Author: shahram

Posted on

Understanding CrowdStrike and How to Address Its Presence on Your System

What is CrowdStrike?

CrowdStrike is a cybersecurity technology company renowned for its endpoint protection solutions. Their primary product, Falcon, provides a robust platform for threat detection, incident response, and endpoint protection. It’s widely used by enterprises to safeguard against cyber threats.

Why Might You Want to Identify and Mitigate CrowdStrike?

There are various reasons you might want to check if CrowdStrike is installed on your system. You might be troubleshooting performance issues, dealing with compatibility problems with other software, or simply ensuring that your endpoint protection is functioning as expected. In some cases, you may be evaluating alternative security solutions and need to know how to disable or remove CrowdStrike to avoid conflicts.

How to Determine if CrowdStrike is Installed

  1. Check Running Processes:
    • Open your Task Manager (Ctrl + Shift + Esc).
    • Look for processes named CSFalconService.exe or CrowdStrike.
  2. Examine Installed Programs:
    • Go to Control Panel > Programs > Programs and Features.
    • Look for “CrowdStrike” or “Falcon” in the list of installed programs.
  3. Review System Services:
    • Open the Services management console (services.msc).
    • Look for services named CrowdStrike Falcon Sensor.
  4. Use Command Line:
    • Open Command Prompt as Administrator.
    • Type sc query csagent and press Enter. If CrowdStrike is installed, you will see information about the service.
  5. Check Registry Entries:
    • Open Registry Editor (regedit).
    • Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\CrowdStrike.
    • Presence of keys related to CrowdStrike indicates its installation.

Mitigation Steps if CrowdStrike is Installed

If you have determined that CrowdStrike is installed and you need to mitigate it, follow these steps:

  1. Disable the Service:
    • Open Services management console (services.msc).
    • Find CrowdStrike Falcon Sensor.
    • Right-click and select Stop.
  2. Uninstall the Program:
    • Go to Control Panel > Programs > Programs and Features.
    • Find CrowdStrike in the list and select Uninstall.
  3. Remove Registry Entries:
    • Open Registry Editor (regedit).
    • Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\CrowdStrike and delete the key.
  4. Delete Residual Files:
    • Navigate to C:\Program Files\CrowdStrike.
    • Manually delete the folder.
  5. Restart Your Computer:
    • Restart to ensure all changes take effect and that no residual processes are running.

Replacing or Reinforcing Security

After mitigating CrowdStrike, it’s essential to ensure your system remains protected. Consider installing another reputable endpoint protection solution if you are not replacing CrowdStrike with a different security software provided by your organization.

Conclusion

Identifying and mitigating CrowdStrike on your system involves a series of straightforward checks and actions. By knowing where to look and how to proceed with uninstallation, you can effectively manage your cybersecurity tools and maintain optimal system performance. Always remember to replace any removed security software to keep your system protected from potential threats.

Posted on

8 Reasons to Switch to Linux for a Powerful Workstation Experience

In today’s tech-driven world, choosing the right operating system for your workstation can significantly impact your workflow. While Windows and macOS dominate the desktop market, Linux offers a compelling alternative brimming with benefits for various users. Popular Linux flavors are Ubuntu, Fedora, Arch among others. Here’s why switching to a Linux workstation might be the perfect upgrade for you:

1. Open Source Powerhouse: Linux is an open-source operating system, meaning its code is freely available for anyone to modify and distribute. This fosters a vibrant community that constantly develops and improves the platform. Users gain access to a vast library of free and open-source software, saving on licensing costs and offering a wider range of customization options.

2. Security at its Core: Linux is renowned for its robust security architecture. The root user system restricts unauthorized access, while built-in firewalls and permission controls offer additional layers of protection. Linux systems are less susceptible to malware due to their smaller user base compared to Windows.

3. Customization Nirvana: Unlike the limited personalization options of other operating systems, Linux empowers you to tailor your desktop experience. From choosing your preferred window manager like GNOME or KDE to customizing themes and layouts, Linux lets you create a workspace that reflects your specific workflow.

4. Lightweight Champion: Compared to resource-heavy counterparts, Linux boasts a lightweight design. It runs efficiently on older hardware, extending the lifespan of your computer. This translates to faster boot times, smoother operation, and improved responsiveness, especially on less powerful machines.

5. Developer’s Paradise: Open-source nature and command-line proficiency make Linux a natural habitat for developers. The extensive availability of development tools, programming languages, and integrated development environments (IDEs) streamlines the coding process. Additionally, many development environments like Git version control system are native to Linux, providing a seamless workflow.

6. Stability You Can Trust: Linux systems are known for their exceptional stability. Once configured, they can run for extended periods without the need for frequent reboots, a common issue with other operating systems. This translates to fewer interruptions and a more focused work experience.

7. Built for the Future: The open-source philosophy of Linux ensures continuous development and adaptation to emerging technologies. Linux is at the forefront of advancements like cloud computing and containerization, making it a future-proof choice for tech-savvy users.

8. A Learning Adventure: Transitioning to Linux can be a rewarding learning experience. Familiarizing yourself with the command line and exploring the diverse software options enhances your technical skills and opens doors to new possibilities.

Conclusion:

Whether you’re a programmer, power user, or simply seeking a secure and customizable workspace, Linux offers compelling benefits. With its open-source nature, robust security, and wide range of customization options, Linux can unlock a powerful and efficient workstation experience. So, why not explore the world of Linux and discover its potential to transform your workflow?

Posted on

Digital security while traveling

Let’s face it, we live in a digital world.  Most of our errands and tasks are performed online.  We do our banking online; we get our news from our favorite news media websites; all our communication is either by email, messaging apps such as Skype, Whatsapp, Snapchat or Facebook.  Majority of us work remotely using our computer and do our shopping online.  There is a lot at stake if our Internet security is compromised.  This is specially true when we are traveling.  But there are a few tips for you to stay secure, though total security is impossible.

Do not use public WiFi.  Specially avoid using hotspots not secured with a password, also known as open networks.

Using public computers for sensitive transactions or communication.  The answer is simple: Don’t.   You have no idea if the public computer has spyware installed or not.  One simple way to steal credentials is to install a key-logger, where every key you press is recorded in sequence without your knowledge.  It is wise to never use a public computer other than for non-sensitive interactions.

Locking all doors but leaving a window unlocked.  Many computers and laptops have a file sharing feature.  When you connect to a public network such as a WiFi, your computer is now on the Local Area Network (LAN).  Every other computer on that network can access your computer if you have file sharing enabled and even worse if you you do not have it protected with a strong password.  All data on your computer is now at risk of being compromised.

Accessing personal banking while traveling.  It is best that you avoid doing this while on travels.  If you must access your bank, make sure you are back in the hotel and hardwired as opposed to WiFi, as this reduces the risk.  Better yet, it is better to use a Virtual Private Network (VPN) for all your communication.  Make sure you never enter any Personal Identifying Information (PII) on any website that is not secured (HTTPS) with a valid certificate.

Track your phone.  Before you start your travels, be sure to install tracking tools on your smartphone and turn the GPS on.  This will assist you in finding your phone if it gets lost.  I lost my phone once and could not remember where.  So I went online to track my phone and I had left it in a restaurant.  So I went back and picked it up.  In addition to tracking your phone, you should also password protect it.

There are a few more tips to stay secure.  Rather than inundate you with information, following the few steps above will will be of great help to you.  More security tips will be forthcoming.

Stay physically and digitally safe.

Posted on

Password Managers

If you are like me, you are probably using unique password for every account you have.  When you have dozens and dozens of accounts, it will be difficult to remember all the random passwords.  Password managers to the rescue.  As secure as these password managers developers claim their product to be, there are nonetheless vulnerabilities as I recently was notified about one of these called Lastpass.   A flaw was discovered by Google’s Tavis Ormandy of Project Zero.  Though no malicious activity has not yet been reported, the developers quickly scrambled to patch the security holes.

If you use password manager like Lastpass or 1password, please make certain you have the latest version with all the security patches in place.  Despite such scary news, a password manager is far more secure than Post-it Notes or committing passwords to memory.

Posted on

Badlock bug

Mark your calendar to immediately patch your Mac, Linux and Windows operating system on April 12th as soon as the update is released. Engineers at Microsoft and Samba are currently working on the patch and it is projected to be released in two weeks on a Tuesday which is the update day for Microsoft products. Release time is approximately 17:00 UTC.

We don’t currently know a whole lot about the extent of this vulnerability but we do know it is serious. Some speculate it has to do with file handle invalidated on broken lock. The bug is in Samba which is a cross-platform file sharing pre-installed on your operating system. Patch is for Samba versions 4.4, 4.3 and 4.2. 4.1 version is discontinued.

We will add more information as we receive them. Please check back here frequently.

Posted on

Don’t set it and forget it

Your website, the front door to your business, the exposure it gives you is not something you should create and set once and then forget it.  Websites are living things just like us and require frequent maintenance so they are up-to-date in terms of technology and security.

There are thousands of hackers out there.  For the savvy ones, it only takes a few automated seconds to discover vulnerabilities in your site.  They will then upload and inject malicious scripts and execute it, which allows them to be able to either take full control of your site or simply live there as stowaways.   You may ask, why do hackers to do this?  They do this for some or all of the following reasons:

  1. Use your site to redirect traffic to their own sites.
  2. To send out spam
  3. To use your site for it’s bandwidth
  4. To steal information
  5. And other malicious acts.

Check your website frequently or use the services of professionals to monitor for vulnerabilities and take action in repairing infected sites and closing of security holes.

Proudly powered by WordPress