any of the above steps to take affect.

Alternatively, if you have the IP addresses already or they are still on their default IP address 192.168.128.101, you can reset the password by pressing and holding for 5 seconds the “password reset button” which is located on the rear of the Dell PowerVault MD3200i, right beside the controllers.

Still having issues resetting or accessing your Dell PowerVault MD3200i? Contact us via @planitcomputing or via telephone on 014852222 for assistance.

Sky Broadband SR101 Home Router Wireless Hack

Are you using Sky Broadband in your home or business?  Are you still using the default wifi password?  Your business / home network is a potential target for hackers.

Back in December 2013, we published a post ( http://www.planitcomputing.ie/blog/?s=upc&submit=Search ) about the wireless algorithm used by UPC and how it was particularly weak against an offline dictionary attack which could allow intruders onto your network if the wireless key was cracked.

It seems Sky Broadband use the exact same algorithm in their home / business routers. ( Model SR101)

We notified Sky Broadband about the problem in January 2014.  Sky Broadband are still supplying customers with modems / routers ( SR101 ) that use this weak algorithm to generate the wireless keys for each user.
At the time, graphics cards were expensive and clustering several machines was not financially viable to the average hacker.

In December 2013, we purchased a used rig, comprising off:

  • Windows 7
  • I3 Processor
  • 4GB RAM
  • 2TB Drive
  • Radeon HD 5850

For a tidy sum of: €185.00 🙂

We generated 26 dictionary files using “mask processor” by ATOM, piping each letter out to its own file, for example:

  • A:  ./mp32 A?u?u?u?u?u?u?u > A.TXT = AAAAAAAA – AZZZZZZZ
  • B: ./mp32 B?u?u?u?u?u?u?u > B.TXT = BAAAAAAA – BZZZZZZZ
  • etc

Each .txt file weighed in at around 60GB’s each.  The 26 files took up about 1.6TB of storage.

We now had the complete key space, partitioned into 26 different files.  This allowed us to distribute the brute force attack amongst multiple computers.  There are other ways with ocl-hashcat but this was the simplest.

Using our Radeon HD5850 on standard settings, we were hitting 80,000 keys per second.  Breakdown below:

  • 26^8 = 208,827,064,576 ( 208 billion possible combinations )
  • 26^8 / 80,000 keys per second = 2,610,338 seconds
  • 2,610,338 / 60 seconds = 43,505 minutes
  • 43,505 / 60 minutes = 725 hours
  • 725 hours / 24 hours = 30 Days

For €185, we had built a computer that could crack the default Sky Broadband wireless password within 30 days.  The WPA-PSK handshake / password we tested started with the letter S and was cracked within 96 hours.

We ended up getting a second machine for the same price which resulted in our maximum cracking time being reduced to 15 days.

If you’re using the default wireless password on your Sky Broadband connection, we recommend changing it immediately to a more secure password, using a mix of letters, numbers and symbols.

If you have any queries or questions on the above, please feel free to leave a comment.

@planitcomputing

 

VPN – a brief summary on Virtual Private Networks

What is a VPN?

Put simply, a Virtual Private Network, or VPN, is a group of computers (or discrete networks) networked together over a public network—namely, the internet. Businesses use VPNs to connect remote datacenters, and individuals can use VPNs to get access to network resources when they’re not physically on the same LAN (local area network), or as a method for securing and encrypting their communications when they’re using an untrusted public network.

When you connect to a VPN, you usually launch a VPN client on your computer (or click a link on a special website), log in with your credentials, and your computer exchanges trusted keys with a far away server. Once both computers have verified each other as authentic, all of your internet communication is encrypted and secured from eavesdropping.
The most important thing you need to know about a VPN: It secures your computer’s internet connection to guarantee that all of the data you’re sending and receiving is encrypted and secured from prying eyes.

Benefits of using a VPN

The downloader. Whether they’re downloading legally or illegally, this person doesn’t want on some company’s witch-hunt list just because they have a torrenting app installed on their computer. VPNs are the only way to stay safe when using something like BitTorrent—everything else is just a false sense of security. Better safe than trying to defend yourself in court or paying a massive fine for something you may or may not have even done, right?

The privacy minded and security advocate. Whether they’re a in a strictly monitored environment or a completely free and open one, this person uses VPN services to keep their communications secure and encrypted and away from prying eyes whether they’re at home or abroad. To them, unsecured connections mean someone’s reading what you say.

The globetrotter. This person wants to watch the Olympics live as they happen, without dealing with their crummy local networks. They want to check out their favorite TV shows as they air instead of waiting for translations or re-broadcasts (or watch the versions aired in other countries,) listen to location-restricted streaming internet radio, or want to use a new web service or application that looks great but for some reason is limited to a specific country or region.

Even if none of the above really sound right to you, you can still benefit from using a VPN. You should definitely use one when you travel or work on an untrusted network (read: a network you don’t own, manage, or trust who manages.) That means opening your laptop at the coffee shop and logging in to Facebook or using your phone’s Wi-Fi to check your email at the airport can all potentially put you at risk.

The best VPNs offer a solid balance of features, server location, connectivity protocols, and price. Some are great for occasional use, others are geared towards getting around the location restrictions companies put on their apps and services, and others are targeted at people who do heavy downloading and want a little privacy while they do it.

What makes a good VPN?

Logging: When you connect to a VPN, you’re trusting the VPN service provider with your data. Your communications may be secure from eavesdropping, but other systems on the same VPN—especially the operator—can log your data if they choose. If this bothers you (e.g., you’re the privacy/security advocate or the downloader), make absolutely sure you know your provider’s logging policies before signing up.

 

This applies to location as well—if your company doesn’t keep logs, it may not matter as much where it’s located. (There’s a popular rumor that US-based VPN providers are required to log, in case the government wants them. This isn’t true, but the government can always request whatever data they have if they do log.)

Anti-Malware/Anti-Spyware Features: Using a VPN doesn’t mean you’re invulnerable. You should still make sure you’re using HTTPS whenever possible, and you should still be careful about what you download. Some VPN service providers—especially mobile ones—bundle their clients with anti-malware scanners to make sure you’re not downloading viruses or trojans. When you’re shopping, see if the providers you’re interested in offer anti-malware protection while you’re connected. For example, previously mentioned Hotspot Shield offers malware protection to its premium users. It may not be a dealbreaker for you, but it’s always good to have someone watching your back.

Price: Finally, go into your user agreement with both eyes open. You should read the privacy policy for the service you’re interested in, and be very aware of the differences between free and paid services.

For example:

Free VPN Providers are more likely to log your activities and serve contextual ads while you’re connected. They’re also more likely to use your usage habits to tailor future ads to you, have fewer exit locations, and weak commitments to privacy. They may offer great features, but if logging and privacy are important to you, you may want to avoid them. However, if you just need quick, painless security while traveling on a budget, they’re a great option.

Subscription VPN Providers usually take your privacy a bit more seriously, since you’re paying for the service. It’s unusual for them to show ads, although whether they do logging or store data about your usage varies from company to company. They usually offer free trials so you can give the service a shot first, but remember: just because you’re paying for a service doesn’t mean you shouldn’t do your homework.

Thinking VPN?

Contact PlanIT Computing today on 014852222 for a breakdown of options available for your VPN requirements.

UPC Default Wireless Password Vulnerable to offline dictionary attack

Are you using UPC broadband in your home or business?  Still using the default wifi password?  Your business / home network is a potential target for hackers.

Back in November 2011, we blogged ( http://www.planitcomputing.ie/blog/?s=upc&submit=Search ) about the algorithm used by UPC and how it was particularly weak against an offline dictionary attack which could allow intruders onto your network if the wireless key was acquired.

We notified UPC about the problem in November 2011 yet UPC are still supplying customers with newer modems / horizon boxes that use this algorithm.
At the time, graphics cards were expensive and clustering several machines was not financially viable to the average hacker.

We recently purchased a used rig, comprising off:

  • Windows 7
  • I3 Processor
  • 4GB RAM
  • 2TB Drive
  • Radeon HD 5850

For a tidy sum of: €185.00 🙂

We generated 26 dictionary files using “mask processor” by ATOM, piping each letter out to its own file, for example:

  • A:  ./mp32 A?u?u?u?u?u?u?u > A.TXT = AAAAAAAA – AZZZZZZZ
  • B: ./mp32 B?u?u?u?u?u?u?u > B.TXT = BAAAAAAA – BZZZZZZZ
  • etc

Each .txt file weighed in at around 60GB’s each.  The 26 files took up about 1.6TB of storage.

We now had the complete key space, partitioned into 26 different files.  This allowed us to distribute the brute force attack amongst multiple computers.  There are other ways with ocl-hashcat but this was the simplest.

Using our Radeon HD5850 on standard settings, we were hitting 80,000 keys per second.  Breakdown below:

  • 26^8 = 208,827,064,576 ( 208 billion possible combinations )
  • 26^8 / 80,000 keys per second = 2,610,338 seconds
  • 2,610,338 / 60 seconds = 43,505 minutes
  • 43,505 / 60 minutes = 725 hours
  • 725 hours / 24 hours = 30 Days

For €185, we had built a computer that could crack the default UPC wireless password within 30 days.  The WPA-PSK handshake we used started with the letter D and was cracked within 96 hours.

We ended up getting a second machine for the same price which resulted in our maximum cracking time being reduced to 15 days.

If you’re using the default password on your UPC broadband connection, we recommend changing it immediately to a more secure password, using a mix of letters, numbers and symbols.

If you have any queries or questions on the above, please feel free to leave a comment.

@planitcomputing

 

 

 

 

 

Windows “Whistler” XP – August 2001 – April 2014

Still running Microsoft Windows XP in your business?  In April 2014,  Microsoft is switching support for XP OFF.

This is no joke: Microsoft is putting XP to the grave. There will be no more security updates or patches. If you’re still using it and a weakness or exploit is found, tough luck: there will be no fix nor protection from Microsoft anymore.  Your computer security WILL be at risk.

From experience, this is not a small or minute problem. Over 35% of all office PCs in Ireland are still running Windows XP. The public sector – including schools, hospitals, government departments, authorities and other institutions – also use the 12-year-old operating system in large numbers. From April 2014, these departments will be at risk, FACT.

Depending on the size of your business and the amount of devices in use, if you haven’t already started transferring over to Windows 8 or even Windows 7, it’s probably too late to make it in time for April 2014. Microsoft calculates that it takes at least a year for most companies to fully ‘migrate’ from XP to a newer operating system. ( this figure varies, obviously)

Why such a lengthy delay?  Proprietary / custom software – specific software programs that are designed to work with Windows XP and Windows XP only, usually in 32bit architecture.  64 bit what?

So, upgrading from XP to Windows 8 or Windows 7 could mean a much larger, costly overhaul with significant logistics involved.

But don’t try pleading that when you’re calling on Microsoft for help – the company’s Irish executives have made it quite clear that such excuses will fall on deaf ears. They have advertised the switch off for years. The company has been warning about this for at least two years. They have sent emails, put out leaflets, blogged, phoned up key customers etc. Microsoft even deferred the shut-off date on a previous occasion due to customer inaction on the matter. But not this time – no more shut-off’s. From April 2014, Microsoft has firmly stated that you’re on your own with XP.

When the first serious exploit and virus attack aimed at XP occurs in April 2014, Microsoft are adamant that they won’t answer your calls on it.

“Microsoft Windows XP is no longer safe enough to defend against the onslaught of modern threats that organisations face on a daily basis,” warns an official Microsoft document given out to multiple Irish business customers.

“Businesses that still run Windows XP will become even more vulnerable to malware and attacks after April 2014. The most significant risk is that PCs, and the data they contain, could be hacked and compromised. Today, Windows XP is 21 times more likely to be infected by malware than Windows 8.”

Thinking of upgrading your office systems from Windows XP to Windows 7 or Windows 8?  Call us today for a free, no quibble quotation.

Error 0x8004230f – Adjusting the Shadow Copy Treshold

When trying to configure the Shady Copy settings of a drive that is nearly full, the 0x8004230f error may occur on Microsoft Windows SBS 2011 when you try to configure the Shadow Copy settings from the hard disk in My Computer.

If you need to free up space immediately, you can run the following command from the command prompt under the Administrator account to free up space:

Vssadmin delete shadows /For=C:

Replace C: with the drive you wish to free space up on.

Please note, that the above command will delete ALL YOUR SHADOW COPIES from that drive, so ensure that you do not need them before removing them.

Why chose Planit Computing for IT Support?

Planit Computing are a leading Irish IT Support company, based in Dublin 2.  Offering a full range of standard and bespoke business IT Support packages tailored to suit your business needs. It’s always difficult to cater for everybody but over the years, Planit Computing have have developed one of the best and simplest methods of supporting IT infrastructure in both Dublin and nationwide based companies. From servers, desktops, laptops and mac support to online cloud solutions.

We are committed to providing a single source solution for you for all you IT requirements.

Call us now on 014852222 to discuss your IT requirements and mention our blog to receive a 10% discount!!

Changing Outlook 2010 RPC Port with a non standard one – ie TCP 446

By default, Microsoft Outlook 2003, 2007 and 2010 connect through port 443 for RPC over HTTPS.  This cannot be changed inside of Outlook 2003, 2007 or 2010 and must be changed via the registry.  If you attempt to change the port number in Microsoft Outlook 2003, 2007 or 2010, the following message will be displayed:

“The proxy server you have specified is invalid. Correct it and try again.”

In essence, Microsoft Outlook 2003, 2007 and 2010 has HTTP and HTTPS hard coded to TCP ports 80 and 443.

Recently, we had a client who had set their OWA to listen on TCP Port 446.  Works fine in browsers / Smart-Devices but is a different situation for Microsoft Outlook.  Using a VPN is an “easy alternative” but is more of a nuisance if out and about all the time.

Imagine you want to move your Outlook Web Access to a different port (security reasons? Or maybe just that another application is hard coded to port 443…)

The following method is unsupported by Microsoft, please use it at your own risk.  Editing the registry is required.

Continue reading

Enabling SMTP Authentication on Outlook, Apple Mail, iPhone, iPad and Thunderbird

These are instructions on how to enable SMTP Authentication on common email programs. SMTP Authentication must be enabled on your email program / application in order to send outgoing email. This is a requirement on most mail servers.

SMTP Authentication simply means your email program is providing your full email address and password when you send outgoing emails to prove who you are. Most webmail programs have SMTP Authentication enabled by default, but many desktop email programs (like Outlook, Thunderbird, Apple Mail etc.) will disable it by default. It’s important to check if SMTP Authentication is required for every email account used or you could encounter error messages or bounce-backs with your outgoing emails. It only takes a minute to check if it’s enabled.

Please note that if you do not have SMTP Authentication enabled, this will decrease the “reputation” of your email address, and other email providers like Yahoo, Hotmail and Google Mail will be more likely to mistake your incoming emails for spam.

Please follow the relevant instructions below to verify SMTP Authentication is enabled.

Continue reading