RSS Feed
Latest Updates
Oct
9
Hurricane Michael
Posted by Barry Bahrami on 09 October 2018 10:34 AM
Subscribers potentially affected by hurricane Michael:

CNS maintains an SMS gateway to our Help Desk for your use during a power failure or other emergency in your area. SMS is ideal because it does not use jammed voice lines, will continue to try getting messages thru and also uses very little battery compared to voice. Please save these numbers in your mobile device now so you will have them later if needed. Upon receipt, CNS will acknowledge your message and interact through SMS to assist you. For faster service, please include your email address in the message.

In the UK: +44 1872 672038
All other regions, worldwide, including the USA: +1 858 633-8999

Our helpdesk can also be reached via telephone at any of the numbers below:

San Diego, CA: +1 (619) 225-7882
Los Angeles, CA: +1 (213) 769-1787
New York, NY: +1 (646) 930-7435
London, UK: +44 (1753) 260678

 

Please let us know any way we can assist you.  Whether you need a CNS tech to login to your service to check on something or simply want to confirm your terminals are ok, we are here to help.


Read more »



Sep
10
Hurricanes Florence and Olivia
Posted by Barry Bahrami on 10 September 2018 12:55 PM
Subscribers potentially affected by hurricanes Florence and Olivia:

CNS maintains an SMS gateway to our Help Desk for your use during a power failure or other emergency in your area. SMS is ideal because it does not use jammed voice lines, will continue to try getting messages thru and also uses very little battery compared to voice. Please save these numbers in your mobile device now so you will have them later if needed. Upon receipt, CNS will acknowledge your message and interact through SMS to assist you. For faster service, please include your email address in the message.

In the UK: +44 1872 672038
All other regions, worldwide, including the USA: +1 858 633-8999

Our helpdesk can also be reached via telephone at any of the numbers below:

San Diego, CA: +1 (619) 225-7882
Los Angeles, CA: +1 (213) 769-1787
New York, NY: +1 (646) 930-7435
London, UK: +44 (1753) 260678

 

Please let us know any way we can assist you.  Whether you need a CNS tech to login to your service to check on something or simply want to confirm your terminals are ok, we are here to help.


Read more »



Apr
19
SECURITY ADVISORY - RDP Attack Directed at our Network [UPDATE]
Posted by Barry Bahrami on 19 April 2018 11:07 AM
 
[CNS Logon]
 
RE: SECURITY ADVISORY - RDP Attack Directed at our Network [UPDATE]

We have had significant success in fending off this cyberattack.  Please help us protect your VM by installing security  updates and re-randomizing the RDP port in your VM when possible. 

Systems Affected
  • All Windows servers & desktops
Details

CNS began receiving abusive traffic earlier this month, which included attacks on subscriber servers through the randomized RDP port.  Besides a severe drain of resources from the targeted servers, the obvious concern was how did anyone obtain randomized RDP port information?  We immediately began to search for answers and notified you of the attack so you could make sure your server was protected.

We have identified a botnet consisting of nearly 1000 IP addresses working together to continuously scan the network without any one IP address probing too often.  This allowed it to evade automated filters and find ports to target.  After obtaining the (encrypted) RDP port, they then proceeded to brute force attack the server and/or attempt entry through unpatched vulnerabilities.  We have blackholed this botnet and have developed new methods to identify and stop these types of threats before they reach your CNS service.   We are continuing to analyze traffic patterns in order to identify new threats and we are also attempting to work with the respective ISP's to dismantle it completely.


This event is a reminder to always keep your server up to date with the latest security related patches.  A strong password is also ideal.  Please consider installing free two-factor authentication.  To date, we have never seen a 2FA protected service hacked.  It is an excellent way to protect your data.

We have seen only one server hacked during this event.  It had a VERY weak password and was not protected by two-factor authentication.  Please - at a minimum - make sure your passwords are not in any dictionaries and contain both numbers and symbols, such as !@#$.

The fastest way to change your Windows password is from inside the server.  At a command prompt, type:  net user Administrator newpassword

where "newpassword" is the new password.


This will likely be the last update regarding this event.  We will of course reach out again if necessary.  Please do not hesitate to contact CNS Support with any questions or concerns.


Impact:

A remote, unauthorized attacker could drain a VM of resources necessary for applications to run.  They might also gain entry and take complete control.

How to determine if you have been impacted:

Check windows event->security logs for numerous failed login attempts.  


Solution:

We recommend ALL SUBSCRIBERS install pending Microsoft updates AND run the CNS RDP Port Randomizer in your VM as soon as possible. A reboot will be required. After running the RDP Port Randomizer, please download a new RDP shortcut from the CNS Control panel. Simply click "My Products & Services"->"View Details" next to the VM subscription. Scroll down to the RDP Shortcut Creator to create and download your RDP shortcut.

STEPS:

1) Install all pending Windows updates.  Reboot as required and check for updates again until there are no more to install.
2) From inside the VM (DO NOT RUN ON YOUR COMPUTER), download and run the RRDP Port Randomizer from the CNS Helpdesk.  Your VM will reboot after pressing "Go".
3) Login to the CNS Control Panel and download a new RDP shortcut.  This will replace your current RDP shortcut.


For added protection, consider adding two-factor authentication.. CNS provides free two-factor authentication to all subscribers. Please contact CNS Support if you require assistance.


How to Install Windows Updates:

Windows 2008 subscribers will see a blue server with a yellow arrow circling it. Double click to begin the install process and follow the prompts.

Windows 2012 subscribers should click start->control panel->System and security->Check for updates


A reboot will be required to complete the update.  Be sure to confirm all updates are installed by checking again after reboot.

Please do not hesitate to open a support ticket if you require assistance.


What we are doing to protect CNS subscribers:

We notified you early so that you could secure your VM as soon as possible.
We have identified and blackholed a significant and stealthy botnet responsible for this attack.
We have developed new capabilities to better monitor this activity and will continue to perfect them as we further analyze this attack and current traffic patterns.
We have developed and deployed numerous countermeasures with synchronous capabilities to neutralize attacking computers.
We are working with law enforcement to apprehend the attacker(s).


Getting Help:

Thank you for choosing Commercial Network Services. Please let us know if you have any questions or concerns. We are always here to help you. We maintain a ticketing system in order to effectively address and track your support issues. Please login to your Client Area and click "Help Desk" near the top, then click "Submit a Ticket" to send a new support request to our technicians.

NOTE: This message has been digitally signed. For your security, ALL electronic mail sent by CNS is digitally signed. If your eMail client is S/MIME compliant then you will see a digital certificate in the email message. This certificate proves the email was sent to you by CNS. If your email client is not S/MIME compliant, then you will find an attachment smime, which can be safely ignored.

Read more »



Apr
14
SECURITY ADVISORY - RDP Attack Directed at our Network
Posted by Barry Bahrami on 14 April 2018 10:26 AM
 
[CNS Logon]
 
RE: SECURITY ADVISORY - RDP Attack Directed at our Network

Please be advised CNS is currently fending off a cyber-attack attempting intrusion into our hosted servers. This is to alert you to the issue and ask you to help us protect your VM by installing security  updates and re-randomizing the RDP port in your VM as soon as possible.  This advisory also contains information on how to determine if your VM is or has been under attack.

Systems Affected
  • All Windows servers & desktops
Details

CNS is currently fending off a sophisticated cyber-attack attempting intrusion into hosted Windows servers & desktops.  We believe the attackers are executing a vulnerability in unpatched subscriber servers to obtain the randomized RDP port number and user names.  After obtaining the randomized RDP port number and user names, the attackers are then conducting brute force attacks against subscriber VM's.

While strong passwords are probably sufficient to avoid intrusion, the attack itself can quickly drain resources from the targeted VM as it works to authenticate and deny hundreds of login attempts by attacking robots.  This starves subscriber applications of resources and will result in poor performance.  These attacks are difficult to detect because they are conducted in an encrypted session where automated processes can not see them and also they can attempt hundreds of logins in a single connection.

We believe a DoS against our NY datacenter earlier this week was an attempt to divert attention.  This was unsuccessful because of already deployed intrusion prevention systems and the DoS was also quickly mitigated.
 
We are aware of only one subscriber VM that has been compromised.  It was protected with a very weak password and without two-factor authentication installed.  A review of the system found it was being used to commit online fraud.  Please - do not use weak passwords and consider installing free two-factor authentication.

Systems that have been patched regularly are unlikely to be affected.  We will keep you up to date with any important information, which will be sent as it develops.

Please do not hesitate to contact CNS Support with any questions or concerns.


Impact:

A remote, unauthorized attacker could drain a VM of resources necessary for applications to run.  They might also gain entry and take complete control.

How to determine if you have been impacted:

Check windows event->security logs for numerous failed login attempts.  


Solution:

We recommend ALL SUBSCRIBERS install pending Microsoft updates AND run the CNS RDP Port Randomizer in your VM as soon as possible. A reboot will be required. After running the RDP Port Randomizer, please download a new RDP shortcut from the CNS Control panel. Simply click "My Products & Services"->"View Details" next to the VM subscription. Scroll down to the RDP Shortcut Creator to create and download your RDP shortcut.

STEPS:

1) Install all pending Windows updates.  Reboot as required and check for updates again until there are no more to install.
2) From inside the VM (DO NOT RUN ON YOUR COMPUTER), download and run the RRDP Port Randomizer from the CNS Helpdesk.  Your VM will reboot after pressing "Go".
3) Login to the CNS Control Panel and download a new RDP shortcut.  This will replace your current RDP shortcut.


For added protection, consider adding two-factor authentication.. CNS provides free two-factor authentication to all subscribers. Please contact CNS Support if you require assistance.


How to Install Windows Updates:

Windows 2008 subscribers will see a blue server with a yellow arrow circling it. Double click to begin the install process and follow the prompts.

Windows 2012 subscribers should click start->control panel->System and security->Check for updates


A reboot will be required to complete the update.  Be sure to confirm all updates are installed by checking again after reboot.

Please do not hesitate to open a support ticket if you require assistance.


What we are doing to protect CNS subscribers:

We are sending you this alert so that you can secure your VM as soon as possible.
We have developed new capabilities to better monitor this activity and will continue to perfect them as we analyze this attack.
We have developed and deployed numerous countermeasures with synchronous capabilities to neutralize attacking computers.
We are working with law enforcement to apprehend the attacker(s).


Getting Help:

Thank you for choosing Commercial Network Services. Please let us know if you have any questions or concerns. We are always here to help you. We maintain a ticketing system in order to effectively address and track your support issues. Please login to your Client Area and click "Help Desk" near the top, then click "Submit a Ticket" to send a new support request to our technicians.

NOTE: This message has been digitally signed. For your security, ALL electronic mail sent by CNS is digitally signed. If your eMail client is S/MIME compliant then you will see a digital certificate in the email message. This certificate proves the email was sent to you by CNS. If your email client is not S/MIME compliant, then you will find an attachment smime, which can be safely ignored.

 


Read more »



Dec
22
CNS SUBSCRIBER UPDATE - December 2017
Posted by Barry Bahrami on 22 December 2017 11:38 AM
 
[CNS Login]  

RE: CNS SUBSCRIBER UPDATE - December 2017

 

[TOP]

10GB More Disk Space:
 

Good news for CNS VPS Subscribers!  Windows continues to grow in size and so does the software Trader’s use.  This has resulted in less space to work with in a new VPS.  As a result, we have increased the included disk size in all CNS VPS’s by 10GB!  Please contact our helpdesk by support ticket, telephone or live chat to claim your additional 10GB of disk space.  This will require a brief shutdown of your VM and any checkpoints will be destroyed in the process.  Don’t worry, we can create a new one for you while we are at it.  For a full review of everything included in your service plan, please click to review our Trader's service plans.
 
[TOP]

New Special Offers:
 

We have added new special offers for both VPS and VPN subscriptions.   They include:

VPS:

Refer a friend to CNS VPS & receive a $15 credit for you AND them.  NO LIMIT!

Two full years of CNS VPS service for the cost of only 18 months.o:p>

Competitive upgrade discount – switch from any provider and receive a one-time bill credit.

VPN:

Refer a friend to CNS VPN & receive a free month for you AND them. NO LIMIT!

SOFTWARE:

One year of CNS Autoboot for $36.  Autoboot is also included in our Trader’s VPS

For full details on all our special offers, please review this page.

 
 
[TOP]

Cleanup of Inactive Sponsoring Brokers & Some New Ones:
 

We have removed inactive brokers from our list of brokers who will pay for your CNS VPS.  These brokers were either not responding to subscriber requests or simply not using the program.  We will continue to keep the list current so you can receive a fast response for VPS sponsorship.  Is your broker sponsoring a CNS VPS?  Find out here.  If they are listed then please contact our helpdesk and ask to be added to their program - jst provide us the coupon code listed.   If your broker is not listed then please ask them to join our VPS Bundling program!  It’s quick and easy to join.

 
[TOP]

MANY New ON NET and IX Peer Brokers:
CNS now peers with more than 1200 other networks worldwide - more than any other competitor.  These peerings provide our subscribers with better routes than Internet transit and improves end-to-end redundancy and quality of service.  The CNS network is now one of the most connected IPv4 and IPv6 networks on the Internet.  We have also setup additional low latency ON NET private peering with more networks CNS subscribers connect to.  ON NET is a direct connection - a cross connect - in a datacenter, connecting two networks together.

Such a highly connected network also improves your remote desktop QoS because it provides better connectivity not only between your VM and your broker, but also between you and the VM.

For a better review of ON NET Brokers, please take a look at the CNS Latency Chart.  We have listed on the chart both ON NET and IX Peers.  An IX Peer is another network that connects to ours over a peering fabric.  Both are excellent quality connections because they avoid congested Internet transit completely.

Our latency chart is an ongoing work in progress.  We add and edit listings as they are discovered by CNS Support.  For the most current and complete listing, feel free to use our real time Looking Glass to test connectivity to any network on demand.  Need help running a test?  Please ask - we are happy to help.

Both provide an excellent quality circuit:  ON NET  -and-  ON NET
AS29697
 
[TOP]

FREE VPN included in all VPS Subscriptions:

Earlier this year we  began offering Anonymous VPN service to help with the decreasing privacy afforded to Internet users worldwide.  We have been giving VPS users VPN access for quite some time in response to support tickets, usually to help them get around Internet congestion by leveraging our highly connected network.

The CNS network is one of the most connected on the entire Internet.  This means most of our traffic doesn’t even touch (often congested) Internet transit circuits and instead transits private peering routes.  Some traders don’t necessarily need very low latency  and so they trade from home or office, but often experience disconnects because of poor quality ISP transit circuits.  A CNS VPN is an excellent solution to this problem because our network peers with many ISP's *and* brokers. 

All CNS VPS subscribers can now receive a free VPN subscription.  To receive a free VPN subscription, please use the coupon code “FREEVPN” on a monthly anonymous VPN plan or ask for it at our helpdesk.  Setup takes just a few minutes.

 

[TOP]

Is your VM secured by two-factor Authentication?:

New dangerous threats are constantly appearing on the Internet and specifically targeting the online trading community.  This makes it that much more important for all traders and trader services to employ stronger authentication than the traditional user name and password.  Traditional user name and passwords are commonly compromised by malicious software, or from hacked web sites in which the victim has used the same password.  Hacked email accounts are also a common source of further compromise.

CNS Two-Factor Authentication (2FA) is a system where two different factors are used to authenticate a system login. Using two factors as opposed to one delivers a higher level of security when authenticating your login. The CNS 2FA solution combines something you have - your mobile device (phone or tablet) - with something you know - your control panel or VPS password. This can be compared to using an ATM card to withdrawal funds where you are required to have both the card and the PIN to complete a transaction, though in that example your ATM PIN may rarely change and the 2FA PIN is changing every 30 seconds.

The 2FA software installed in your mobile device displays a changing code, which only needs to be added to the end of the password at VPS login. This avoids the need to wait for a SMS delivery. For subscribers without a modern iOS, Android, or Windows mobile device- SMS codes are still supported.

2FA renders key loggers ineffective because the PIN code changes every 30 seconds- for token generated PINs and 5 minutes- for PINs sent by SMS (can only be used one time). A stolen password is only 1/2 the information needed to login - the attacker must also have your mobile device in their hand to read the PIN code and enter it. Brute force hacks are out of the question.

All that is needed is a software application installed in your mobile device to display the codes.  There are already three that we know of which will work:  Google Authenticator, Authy and OTP Authenticator


CNS 2FA is compatible with Google Authenticator, Authy and OTP Authenticator.
   
We strongly recommend this free service to all subscribers. To date, CNS has not seen a single 2FA protected VPS hacked. 2FA also protects CNS Client Area logins, which is very important because it prevents someone from accessing your CNS account and disabling 2FA.

CNS Two-Factor Authentication (2FA) is compatible with any hosted Windows server. It is available free with every CNS VPS subscription, and is also available by subscription for Windows servers off the CNS network.


How to install 2FA:span>

Installing CNS 2FA is detailed in the CNS Two-factor Authentication How-to Guide.


Please - open a support ticket if you require assistance. We will be happy to assist you in securing your VPS. Please login to your Client Area and click "Help Desk" near the top, then click "Submit a Ticket" to send a new support ticket to our technicians.
 
[TOP]

Emergency SMS Support:
 

CNS maintains an SMS gateway to our Help Desk for your use during a power failure or other emergency in your area. SMS is ideal because it does not use jammed voice lines, will continue to try getting messages thru and also uses very little battery compared to voice. Please save these numbers in your mobile device now so you will have them later if needed. Upon receipt, CNS will acknowledge your message and interact through SMS to assist you. For faster service, please include your email address in the message.

In the UK: +44 1872 672038r>All other regions, worldwide, including the USA: +1 858 633-8999

Our helpdesk can also be reached via telephone at any of the numbers below:

San Diego, CA: +1 (619) 225-7882
Los Angeles, CA: +1 (213) 769-1787
New York, NY: +1 (646) 930-7435
London, UK: +44 (1753) 260678

Our online helpdesk is typically the best way to receive technical support that may require investigation or work completed on our part to resolve.  To reach the Help Desk, please login to the control panel and then click "Help Desk" at the top. You will find a link "My tickets" to create a new ticket. If you do not see this link, please log out and then back in. Our helpdesk is staffed 24 hours a day, every day of the year.  Response times are typically very quick.

 
 
[TOP]

CNS Remote Admin 1.0.17:

CNS Remote Admin is a free tool for use by Commercial Network Services subscribers to manage Windows virtual servers and desktops. Just some of the features in CNS Remote Admin are: view logged on users, running processes, events, download/upload files, and even control CNS Autoboot. Recommended for all CNS virtual server & desktop subscribers.BR>
CNS Remote Admin is a great way to monitor the health of your VM's operating system. 

Changes desktop version of CNSRemoteAdmin 1.0.17:

  •  Replaced old 2FA support with new CNS2FA.
  •  Reworked internal engine for tabs and network connection. Now all operations are working faster, especially File Manager and Event Viewer.
  •  Fixed navigate up in File Manager, now navigating to upper folder instead of root of drive C:
  •  Fixed error when trying to navigate to folder, which was just renamed in File Manager.
  •  Fixed issue with error showing remote screenshot in some cases (In Windows 2008 and Windows 2012). After reboot in Windows 2003 it is required to make logon to Windows with using Remote Desktop before using screenshot feature.
  •  Fixed progress bar in File Manager when copy/open files.
  •  Added support of rad files where line by line means: remote ip, login, password, and optionally 2fa. To open it, call app with passing full path to rad file as first argument.

Changes in mobile version of CNSRemoteAdmin 1.0.17:

  •  Replaced old 2FA support with new CNS2FA.
  •  Added feature to sort columns in Process View.
  •  Added basic touch to zoom and double-tap to full screen feature in remote screenshot viewer.
  •  Fixed issue with error showing remote screenshot in some cases.
Getting CNS Remote Admin::

Download for Windows PC

To get CNS Remote Admin for your iOS or Android device, search the playstore/appstore for "CNS Remote Admin".
ibfx
 

[TOP]]

Happy Holidays!
:

Thank you for your support over the past several years.  It has been our pleasure to host your platforms.  Have a great and long holiday and a happy new year.  We look forward to working with you in 2018.
 

[TOP]

Getting Help:

Thank you for choosing Commercial Network Services. Please let us know if you have any questions or concerns. We are always here to help you. We maintain a ticketing system in order to effectively address and track your support issues. Please login to your Client Area and click "Help Desk" near the top, then click "Submit a Ticket" to send a new support request to our technicians.


NOTE: This message has been digitally signed. For your security, ALL electronic mail sent by CNS is digitally signed. If your eMail client is S/MIME compliant then you will see a digital certificate in the email message. This certificate proves the email was sent to you by CNS. If your email client is not S/MIME compliant, then you will find an attachment smime, which can be safely ignored.


CAN-SPAM: You have received this message because you have a CNS account and this message contains information that may affect your services. If you no longer wish to receive these types of messages from us then please login to your CNS Client area and click "my details" at the top.  Then, check the box to unsubscribe at the bottom and save. -thank you

 


Read more »




© 2016 Commercial Network Services. All rights reserved.
No content may be reproduced or redistributed without express written permission on CNS letterhead.
Only Commercial Network Services subscribers are authorized to use our content during their subscription period.
Permission to use our content may be revoked at any time, and at the sole discretion of Commercial Network Services.
Some content on this site is © by their respective owners.