Thursday, September 26, 2013

Proactive Maintenance

Buildings and business operations rely on critical equipment to function. While this may differ between industry sectors and business operations, for instance within manufacturing where machinery is mission critical or within a high-rise office park where air conditioning is vital, the fact remains that without this equipment, the business would be unable to function.
Maintaining this equipment then is a matter of some importance, and a proactive building maintenance strategy cannot only help to manage expenses by prolonging the lifecycle of equipment, but can also reduce the likelihood of this equipment failing without warning, causing loss of productivity and potentially causing disruption, depending on the nature of the machinery.
However, intrusive equipment maintenance may not be necessary, as it can cause problems of its own, including loose connections, shortened equipment life and actually introducing points of failure where they may not have existed before. Infrared testing is one method of proactive maintenance that circumvents this issue, since it is non-invasive and can help to identify if there are any problems with equipment without physically examining it.
This method can be used on any equipment that generates a heat profile when in operation, including the main electrical infrastructure, critical electrical equipment, transformers, switchgear, transmission lines, distribution boards, motors, compressors, boilers, air conditioning systems, lighting and other electronic devices. Using infrared testing, it is possible to run diagnostics and identify points of failure through variations in temperature profiles without physically touching the equipment.
Infrared advantages
This has several advantages. Testing can be conducted in real-time at peak operational times, without the need to switch equipment off and disconnect it, enabling inspectors to verify and monitor operational aspects on equipment. The infrared testing also provides a visual overview of the status of the equipment. Being highly sensitive, it can pick up even the smallest anomalies which may indicate points of failure. These can then be checked against benchmark thermal profiles for particular equipment to determine if action needs to be taken.
This method can be used effectively on equipment that is dangerous to get physically close to, such as high voltage equipment. It allows diagnostics to be conducted on a wider variety of machinery. It also enables remote inspections on critical equipment and equipment that is difficult to access, since an infrared tester can be installed on the machines themselves for constant monitoring.
Infrared and other non-invasive techniques are more cost and time effective than traditional maintenance methods and enable proactive programming to be developed based on the data obtained from monitoring equipment. This can then help to identify future points of failure, improve the longevity of equipment, and create a managed environment which is far more effective in the long term than a reactive approach.
However, proactive maintenance should always be combined with a tailored maintenance strategy that is specific to the needs of an individual building or the business as a whole, linked in with the financial performance and strategy of the organisation. There is no ‘one size fits all’ approach when it comes to building maintenance, and this strategy should balance the risk associated with failing equipment with the cost associated with maintenance.
The correct strategy
Some organisations require constantly running equipment, whereas others can withstand a certain amount of downtime, which should be considered in the maintenance strategy. In some instances, running equipment to failure may be the most cost effective option, so this must also be taken into account, along with legislated scheduled maintenance on certain equipment such as fire prevention systems, elevators and escalators, vessels under pressure and load equipment. These must be maintained at specified intervals for insurance, warranty and legal purposes.
When it comes to developing a maintenance strategy, it is useful to work with a specialised outsource provider who can help organisations to determine how to maintain equipment and drive this. Each client and environment is unique, so the approach should be tailored based on a basic strategy outlined which can then be refined by the service provider to deliver the best solution for an individual environment.
Proactive monitoring and maintenance can be a complex and expensive process to bring in-house, due to the cost of labour and equipment, the specialised skills needed and the part time nature of this type of job. Outsourcing this process to an experienced service provider will not only ensure that organisations can leverage economies of scale and access a cost effective service. It will also provide assurance that the provider will have the most up to date knowledge of what points of failure to look for across different equipment, as well as the latest information, equipment and technology to provide the best levels of service.
Maintenance of buildings and the variety of equipment they contain is a vital part of running any successful business. By defining the maintenance strategy correctly and adopting the right mix of proactive and reactive maintenance, organisations can save money, prolong the life of equipment, managing both operational and reputational risk through an intelligent process that matches the finances, needs and strategy of the business as a whole.

Saturday, September 7, 2013

What is the Registry

What is the Registry?

The Registry is a database used to store settings and options for the 32 bit versions of Microsoft Windows including Windows 95, 98, NT/2000, Windows ME, Windows XP, Windows Vista and Windows 7 operating systems. It contains information and settings for all the hardware, software, users, and preferences of the PC. Whenever a user makes changes to a Control Panel settings, or File Associations, System Policies, or installed software, the changes are reflected and stored in the Registry.

However, just like every other part of your computer, your registry needs occasional cleaning and reorganization. Using a top-rated registry cleaner will help you clean your computer registry painlessly.

Friday, September 6, 2013

Linux VS. Windows DVR

There are two different types of surveillance DVRs – those that run on a Windows operating system, and those that run on a Linux operating system.  Years ago, the Linux DVRs were more reliable due to weaknesses in the Microsoft ME operating system.  However, due to the stability of Windows XP, both types of products are now equally as reliable when it comes to the core operating system.  However, due to large inadequacies that exists in the hardware construction and DVR software design of Linux type DVRs, Windows DVRs have become the clear choice for most surveillance applications.
So…. what exactly is a “stand-alone? surveillance DVR?  Frankly, we don’t know who coined the term.  However, we do know that it is highly misused and misunderstood.  The fact of the matter is that both Windows and Linux style DVRs are similar in hardware design.  Both style DVRs require a main board (motherboard), processor, RAM, a graphics card, video processing chip, network adapter, and storage hard drive.  However, a main, and very critical, difference is that most all Linux DVRs put all required hardware on a single board.  This creates a situation whereby once a single component on the main board fails, that the product is commonly rendered useless.  And since the main selling point of Linux DVRs is their low price-point, they are very commonly constructed as economically as possible typically using below-par unskilled labor and manufacturing techniques.
 
 
Unlike Linux style DVRs, Windows DVRs are almost always constructed of mainstream hardware components.  These components are most always of higher quality than those found in Linux DVRs.  Perhaps even more importantly, they are also readily available from most any computer or consumer electronics store.  Therefore, if a hardware failure is recognized in a Windows DVR, it should be relatively easy to quickly find an inexpensive replacement part to repair the problem.  The only exception would be the actual multi-capture PCI card.
 
Hardware Bottom Line… Windows DVRs typically utilize higher quality hardware components that are readily available in the event of failure.  In the event of component failure in a Linux style DVR, the entire unit typically has to be sent back to either mainland China, Taiwan, or South Korea for repair (if still under warranty).
 
 
Software design, reliability, usability, and overall practicality differences between Windows DVRs and Linux DVRs are also greatly different.  Although there are many grades of surveillance software that drives Windows-based DVRs, overall, even moderately well designed Windows DVR software will almost always out perform that found in Linux-based DVRs.  Simply, it’s a matter or usability as most all Linux DVRs operate off of deep menu-driven controls rather than being point & clickable with a PC mouse.  Although low level controls like start, stop, play, etc can typically be easily controlled via the front panel on a Linux DVR, other important functions like camera set-up, record scheduling, motion detection control, video searching, and so on are typically controlled via difficult to use menus.  Even worse, many features like advanced motion detection zoning and automatic user notification via phone, fax, or beeper when motion is detected are not even available on most all Linux DVRs.  Perhaps even of greater concern is that most Linux DVRs use open source surveillance software that is not properly tested for commercial surveillance applications.
 
 
Software Bottom Line… Windows-based DVRs are easier to use and offer greater features than Linux style DVRs. 
So, when is a Linux style DVR a better choice?  Given that the hardware is typically manufactured on a single board and the Linux operating system being free of charge, Linux DVRs do typically cost considerably less than Windows DVRs.  Provided that cost is a greater issue than system reliability, ease of use, and features, Linux DVRs are a very viable option.  Although Linux DVRs have their shortcomings when compared to Windows DVRs, the fact remains that they are typically by far a better and more viable option than any Analog CCTV system (time lapse vcr, multiplexer, etc).
 

Thursday, August 29, 2013

Popular Surveillance Cameras Open to Hackers

Popular Surveillance Cameras Open to Hackers

In a world where security cameras are nearly as ubiquitous as light fixtures, someone is always watching you.
But the watcher might not always be who you think it is.
Three of the most popular brands of closed-circuit surveillance cameras are sold with remote internet access enabled by default, and with weak password security — a classic recipe for security failure that could allow hackers to remotely tap into the video feeds, according to new research.
The cameras, used by banks, retailers, hotels, hospitals and corporations, are often configured insecurely — thanks to these manufacturer default settings, according to researcher Justin Cacak, senior security engineer at Gotham Digital Science. As a result, he says, attackers can seize control of the systems to view live footage, archived footage or control the direction and zoom of cameras that are adjustable.
“You can essentially view these devices from anywhere in the world,” Cacak said, noting that he and his security team were able to remotely view footage showing security guards making rounds in facilities, “exceptionally interesting and explicit footage” from cameras placed in public elevators, as well as footage captured by one high-powered camera installed at a college campus, which had the ability to zoom directly into the windows of college dorm rooms.
Cacak and his team were able to view footage as part of penetration tests they conducted for clients to uncover security vulnerabilities in their networks. The team found more than 1,000 closed-circuit TV cameras that were exposed to the internet and thus susceptible to remote compromise, due to inherent vulnerabilities in the systems and to the tendency of the companies to configure them insecurely.
The inherent vulnerabilities, he said, can be found in at least three of the top makers of standalone CCTV systems that he and his researchers examined — MicroDigital, HIVISION, CTRing — as well as a substantial number of other companies that sell rebranded versions of the systems.
CCTV video surveillance systems are deployed at entrances and exits to facilities as well as in areas considered to be sensitive, such as bank vaults, server rooms, research and development labs and areas where expensive equipment is located. Typically, the cameras are easily spotted on ceilings and walls, but they can also be hidden to monitor employees and others without their knowledge.
Obtaining unauthorized access to such systems could allow thieves to case a facility before breaking into it, turn cameras away from areas they don’t want monitored or zoom in on sensitive papers or prototype products at a workstation. The cameras could also be used to spy on hospitals, restaurants and other facilities to identify celebrities and others who enter.
Remote access capability is a convenient feature in many of CCTV systems because it allows security personnel to view video feed and control cameras via the internet with laptops or mobile phones. But it also makes the systems vulnerable to outside hackers, particularly if they’re not set up securely. If the feature is enabled by default upon purchase, customers may not know this is the case or understand that they should take special steps to secure the systems as a result.
“All the ones we found have remote access enabled by default,” Cacak says. “Not all the customers may be aware [of this]…. Because most people view these via console screens, they may not be aware that they can be remotely accessed.”
Compounding the problem is the fact that the systems come deployed with default easy-to-guess passwords that are seldom changed by customers. They also don’t lock-out a user after a certain number of incorrect password guesses. This means that even if a customer changes the password, an attacker can crack it through a bruteforce attack.
Many of the default passwords Cacak and his team found on CCTV systems were “1234″ or “1111.” In most cases the username was “admin” or “user.”
“We find about 70 percent of the systems have not had the default passwords changed,” Cacak said.
Because many customers who use the systems don’t restrict access to computers from trusted networks, nor do they log who is accessing them, Cacak said owners often cannot tell if a remote attacker is in their system viewing video footage from outside the network.
To help companies determine if their CCTV systems are vulnerable, Cacak’s team worked with Rapid7 to produce a module for its Metasploit software targeting CCTV systems made by MicroDigital, HIVISION and CTRing or sold by other companies under a different name. Metasploit is a testing tool used by administrators and security professionals to determine if their systems are vulnerable to attack, but it’s also used by hackers to find and exploit vulnerable systems.
The module can determine if a specific user account, such as “admin,” exists on a targeted CCTV system, and it can also conduct automatic log-in attempts using known default passwords, brute force a password crack on systems using unknown passwords, access live as well as recorded CCTV footage, and redirect cameras that are adjustable. HD Moore, chief security officer at Rapid7, said they’re working on a scanner module that will help locate CCTV systems that are connected to the internet.
Earlier this year, Moore and another researcher from Rapid7 found similar vulnerabilities in video-conferencing systems. The researchers found they were able to remotely infiltrate conference rooms in some of the top venture capital and law firms across the country, as well as pharmaceutical and oil companies and even the boardroom of Goldman Sachs — all by simply calling in to unsecured videoconferencing systems that they found by doing a scan of the internet.
They were able to listen in on meetings, remotely steer a camera around rooms, as well as zoom in on items in a room to read proprietary information on documents.
Cacak said that customers using CCTV systems should disable remote access if they don’t need it. If they do need it, they should change the default password on the systems to one that is not easily cracked and add filtering to prevent any traffic from non-trusted computers from accessing the systems.

Thursday, August 22, 2013

How to Set up a Static IP Address on a Windows7 Computer

It is very important to setup a static ip address, if you are going to use port forwarding. When you have port forwarding setup, your router forwards ports to an ip address that you specify. This will probably work when you initially set it up, but after restarting your computer it may get a different ip address. When this happens the ports will no longer be forwarded to your computer's ip address. So the port forwarding configuration will not work.
What is an ip address?
IP addresses are four sets of numbers separated by periods that allow computers to identify each other. Every computer has at least one ip address, and two computers should never have the same ip address. If they do, neither of them will be able to connect to the internet. There is a lot of information at the following link. You don't need all of it. But if you want to know more about how networks work, you'll find it there.

Dynamic vs Static IPs
Most routers assign dynamic IP addresses by default. They do this because dynamic ip address networks require no configuration. The end user can simply plug their computer in, and their network will work. When ip addresses are assigned dynamically, the router is the one that assigns them. Every time a computer reboots it asks the router for an ip address. The router then hands it an ip address that has not already been handed out to another computer. This is important to note. When you set your computer to a static ip address, the router does not know that a computer is using that ip address. So the very same ip address may be handed to another computer later, and that will prevent both computers from connecting to the internet. So when you asign a static IP addresses, it's important to assign an IP address that will not be handed out to other computers by the dynamic IP address server. The dynamic IP address server is generally refered to as the dhcp server. 

Setting up a static ip for Windows 7.
If you have a printer, before you begin print out this page!


Step 1:
Open up the start menu, and look for the Search programs and files box. You should now see the following window.

Step 2:
Type cmd in the Search programs and files box, and press Enter on your keyboard. The will bring up a black command prompt window.
Step 3:
The command prompt may look different on your screen, but it doesn't really matter. Type ipconfig /all in that window, and then press the enter key. This will display a lot of information. If it scrolls off the top you may need to enlarge the window.

Step 4:
I want you to write down some of the information in this window. Take down the IP address, Subnet Mask, Default Gateway, and Name Servers. Make sure to note which is which. We are going to use this information a little bit later. We are only concerned with IPv4 entries, you can ignore the IPv6 stuff.

The name server entries are a bit complicated. Name Server is just another name for DNS(domain name server) server. Some router's act as a proxy between the actual name servers and your computer. You will know when this is the case, because the Default Gateway will list the same ip address as the Name Servers entry. We need to have the correct Name Server IP addresses. If we do not, you will not be able to browse the web. There are a couple ways to get these. The first way is to log into your router's web interface, and look at your router's status page. On that page you should see an entry for DNS Servers, or Name Servers. Write down the ip adresses of your Name Servers. Another way to get the correct Name Servers to use, is to give your ISP a call. They should know the ip addresses of your Name Servers right off. If they ask you why you need them, you can tell them you are trying to setup a static IP address on your computer. If they try to sell you a static external ip address, don't buy it. That's an entirely different thing that what you are trying to setup.

Type exit in this window, then press the enter key to close it. 

Step 5:
Once again open the start menu. This time click Control Panel.
Step 6:
Click on View Network Status and Tasks.
Step 7:
Single click Change adapter settings on the left side of your screen.
Step 8:
You might have more than one Internet connection listed here. You will need to determine which adapter is your connection to the Internet if this is the case. Right click on your network adapter and choose properties to open up the properties window of this internet connection.

Step 9:
Click Internet Protocol Version 4(TCP/IPv4) and then the Properties button.
Step 10:
Before you make any changes, write down the settings that you see on this page. If something goes wrong you can always change the settings back to what they were! You should see a dot in the Obtain an IP address automatically box. If you do not, your connection is already setup for a static ip. Just close all these windows and you are done.

Pick an ip address and enter it into the IP Address box. The ip address you choose should be very similar to the router's ip addres. Only the last number of the ip address should be different. If the router's ip address is 192.168.1.1, I might choose 192.168.1.10. The ip address you choose should end with a number between 1 and 254, and should not be the same as the router's ip address. Every device that connects to your network needs to have it's own ip address.

Put the subnet mask we previously found in the subnet mask section. The default gateway should go into the Default gateway box. Enter the dns servers we prevoiusly found into the two DNS Server boxes. Click okay all the way out of this menu.

If you find that you can not pull up webpages, the problem is most likely the dns numbers you entered. Give your ISP a call, and they will be able to tell you which dns servers to use. This is a question they answer all of the time. They will be able to tell you what you should use right away.

That's it you should be done! If you can't connect to the internet go back and change your configuration back to what it originally was.