Loading....

How To Fix Windows Networking Issues After Windows Updates KB4480960 & KB4480970

TL;DR: Head to Control Panel > Windows Updates, click View Update History, click Installed Updates, uninstall KB4480960 (reboot) then uninstall KB4480970 (reboot).

K, for those who ran into issues accessing files, printers, shared .MDB Access databases (e.g. ConsignPro software users) this week, the cause was two Windows Updates.

Fortunately, the great community over @ /r/sysadmin was all over this.

In short, after Windows Updates rolled-out on Patch Tuesday (1/8/2019), if you have a network of computers where they connect to folder shares, printer shares, etc., they were no longer able to connect.

For those running consignment software, this impacted stores either completely, or partially — e.g. ConsignPro uses a file-based database (MS Access .MDB file) which a share is setup on the server, then workstations are pointed to that share via UNC path. For other consignment programs that utilize a SQL Server-based database management system (e.g. Peeps’ Consignment Software, Liberty Consignment Software, etc.) this didn’t impact the software’s ability to run, but any file-based features — e.g. images, report files, etc. — could be impacted.

The fix — roll-back (uninstall) the two, offending Windows Updates.

Below is a detailed outline of the screens/steps. Hope this helps!

Head to Control Panel > Windows Updates:

https://thecomputerpeeps.com/images/snaps/dean/18/2019-01-11_1121.png

Click View Update History:

https://thecomputerpeeps.com/images/snaps/dean/18/2019-01-11_1114.png

Click Installed Updates:

https://thecomputerpeeps.com/images/snaps/dean/18/2019-01-11_1115.png

Uninstall KB4480960 (reboot) then uninstall KB4480970 (reboot):

https://thecomputerpeeps.com/images/snaps/dean/18/2019-01-11_1115_001.png

Be patient. On systems without SSDs (Solid State Drives), this can take a long time to process. On systems with SSDs, this can still take a bit, but it processes much quicker. You might see ‘Preparing to configure…’ during this process and then ‘Configuring Windows Updates 100%’ for quite some time:

https://thecomputerpeeps.com/images/snaps/dean/18/2019-01-11_1143.png
https://thecomputerpeeps.com/images/snaps/dean/18/2019-01-11_1247.png


Heading To San Antonio for the NARTS Conference? Keep Your Connection Secure With Private Internet Access!

Private Internet Access

Are you heading to the NARTS conference in San Antonio, TX this year? If so, how you connect to the Internet while you travel, is something you should be aware of – i.e. your connection is likely not secure.

First and foremost, if you connect to a public/free WiFi hotspot, you need to know that all of your network traffic can be captured. There are a variety of things an attacker can do, when he or she has control of your network traffic:

[checklist]

  • Trick you into visiting fake, malicious sites.
  • Collect your sensitive passwords.
  • Collect credit card information.

[/checklist]

Even if you’re not on a public WiFi connection, your ISP or whoever manages the connection, can see any website you visit.

If you’re connecting to a network that is not your home or business network, or if you don’t want your browsing activity to be viewable by your ISP, we recommend utilizing a VPN (Virtual Private Network).

What the heck is a VPN? A VPN creates a secure, virtual ‘tunnel’ across the Internet, through which your network is transmitted. This prevents malicious attackers from seeing your network traffic as you connect to the Internet and other networks.

Which VPN do you recommend?

There are a variety of VPN options out there and a variety of situations to consider, but for a simple, easy, secure connection, we typically recommend Private Internet Access.  We’ve talked about PIA a few times before.

They have a great video that explains exactly what Private Internet Access does to keep you protected:

[hr]

[hr]

Private Internet Access or PIA, is available for the following platforms:

[checklist]

  • Windows
  • Mac OS X
  • Android
  • iOS

[/checklist]

PIA is dead-simple to use – just click Connect… that’s it…

[hr]

Private Internet Access

[hr]

PIA alone, is not enough to keep a device secure, but it does provide you with a secure connection when you have to connect to public networks.

What are some other security tips you recommend?

[checklist]

  • Prey – Locate your laptop, computers, phones, and tablets if they’re lost or stolen.
  • Device/Disk Encryption – If someone gets your laptop — it doesn’t matter if it’s a Mac or PC — all of your files, are fully accessible. It means absolutely nothing if you have a password — all of your files can be viewed and copied directly from your hard drive. There are a variety of disk encryption options out there and we could dedicate a post to just this topic. Newer versions of Android and iOS are encrypted by default. Many mobile OSes allow you to enable encryption, if it’s not enabled by default. There are also 3rd-party encryption programs, such as the final build of TrueCrypt.
  • Antivirus – I don’t care if you’re running Windows or Mac OS X, you should be running antivirus, period. If someone tells you otherwise, they’re being cocky and they likely are not personally responsible for your computer’s security. Not just any antivirus either. Stick with one of the top-performing antivirus solutions — we typically recommend ESET NOD32 Antivirus. Whatever you do, do NOT use Microsoft Security Essentials. It does not work and anyone who recommends it, well, they should stop doing that – they’re 100% incorrect.
  • Do Not Use Internet Explorer or Safari – Our first recommendation, is Firefox. Some people have been falsely told that “Chrome is the best, install it and you’re secure!” We hope to dissipate that notion. Chrome is definitely a better alternative to Internet Explorer and Safari, however, simply switching to either Chrome, or Firefox, is not enough. You need to be concerned with ad-blocking, Javascript blocking, and malicious changes to your browser, as well as click-jacking. This is why so many Mac users are getting their browser nailed with malware. Instead of letting a website just run whatever it wants in the background (and no, this isn’t stuff you have to enter a password for), you should stop all websites from running anything and only allow websites you truly trust. Right now, you’re letting any website you click, run wild. It’s much better to take the option of NO website can run wild, except for the ones you explicitly trust. This is why we typically recommend Firefox, as the NoScript + uBlock/AdBlock Plus/AdBlock Edge + Public Fox combo is hands-down, the most effective Web Browser configuration @ preventing unwanted downloads or changes in/to the browser itself.
  • Do Not Login As Admin/Root – Whether it’s a Mac or PC, it is better to log in as a ‘restricted’ account, instead of a user that has full access to do anything to your system.

[/checklist]

As always, if you have any questions, don’t hesitate to call us @ (888) 374-5422.

[hr]

Featured Image Source: Private Internet Access

Do You Have A Clear Picture of Your Network?

Peeps' Workbench Network Switches

If you want to skip the boring parts below:

  • Walk around your store with a pen and paper and make note of each computer and where its network cable plugs-in at.
  • Make note of each network ‘box’ — e.g. you modem, router, and any little hubs/switches.

At its base-level, a network is a really simple thing — just a wire from each computer, plugged-in to a box.  Sort of like plumbing and pipes that carry water from one place to another — just a series of tubes.  🙂

For a consignment store, this can mean anything from not being able to get on the Internet, to your consignment software crashing, to just one or two computers getting ‘unable to connect to database’ errors.

So I’ve found it really helps to have a clear picture — literally — of your network setup.  Let’s take a look at a few setups and how these relate to a consignment or resale store…

Basic Setup

In a smaller store, you might only have one computer.  It’s also not uncommon to have an ‘all-in-one’ router/modem combo — i.e. a single box that both connects you to the Internet, as well as providing firewall, network sharing, and WiFi functionality.

So here’s what a smaller store’s setup might look like — one computer, plugged-in to the router/all-in-one (even if it’s WiFi, it’s a ‘virtual’ wire), and then to the cloud!

Basic Consignment Store Setup
Basic Consignment Store Setup

For you, your issues could range from not being able to get online, to experiencing *slow* Internet, or even ‘connection failures’ in Liberty.  Possible sources of your issues and steps to troubleshoot:

  • Slow Internet or No Internet Connection — Power-off your router/modem by disconnecting its power cable, then reconnecting its power cable.
  • Connection Failures in Liberty — Even if you’re hard-wired to your router, check to see if your computer has a WiFi connection and if it’s on.  If so, completely disable the WiFi adapter.

Two-Computer Setup

Next, let’s move on to a store that has two computers.  Contrary to popular belief, the two computers do not *plug-in to each other*.  Instead, both of the computers plug-in to a box (your router) and that’s how they share your consignment software’s database, as well as share an Internet connection.

Two Computer Setup
Two Computer Setup

One of the most common issues in this kind of setup, is computer #2 cannot open the consignment software/gets database errors.  This is because it relies on getting through the network, over to the database that resides on computer #1.  If it can’t connect at all, but could *yesterday*, check the network cable — it’s amazing how common a bad/broken network cable is used, which means it slips out of the network jack.  Always use network cables that properly clip-in to place — if your network cables can be pulled out without having to press that little, plastic tab, throw them away and replace them.

There are other issues that can arise in this setup as well:

  • Someone setup your consignment software to point to an IP address, not the server computer’s name.  We recommend essentially never using IP addresses — only use the computers’ names.  By using an IP address, you’re making a ‘brittle’ setup that can break out of the blue, or if you replace your router.  There are only a few circumstances one would ever ‘point’ the workstation to the server’s IP address.
  • The all-in-one has been updated/altered/changed by the ISP, without your knowledge.  This happens quite a lot.  When you lease an all-in-one from your ISP, they own it, not you.  They have access to said device and can (and will) push updates/changes to it.  This can lead to your consignment software on the workstation running slowly, or not working at all.

Extended Network Setup

For larger stores, or stores with “computers up front” for point of sale, the network layout starts to get a bit more ‘complex’.  Basically, instead of all of the computers plugging-in directly to the router, they use an ‘extension’ of sorts — i.e. a network switch.

In the setup below, notice how computer #3 and #4 connect to a little box (network switch) and then that box connects to the router.  This creates a point of failure — e.g. if that network switch breaks, loses power, or becomes disconnected, then only those two computers won’t be able to get online or open your consignment software.

Extended Network Setup
Extended Network Setup

So this is how you can run into issues such as, “Only the computers on this side of the store can’t connect, but all of the other ones can!

In a setup like this, it’s important to know where that little network switch is, to ensure all of the network cables are new and ‘clip’ in to place, and I’d even recommend putting that network switch on a battery backup.

Extended Network Setup w/ Modem

And lastly, some stores have a dedicated modem with their own router — this is the setup we recommend (See: Why You Should Not Utilize Your ISP’s Router).  Some — even techs — use the terms ‘modem’ and ‘router’ interchangeably.  These are two different *things* with different functions.  ISPs have taken to putting both in one box — i.e. an ‘all-in-one’.  This can seem to be convenient, but using an all-in-one comes with a variety of issues:

  • They tend to be lesser devices, which leads to network (and consignment software) slowness.
  • They tend to  be unpredictable — i.e. where you’d never see certain issues with your own router, you’ll experience everything from slowness, to internal routing issues.
  • They tend to fail prematurely.
  • They tend to need to be ‘rebooted’ often.

By having your own, dedicated modem, it helps alleviate the issues outlined above, but you can also run into issues if the modem loses power — e.g. you won’t be able to get online, but you will still be able to use your consignment software throughout the store.

Extended Network Setup w/ Modem
Extended Network Setup w/ Modem

That last one, is really important, because even though most of the consignment programs do not require an Internet connection, Internet-connectivity issues with an all-in-one can prevent your consignment software from running.

If there’s one takeaway from all of the gibberish above, it’s this — just make sure you (and your employees) have a basic understanding of how all of the computers plug-in to the network.  This alone, can help prevent down-time and minimize the amount of stress that comes from not knowing what the heck the issue could be.  🙂

Liberty & Connection Failures

Connection Failure

If you run Liberty, you’ve likely seen Connection Failures more than once.  More-so, you’ve likely been hit with this either in the middle of the day, or come in to the store in the morning to hear the dong, dong, dong, dong and see the cascading errors covering your screen:

[hr]

http://thecomputerpeeps.com/images/snaps/dean/15/2016-09-19_1218.png

[hr]

What Does A Liberty Connection Failure Mean?

Liberty utilizes MS SQL Server to store and retrieve your data — this is a good thing.  MS SQL Server is its own, stand-alone program which Liberty communicates with.  Just like you make a phone call to someone, Liberty makes a ‘call’ to MS SQL Server when it needs to put new stuff in to or get stuff out of the database.  If it can’t get through to MS SQL Server — e.g. MS SQL Server isn’t running, your server computer is offline, your WiFi connection drops, you have both a wired + WiFi connection on your PC, etc. — it will pop-up a Connection Failure error.

Why Do These Errors Pop-up Over and Over Again?

The Connection Failure in and of itself isn’t a *bad* thing.  Liberty actually properly ‘handled’ the fact that it couldn’t connect to MS SQL Server.  The reason it pops-up over and over and over again, is because Liberty is using a Timer component to try and connect to the database every second.  That timer is set to Tick every second, which is why when it can’t connect, you’ll see the error and hear the dong, dong, dong, dong every second.  The problem at this point, is you’ve lost control of Liberty and you can’t close it.  This is the first and primary issue with how Liberty handles the Connection Failure.  Instead of letting the Timer Tick event tick over and over again, every 1,000 ms, it should recognize it cannot connect to the database, set the Timer to Disabled, and then provide you, the user, with a more-intuitive message and response — e.g. “Uh oh!  It looks like Liberty cannot connect to your main computer running MS SQL Server.  Please check your connection and make sure MS SQL Server is running.  Try again?

This issue is so prolific and creates such a delay for our clients, we’ve made our own Kill Liberty button so they can safely kill the running process:

[hr]

Peeps' Kill Liberty Button
Peeps’ Kill Liberty Button

[hr]

What The Heck Is a Timer?

In software, sometimes you want to *do stuff* every X seconds/minutes — e.g. every 15 minutes, check for new updates.  To do this, you can use a specific component available in most programming languages, called a Timer.

[hr]

Timer Component Properties
Timer Component Properties

[hr]

A Timer is a component you can add to your program and then set it to ‘tick’ on a regular interval.  The default interval is typically 100ms, so to make it tick every second, you’d set it to 1,000 ms (one thousand milliseconds = one second).

Great, now it’s ‘ticking’, but what is it actually going to do when it ticks?  In Liberty’s case, it tries to connect to the database every second.  When it can’t connect, it pops-up an error letting you it can’t connect, then it ticks again, then it pops-up, then it ticks again, and so on.

That it knew it couldn’t connect to the database, means it properly handled (responded-to) the exception (unexpected event/situation) it encountered.  When an exception is handled, the programmer has a choice of what to do.  At the very least, it’s typically best to inform the user of the issue with a pop-up message.  You can take this one step further though and add additional things to do when an exception is handled.  One of those things, in this situation, would be to stop the Timer.

[hr]

Timer Tick Sub-Routine
Timer Tick Sub-Routine

 

[hr]

This way, it doesn’t keep ticking over and over again, thus, preventing the non-stop pop-ups and providing you with a way to either ‘try again’ or close the program altogether.

This is an old, old issue in Liberty and I shouldn’t have to point this out to the vendor in order to improve Liberty users’ experiences.  My goal though, is to make my clients’ lives easier and this single issue, is one of the most common and difficult to handle issues for our clients.  If The Computer Peeps have to be the ones to bring attention to issues and get them fixed, then so be it.

This issue has been reported to the vendor on multiple occasions and there’s no way they’re not fully aware of this issue.  Which raises the questions — Why has Liberty been allowed to do this for over a decade?  Why hasn’t this been fixed?  Why does it take The Computer Peeps to shed light on these issues?  Why isn’t the support staff and developers @ RSW finding and fixing issues like this without prompting?

Why Can’t Vendors Admit To Shortcomings?

Payment Logistics Static IP Only

tl;dr – Payment Logistics requires ‘advanced’ network setup, which you are responsible for.

I was on the phone with a tech from Payment Logistics, one of the CC processors that Liberty integrates with, along with a client.  To make a long story short, their credit card terminals only work when they have static IP addresses assigned – they do not support DHCP.  This means, each terminal has to be manually configured.

For any SysAdmins or techs out there, you are likely already seeing the shortcomings here.  The device should be able to connect to the network and obtain an IP address via DHCP — IP address management can be managed centrally in the router, thus lifting the burden off of the customer.

By requiring each terminal to have a static IP, you put the burden on the end-user.  If anything changes — e.g. they get a new router — ALL of the credit card terminals have to be reconfigured.

When I pointed out this shortcoming to Payment Logistics, they got defensive and started asking, “What do you know about PA-DSS?”  “What do you know…” — a great way to show you’re more interested in stroking your ego vs. dealing with facts.  After a period of time on the phone, the end-user was calling out which menu options he saw and lo and behold, it has DHCP.  When I asked the Payment Logistics tech why we can’t just use DHCP, he said their terminals currently only work with a static IP, but they have a new version in beta which will support DHCP.

So we took the loooooooong way around them simply stating, “Yes, right now our terminals only support static IPs, which we realize is enough of a shortcoming that we’re adding DHCP functionality and it’s currently in beta.”  Instead of just saying that, they tried to ‘protect’ themselves and get into a pissing contest.

As of right now, I can’t faithfully recommend Payment Logistics to our clients who are running Liberty, as this puts a tremendous amount of burden on the end-user and it’s an obvious shortcoming.  Did Liberty/Resaleworld tell you all of this before they recommended this credit card processor?  Did they go over the amount of work and burden it puts on you?  I’m sure all of you have SysAdmins out there or know how to manually configure your devices’ IP address settings, right?

Do Your Employees Know What To Do When the Internet Is Down?

aaaaaaaaaah

It’s Saturday.  You’re not working at your store today, but an employee is opening and running the store for the day.  They go to get online and realize there is no Internet connection.  They try to use the consignment software on the computers throughout your store, but they get error messages.  The credit card system is down too!!!

Do your employees know how to identify your Internet modem, network router, and any network devices on your network?  When we receive a call from a store that’s currently down, one of the first things to check is to see if the modem/router is powered-on and online.  Next, is to reboot/power-cycle it.

This is the point where we find most employees do not know where the modem/router is or how to identify it.

[hr]

Modem + Router Combo
Modem + Router Combo

[hr]

Instead of setting your employees up for a crisis, it’s worth setting aside some time to show employees where the following devices are located:

[checklist]

  • Cable/DSL modem
  • Network Router
  • Network Switch

[/checklist]

[hr]

[info_box style=”notice”]Some locations might have a separate modem and router, others might have an all-in-one ‘gateway’.[/info_box]

[hr]

Maybe print a label for each of these devices and snap a picture with your phone, so you can create a “to do” list if Internet goes down.  Just power-cycling these devices, typically resolves most ‘Internet is down!‘ issues.

By empowering your employees with the ability to identify your Internet modem/router, Internet going out won’t feel like such a major issue.  🙂

If you would like The Computer Peeps to help you document your network configuration, give us a buzz at (888) 374-5422!

Heading To Scottsdale for the NARTS Conference? Keep Your Connection Secure With Private Internet Access

Private Internet Access - How It Works

Are you heading to the NARTS conference in Scottsdale, AZ this year?  If so, how you connect to the Internet while you travel, is something you should be aware of – i.e. your connection is likely not secure.

First and foremost, if you connect to a public/free WiFi hotspot, you need to know that all of your network traffic can be captured.  There are a variety of things an attacker can do, when he or she has control of your network traffic:

[checklist]

  • Trick you into visiting fake, malicious sites.
  • Collect your sensitive passwords.
  • Collect credit card information.

[/checklist]

Even if you’re not on a public WiFi connection, your ISP or whoever manages the connection, can see any website you visit.

If you’re connecting to a network that is not your home or business network, or if you don’t want your browsing activity to be viewable by your ISP, we recommend utilizing a VPN (Virtual Private Network).

What the heck is a VPN?  A VPN creates a secure, virtual ‘tunnel’ across the Internet, through which your network is transmitted.  This prevents malicious attackers from seeing your network traffic as you connect to the Internet and other networks.

Which VPN do you recommend?

There are a variety of VPN options out there and a variety of situations to consider, but for a simple, easy, secure connection, we typically recommend Private Internet Access.

They have a great video that explains exactly what Private Internet Access does to keep you protected:

[hr]

[hr]

Private Internet Access or PIA, is available for the following platforms:

[checklist]

  • Windows
  • Mac OS X
  • Android
  • iOS

[/checklist]

PIA is dead-simple to use – just click Connect… that’s it…

[hr]

Private Internet Access

[hr]

PIA alone, is not enough to keep a device secure, but it does provide you with a secure connection when you have to connect to public networks.

What are some other security tips you recommend?

[checklist]

  • Prey – Locate your laptop, computers, phones, and tablets if they’re lost or stolen.
  • Device/Disk Encryption – If someone gets your laptop — it doesn’t matter if it’s a Mac or PC — all of your files, are fully accessible.  It means absolutely nothing if you have a password — all of your files can be viewed and copied directly from your hard drive.  There are a variety of disk encryption options out there and we could dedicate a post to just this topic.  Newer versions of Android and iOS are encrypted by default.  Many mobile OSes allow you to enable encryption, if it’s not enabled by default.  There are also 3rd-party encryption programs, such as the final build of TrueCrypt.
  • Antivirus – I don’t care if you’re running Windows or Mac OS X, you should be running antivirus, period.  If someone tells you otherwise, they’re being cocky and they likely are not personally responsible for your computer’s security.  Not just any antivirus either.  Stick with one of the top-performing antivirus solutions — we typically recommend ESET NOD32 Antivirus.  Whatever you do, do NOT use Microsoft Security Essentials.  It does not work and anyone who recommends it, well, they should stop doing that – they’re 100% incorrect.
  • Do Not Use Internet Explorer or Safari – Our first recommendation, is Firefox.  Some people have been falsely told that “Chrome is the best, install it and you’re secure!”  We hope to dissipate that notion.  Chrome is definitely a better alternative to Internet Explorer and Safari, however, simply switching to either Chrome, or Firefox, is not enough.  You need to be concerned with ad-blocking, Javascript blocking, and malicious changes to your browser, as well as click-jacking.  This is why so many Mac users are getting their browser nailed with malware.  Instead of letting a website just run whatever it wants in the background (and no, this isn’t stuff you have to enter a password for), you should stop all websites from running anything and only allow websites you truly trust.  Right now, you’re letting any website you click, run wild.  It’s much better to take the option of NO website can run wild, except for the ones you explicitly trust.  This is why we typically recommend Firefox, as the NoScript + uBlock/AdBlock Plus/AdBlock Edge + Public Fox combo is hands-down, the most effective Web Browser configuration @ preventing unwanted downloads or changes in/to the browser itself.
  • Do Not Login As Admin/Root – Whether it’s a Mac or PC, it is better to log in as a ‘restricted’ account, instead of a user that has full access to do anything to your system.

[/checklist]

As always, if you have any questions, don’t hesitate to call us @ (888) 374-5422.

[hr]

Featured Image Source: Private Internet Access

Do I Have A Static IP Address?

If you utilize security cameras or a mobile application that connects back to a ‘server’ at your consignment store, then this question will likely come up.

Before we get into Static vs. Dynamic, we need to know what the heck an IP address is!

What is an IP address?

Similar to how each house and business has a unique address so the post office can find you, so does each location that has Internet access.  Your local ISP typically provides you with one IP address.  The issue is, they typically do not guarantee this address will always be the same — i.e. it’s Dynamic.

Why does that matter?  When you configure security cameras or a mobile app such as Liberty Mobile, you’ll need to know your store’s unique IP address so the app can ‘get back to your store’ when you’re not there.  That’s as easy as visiting a site such as What Is My IP?.  Once you’ve entered your store’s IP address and if everything else is properly configured — e.g. port forwarding, etc. — your mobile app should be able connect and do what it needs to do.

Things will typically continue working for a period of time, but since your store’s IP address is Dynamic, it will likely change some day.  When that happens, your mobile app will no longer be able to connect.  Now, there’s nothing stopping you from going right back to What Is My IP? to find out the new IP address, then entering that in your mobile app(s).  Some ISPs let you keep your IP address for weeks or even months.  Others will expire it on an almost-daily basis, so you could end up constantly updating your mobile app.  Or, the store’s IP address could change at a time when you can’t quickly find out the new one and your mobile app would be dead in the water until you find out the new IP.

In order to deal with this issue, there are typically two options to pick from:

[hr]

  • Ask your local ISP for an IP address that won’t change — i.e. a Static IP address — which typically comes with a monthly fee @ roughly $5-$15/mo.

    or

  • Utilize a Dynamic DNS service, such as Dyn.  Not only is the cost lower @ roughly $25 per year, but you also have the added benefit of a user-friendly address to use with your cameras and mobile apps – e.g. mystore.dyndns.biz

[hr]

We typically recommend the latter of the above options, not only for the savings, but for the added benefit of a user-friendly address/URL.  Some could also say there’s an added, although minimal, security benefit by not having the same IP address at the store.

How do you configure a Dynamic DNS service such as Dyn?

It’s relatively easy to do, although it could be confusing for those not familiar with some of the terms and and concepts.  In summary, the following would need to happen:

[hr]

  1. Register a Pro account at Dyn and choose a unique address/host name — e.g. mystore.dyndns.biz.  If you do this from your store, Dyn should automatically update your account with the most-recent IP address.
  2. Enter your Dyn account information in your router (if it supports Dynamic DNS services) or download, install, and configure the Dyn Updater software on a computer at your store that will always be powered-on.
  3. Enter your new address/host name into your mobile app.

[hr]

That’s it!  From here on out, your mobile app(s) should continue to work, even if your store’s IP address changes.

How do I know if I have a Static IP address?

You’ll need to contact your local ISP to verify if you do in fact have a Static IP address.  Most ISPs do not include this with their services, so it’s typically something you have to go out of your way to request.  It might even show as a line item on your monthly bill.

If you have any questions or if you’d like The Computer Peeps to configure any of this for you, don’t hesitate to give us a buzz at (888) 374-5422.

Windstream, Your Techs Are Bad and You Should Feel Bad

Windstream, seriously, you should feel bad

It’s Friday, the day after Independence day here in the States.  We received an emergency email from a client who is unable to utilize their point of sale system for processing credit cards.  All was working properly, until Windstream introduced a new piece of hardware.  Where our client once had a modem, they now have an all-in-one gateway.

When accessing systems directly via UNC path, the systems are taking over a minute to respond.  Applications that communicate with the Internet, are failing to connect.  Connections are timing-out.

Oh, Windstream also enabled WiFi for the store – how nice of them!

When we called the tech who performed this installation, we were quite surprised to hear the response of, “Man, we do this all the time!”  Instead of, “Oh, well, yeah, I see how after I added a new Layer 3 device, the network is probably going bonkers now.”  No accountability.  When I mentioned the other router, his response was, “How was I supposed to know?”  Because it was right there in front of you.

This isn’t just an innocent mistake or little slip-up.  Mistakes happen, settings can be overlooked, etc.  This wasn’t the case.  The, “we do this all the time” response and lack of understanding how their change could cause issues, make that clear.

This tech didn’t like being called by some out-of-towner giving him an earful on a Friday.  Windstream techs and field techs out there, please, just show an ounce of pride in your work.  It’s businesses like our client, whose systems go down on a holiday weekend while you just get to “close another ticket.”

The scariest part is thinking about how many service providers out there just implement default installations, because “we do this all the time!”

Why Connecting to a VPS via Remote Desktop Violates the PCI DSS

If you connect to a “cloud” VPS using Remote Desktop without TLS or SSL and you swipe (or type) credit card numbers from your computer ‘up’ to software running on your VPS, your business is in violation of the PCI DSS [PDF].

The PCI DSS Guide states the following:

[box with_bg=”true” inner_padding=”small”]
[heading type=”h3″ no_top_padding=”true” underlined=”true”]PCI DSS 4.1[/heading]
Use strong cryptography and security protocols (for example, SSL/TLS, IPSEC, SSH, etc.) to safeguard sensitive cardholder data during transmission over open, public networks.

Examples of open, public networks that are in scope of the PCI DSS include but are not limited to:

[checklist]

  • The Internet
  • Wireless technologies
  • Global System for Mobile communications (GSM)
  • General Packet Radio Service (GPRS)

[/checklist]

[/box]

In a configuration where your credit card swipe is connected to your PC and your credit card software (e.g. X-Charge) is on your PC, the cardholder data goes from the swipe, into X-Charge, and then X-Charge transmits data over SSL.

In a VPS configuration, X-Charge is no longer installed on your computer – no software is installed on your computer.  Instead, you connect to your VPS over an open, public network (i.e. the Internet) via Remote Desktop.  X-Charge is running on the VPS “up there,” away from your computer.  When you swipe the card, it goes through the swipe and out across the public Internet.  Remote Desktop does not utilize SSL.  Your system administrator must install and configure Secure RDS, configure SSL, etc.

These are facts and the reason we share this sort of information, is because store owners are ultimately the ones who are held accountable for PCI DSS Compliance.  It’s common sense and best-practice NOT to swipe credit cards across RDP.  If best-practice isn’t enough, then the PCI DSS should be.

Back To Top