DNSstuff.com
Jul
29th

Dedicated Server Google Knol

Filed under General | 1 Comment

I’m in the process of writing a Google Knol about dedicated servers. Over time it will become a guide for people who are getting started with their first dedicated server. I’ll be adding some of the tips and information from here as well as some additional information about choosing hosts, server specifications etc. The knol is right HERE.

Jul
23rd

What is a Brute Force Attack?

Filed under General | Leave a Comment

This is a term that you will often see if you are browsing around internet security related sites. A brute force attack is usually carried out with some sort of automated script. The attacker will often use a list of common usernames and passwords, but could also have the script written in such a way that it simply goes through all the letters of the alphabet, numbers and other characters in order to get the correct password which will allow them into the site they are attacking.

A good analogy would be if you had a combination lock that had three numbers. If you tried all of the numbers from 000 to 999 you would undoubtedly ‘crack’ the combination. That’s a fairly slow way of doing it of course – scripts can generate  numbers and letters much faster than you could turn the tumblers on a combination lock!

Knowing how a brute force attack works should make it very easy to understand that the longer your password is, and the more punctuation and other non alpha-numeric characters you have … the harder it is to ‘crack’.

Jun
1st

Firefox v3 RC1 – A Winner

Filed under General | Leave a Comment

I don’t usually make a big deal about software, but the latest release of Firefox has me a little bit excited. The render speed is excellent and more importantly the memory problems appear to be gone. Those of you who use Firefox a lot will realise just how good this news is. As an admin and a developer it’s not unusual for me to have 3 or 4 Firefox windows each with 4 or 5 tabs open. However, with Firefox v2 that would result, after a few hours, in a Firefox process that was hanging on to 300-500MB of memory. Not so with v3. After a full days ‘standard’ use I found that Firefox was using a mere 92MB!

The other cool thing is that Roboform has released an update that is compatible with RC1 :).

May
24th

Five Reasons NOT To Use Hotmail

Filed under General | 2 Comments
 ?

Do you use Hotmail? If you do then there is a very good chance (in fact I would say 100% chance) that some of the legitimate emails that are sent to your Hotmail address aren’t reaching you. Hotmail has the most aggressive filtering system of any of the major free email providers. Not only that … their filtering systems have serious flaws which result in emails that are not in the least bit ‘spammy’ being silently deleted. Here are my top 5 reasons for avoiding Hotmail.

1. Hotmail spam filtering is too aggressive – ask any ISP and they will tell you that anti-spam filtering of customer emails is a tricky business. The ISP has a responsibility to ensure that their customers receive all legitimate emails. At the same time they need to provide some sort of filtering. Without any filtering at all, the email service would be unusable for some customers – particularly long time customers who have had the same email address for several years or more. So, most ISPs and email services will handle this in a couple of ways. Firstly, their email filtering will generally be non-aggressive by default. That means that it will block the obvious spam, but the occassional spam email may get through. So, they will offer you the option to increase the aggressiveness of the filtering AND provide a folder or login where you can review all filtered emails. This is what the ‘Junk’ folder is also used for.

Hotmail, by default, has very aggressive spam filtering. So aggressive in fact that messages that do not exhibit any spam characteristics whatsoever are filtered.

2. Hotmail Silently Deletes Messages – this is just plain irresponsible. Mind you, it is a FREE service so I guess Hotmail feel that they have no real responsibilities as the customers aren’t paying. Most mail services and ISP mail servers will notify the sending system that they are not delivering an email message and will provide a reason why. This is sometimes in the form of a ‘bounce’ email and it can also appear as a response from the mail server that is logged in your server log.

Not so with Hotmail. I have tried diagnosing Hotmail delivery issues many times and in most cases the Hotmail mail servers will respond with a message indicating that the email was successfully delivered – but it is silently deleted by the Hotmail mail filters. None of the other major mail providers do this. If a message is blocked or filtered by Yahoo Mail then there will be an indication as to why in the server log file. The same applies to GMail.

3. Hotmail’s filtering process is flawed – I had a client who was starting up a site and was finding that his emails weren’t being delivered to Hotmail. The business was new and the domain was new. The messages were simple one line notifications. Hotmail silently deleted these messages. Whitelisting doesn’t help – these messages don’t make it to the junk folder and they don’t even arrive when the sending address is whitelisted. Why have a whitelist and a junk folder if you are going to delete messages before they get to the recipient?

4. Hotmail’s Approval Process Is Flawed – Yes, there is a way that you can request that your domain be allowed to send email to Hotmail accounts – but this process is flawed and it gives a very real example of how broken Microsoft and Hotmail’s email filters are. I sent a message per their instructions. The instructions said to send an email to their address with the domain or list of domains in the body of the message. I immediately received a bounce message that said:

Diagnostic-Code: smtp; 5.1.0 - Unknown address error 550-'5.7.1 <Your e-mail was rejected by an    

anti-spam content filter on gateway (205.248.106.32). Reasons for rejection may be: obscene    

language, graphics, or spam-like characteristics. Removing these may let the e-mail    

through the filter.>' (delivery attempts: 0)

That was a message that had the domain, per their instructions, in the body of the email. I tried sending from three different addresses, none of which have ever been blacklisted. In fact all of the domains had a valid SPF record and reverse MX entry.

5. You Get What You Pay For – If you experience any of these sorts of issues, don’t expect any assistance from Hotmail. You are not paying them for the service and they have no way of handling thousands of complaints each day (which is what they would get if even a small percentage of Hotmail users were aware of how unreliable the Hotmail email service is). Strictly speaking, email is not considered a particularly reliable method of communication. Hotmail takes it to a whole new level though.

If you absolutely MUST have a free email account then you would be much better off choosing either GMail or Yahoo mail. Both of those services are many times more reliable than Hotmail.

If you are a developer who has a client that is insisting on having email delivered to Hotmail account then your only option is to request a manual review from Microsoft’s support department. You can fill in a form at:

https://support.msn.com/eform.aspx?productKey=senderid&ct=eformts&scrx=1

Good luck with that! 🙂

Dec
27th

Security News – Dec. 28 2007

Filed under General | Leave a Comment

The following is a summary of new script vulnerabilities that are classified as severe and may affect server owners. More details are available at US-CERT

  • Falcon Series One CMS v1.4.3 – Multiple cross site scriptiing vulnerabilities.
  • FreeWebShop v2.2.1 – Multiple SQL injection vulnerabilities.
  • MKPortal v1.1 RC1 – SQL injection vulnerability.
  • my123tkShop v0.9.1 e-Commerce-Suite – SQL injection vulnerability.
  • PHP Real Estate Classifieds – SQL injection vulnerability.
  • phpMyRealty v1.0.9 – Multiple SQL injection vulnerabilities.
  • phpRPG 0.8 – Multiple SQL injection vulnerabilities.
  • xeCMS v1.0 – Directory traversal vulnerability.