Mediumcube.com Web Hosting Blog

Soon, you may receive an email from Google reminding you to upgrade an application on your website. This free service is being pilot tested by the Engineering at Google search engine.

Google already crawls most websites on the Internet, gathering many information from these sites. Now, they’re trying to expand on that by offering some help to webmasters who long forgotten about their out-of date web application. These old application may pose serious harm to the website and other visitors due to several vulnerabilities that may exist in its code.

Currently, Google is doing a small scale test, targeting WordPress applications that run on version 2.1.1. If these tests are successful, we may see an expansion of this program. Hopefully, this will make the web safer for everyone. This is a snippet of Google announcement:

http://googlewebmastercentral.blogspot.com/2008/10/message-center-warnings-for-hackable.html

CAPTCHA stands for “Completely Automated Public Turing test to tell Computers and Humans Apart”. It was debut widely on the internet about 2 years ago to fight the problem of increased spam registration. CAPTCHA was essentially helpful for e-mail services, chat rooms, forums and blogs that needed to screen out spam registration.

Spammers in the early days used automated software to register accounts at forums and blogs sites, then use these accounts to spread their links and spam. However, the introduction of CAPTCHA severly limited their abilities to automate registration. CAPTCHA displays an image with letters or numbers and request from the visitor to identify the phrase in that box. At first, this had represented a challenge to spammers as their software was not designed to read images. Nevertheless, few years after the wide spread of CAPTCHA at popular services such as GMail and HotMail, spammers have finally found a very successful method to break CAPTCHA.

This is an interesting article that discuss why CAPTCHA is no longer as relevant as it was few years ago. CAPTCHA though is still a great way to reduce spam on your own Blog/Forum, however, if an attacker is obsessed with compromising your system, there is technically nothing stopping them:

Cracking CAPTCHA

This morning at around 3:30 AM EST, the concord unix server experienced a RAID corruption problem. We’re working on restoring the server as soon as possible.

Likely an OS reinstall will be done, thereafter we’ll recover the data from the backup device.

This process will take couple of hours, and site restoration will be gradual. We expect services to be back to normal by around 11:30 AM

Please be patient with us as we work hard on restoring your services. Please stay tuned to this post for further information.

Thank you….

UPDATE: 12:45 PM EST: The server has been restored successfully to normal operations. If you experience any problems, please contact our support department.

Protecting your PC is never more important as it is today. Generations of new spywares that hide ithemselves very well within your system environment collecting details and controlling your PC as zombies can wreck havoc not only on your system but on the general internet.

Imagine how hackers are able to utilize the power of thousands of hacked PCs online to bring down servers across the internet. This is what we know as DDoS (Distributed Denial of Service) Attack. DDoS attacks had brought many major sites to their knees for days and sometimes weeks. The most recent of such attack is the one on Estonia’s government, bringing down their banking and government services for several days.

The main root cause of DDoS attacks is those exploitable, unprotected computers connected to the internet which then hackers from thousands of kilometers away quietly control to attack other internet devices.

So we’re listing here few applications you can use on your Windows Operating System that will help protect and clean your computer from most known viruses/spywares:

1) Windows Defender: Tool developed by Microsoft and available for free to legally registered Windows machines. It provides protection against common spywares and exploits in the Windows OS. It can be downloaded for free from: http://www.microsoft.com/athome/security/spyware/software/default.mspx

2) Google Pack: Offers multiple applications for productivity and security. The most important applications in the Google Pack are: Norton Security and Spyware Doctor Lite Edition. The Google Pack can be downloaded for free from: http://www.microsoft.com/athome/security/spyware/software/default.mspx

3) Avast AntiVirus: Freely available for non-commercial use. The Avast anti-virus and anti-rootkit provides ultimate protection against harmful malwares. You can check Avast site for more info at: http://www.avast.com/eng/avast_4_home.html

4) AVG AntiVirus: Another freely available Antivirus for non-commercial use. It also contains an Anti-Spyware tool and can be downloaded for free from: http://free.grisoft.com/

5) Make sure your Windows OS is up to date: Check http://windowsupdate.microsoft.com for the latest Windows updates

6) Enable your Windows Firewall: This can typically be found on most Windows XP SP2 computers under your “Control Panel”. Windows Firewall will prevent unwanted connections from being made from or to your computer.

7) Internet Browser Protection: If you wish to protect someone using your computer from browsing malicious or inappropriate websites, we’d highly recommend you try Open DNS to minimize your network exposure to unwanted websites

The old saying goes: “Prevention is the best Protection” which still applys on the internet today. Just one last note, the more antivirus and antispyware applications you load on your Windows system, the slower your system will perform. In general, we wouldn’t recommend installing any of these applications on your Windows systems unless you have 512MB of RAM for Windows XP or 1GB of RAM for Windows VISTA.

Recently there had been a wide spread exploit that targets poorly designed applications on Windows based platform. The exploit is not a result of a security hole in Windows, IIS nor SQL. Rather, it is the result of web application not properly validating user input code before passing it to the SQL server.

The vulnerability had gained recently a high profile when few hackers were able to hack into the United Nations website and tens of thousands of others.

Therefore, it is imperative that you check your application code for any vulnerabilities that can lead to potential hack of your database and possibly the whole server.

For more information on this exploit, please visit the following sites:

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9080580

http://hackademix.net/2008/04/26/mass-attack-faq

On our end, we’ve tightened the security on the servers as much as possible without compromising accessibility. However, due to this vulnerability being the result of poor application coding, the best way to protect your site is to validate user inputs before passing them to the SQL server. The references included above will give your web developer a better idea how the exploit works.

If you have any questions or concerns about this issue or others, please don’t hesitate to contact our support department.

UPDATE: Techtarget has good article on how to test your application at: http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci996071,00.html Basically, if your application passes variables in the URL as in home.asp?a=value , then try to see if you pass a=val’ue if this would break MSSQL. If it does, then you may have a problem there.

UPDATE: This is a good Blog about things can be done to help find the problem in the code (URLScan 3, Scrawlr, MSCASI):

http://blogs.technet.com/swi/archive/2008/06/24/new-tools-to-block-and-eradicate-sql-injection.aspx

Please note, the following maintenance has been scheduled on our network. There will be no service disruption as traffic will be re-routed to other providers during the maintenance window.

Loop to Toronto Internet Exchange
Work: Change fiber route for maximum diversity
Date: Wednesday, March 26th 2008 between 12am and 6am EDT (04:00 - 10:00 UTC)
Duration: 1 hour

A maintenance is scheduled for Monday, February 4th, 2008 between 11:00 pm and 12:00 am EST on one of our core routers. We have decided to replace the supervisor engine which will have the standard 1 GB memory. The VSNL uplink will only be activated after completing the maintenance (Tuesday 5th most probably). The traffic will be rerouted to other routers before the maintenance. This may take a few seconds to switch over. The supervisor engine will be replaced by another Cisco WS-SUP720-3BXL.

All our Unix servers have been upgraded to the latest cPanel Stable. This should resolve any problems with mail quota, few account creation bugs and other minor issues.