26-07-07

Update Firefox and DNS servers - URGENT

Once people find a hole they continue to digg, just as gold-diggers never stop after the first inch of gold in the believe that there maybe lots more. And sometimes this gives new exploits that are far more interesting, dangerous and exploitable than the first one that seemed more difficult and theoretical. Firefox seems now prone to an exploit by which any program on your computer (and if you surf under administrator privileges that means telnet - so anything on the computer) can be started externally to download whatever code necessary to make a zombie of your computer simply by visiting a website with some code on it (that you won't see.  So update your firefox as fast as possible.

http://www.furl.net/item.jsp?id=23170875

http://www.furl.net/item.jsp?id=23170784

 

some freeware

http://www.furl.net/item.jsp?id=23170875  find the URI's on your system

http://www.furl.net/item.jsp?id=23170953  control all scripting while surfing with Firefox

 

The DNS servers are the most critical parts of our internet infrastructure. They translate the domainnames you put into your browser into the IP adresses of the servers that host them. Since a good year there has been much talk about cache poisioning and pharming but except from some attacks it wasn't that easy to do. Pharming means that a user will type the domainname in his browser for example www.TRAVEL.com  after which his computer will contact a DNS server to get the right IP address of the server where that site is hosted. The DNS server will first look into his cache but if it isn't he will try to get it on the internet. Pharming means that with a now launched simple trick the DNS server will find in its cache another IP address for the server www.travel.com than the legal one and will redirect the user (who will see all the time www.travel.com in his browser) to a perfect copy of the site on a russian site. So any transaction he does will be intercepted or the computer can be scanned for vulnerabilities and infected and put into a botnet. Luckily the security researcher has contacted the organisation responsable for the DNS BIND software and there is a very important upgrade available. Because untill now it hasn't been so simple to do pharming and pharming is the industralisation of phishing because imagine what it would do to banking, egov and ecommerce ?

http://www.furl.net/forward.jsp?id=23171208

http://www.furl.net/forward.jsp?id=23171041

 

You can subscribe to the RSS feed of my furld information

http://www.furl.net/members/mailforlen/rss.xml

10:26 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

25-07-07

belgian forums-guestbooks that link to winantivirus rogue tool

PETITES ANNONCES GRATUITES :: Voir le sujet - Great softwares !- [ Translate this page [url=http://go.winantivirus.com/MTQxNzA=/2/5382/ax=1/ed=1/ex=1/xru/]Great Anti-Virus Software ![/url] ...www.fournisseurs-voirie.be/forum/viewtopic.php?p=64&s... -

 

Backpacken.com, backpack de wereld rond, hostels online boeken, de ...[url=http-//go.winantivirus.com/MTQxNzA=/2/5382/ax=1/ed=1/ex=1/xru/]Great Anti-Virus Software ![/url] ...
backpacking.be/index.php?page=phorum&option=readpost&postid=1379 - 20k - Supplemental Result - Cached - Similar pages

.: USA 2006 :.Website: , hi, id like to say thankyou for your detailed website. ...
www.whoop.be/USA/Gastenboek.htm -

 

ABC-FORUMGSM: http://go.winantivirus.com/MTQ4OTY=/2/5549// E-mail your@antivirus.com, hi, id like to say thankyou for your detailed website. Visit to my homepage ...
www.aarselebc.be/gbook/gbook.php?page=2 -

 

Guestbook<a href=" htxp://go.winantivirus.com/MTQ4OTY=/2/5549// ">This is right! Click here! WinAntiVirusPRO 2007 FREE!!!</a> ...
www.zurlinde.be/gastneu.php?page=19 - 12k - Supplemental Result - Cached - Similar pages

 

Behealth.tv : Forum de discussion, questions -> Citation d'un ...I don't want to write more:), just try [URL=http://go.winantivirus.com/NTgzNw==/2/3386/ax=1/ed=1/ex=1//]Windows Anti Virus[/URL] for FREE right now! ...
pibc.igretec.be/site_anthony/forum/index.php?s=81c2734c411c751dfe4923a628fda6a4&act=Post&CODE=06... - 33k - Supplemental Result - Cached - Similar pages

 

stop de superboetes :: Viewing profile[0.01% of total / 0.00 posts per day] Find all posts by PeeDee2005. Location:, USA. Website:, hxtp://go.winantivirus.com/MzYwNg==/2/2291/ax=1/ed=2/ex=1// ...
www.stopdesuperboetes.be/phpBB2/profile.php?mode=viewprof..... . - 21k - Supplemental Result - Cached - Similar pages

16:42 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

rogue securitytools use bogus downloadsites (blacklist) in a ring

The spyware - rogue securitytool (untrustable) TrojanGuarder is a perfect example.

Many of the pages have the same text and I presume that many of the domains are being served by the same masters. They use known techniques as putting pages as subdomains or individual pages with attract traffic keywords.  Also warez sites and chinese downloadsites link to this hard to remove tool.

 

This is the blacklist of sites that propose to download such tools.

 

2-spyware.com
100down.com/
artdownload.net
authorsden.com
audiocdripper.com
bestdvdtools.com/
batchconverter.com/
bestmobiletools.com
bestvideoconverter.net
bestvideotools.com
buydownload.net/
buysoftware.org
buysoftware.info
Buy-Software-Online.NET
christmasdownload.net/
com-download.biz
computer-software.org
digidownload.net
download-by.net
download-me-now.com
downloadmonster.com
downloadsuite.org
Download-soft.com
feeding-frenzy.us
find-software.com
free--download.com
free-downloadsoftware.com
freetrialsoft.com
giftdownload.net
goldsofts.com
greatdownload.org
hotdvdtools.com
mostshareware.org
mostsoft.net
mysoftsearch.com
onedownload.org
populardownload.net
shareware4u.com
softmegacity.com/
software-central.org
softwaredirectory.org
software-downloads.net
softwaremall.org
softwaresearch.org
softwareworld.org/
spystudios.com
unlimitedwarez.com
vdownload.org
vista-download.net
warezseeker.com
worldslargestnetwork.com
xoftspy.org.uk
xmasdownload.net

 

Maybe downloadsites should be certified by antivirus and antimalware firms on a permanent basis and shouldn't accept any software.

15:51 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

hitgeist shows the number of visitors according to Alexa

For belgium for the last 5 years the order of belgian sites on the international scene is quite clear

 

google.be  4760.0

skynet.be  1110.0

telenet.be  770.0

ebay.be    640.0

pornoamateurs 365.0  (US and international traffic)

hln.be  355.0  95% belgian

kapaza 195.0  91% belgain

msn.be 195.0  93% belgian

skins.be 165.0 US and international (porn)

2dehands 155.0  90% belgian and dutch

redbox.be 155  93% belgian

zita.be 140  93% belgian

skynetblogs.be 130  38% Belgian

 

More sites and information can be found here

http://www.hitgeist.com/compare?q=*.be

 

It is interesting to note that most of our belgian sites don't seem to have an impact on the dutch or french market - or the international market. Of course these are just indicators and there are some methodological questions, but for the moment it is only one of the methods we have so long as we can't compare real visit traffic counts from the servers (if we arrive at having them to tell us exactly the same thing).

14:09 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

123 days and belgium.be will be in a new version

123 days until www.belgium.be v2 LIVE.
http://webguide.fgov.be/webteam/nl/event

 

maybe they should look here because this Belgian firm nows very well what it is doing and it is doing it quite well

http://beta.contactoffice.com/

13:56 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

search spiders show some interesting parts of Belgian sites

It was by looking for the statistics and demographics of the Belgian webspace that I saw that the webcrawlers indexed more than they ought to do and that some webmasters in Belgium have still learned nothing about robot.txt or didn't implement it effectively or didn't check it.

 

Because this for example shouldn't be seeable for searchengines and bots

dossiermanager.vdab.be and what autoscout24.be does is really inviting(http://data.autoscout24.be/)

 

site:assets.gva.be if you type that in Google you are in and can look at hundreds of pics and other things they call assets. I presume this wasn't the intention but for the time being this is so.

 

 site:cms.vtm.be  gives you the link to see all the different poll questions that are asked here

 

http://preview.standaard.be/  is where they place the testpages from destandaard, interesting for competitors to know and I hope security is not being forgotten and the financieel economische tijd yesterday can be read here;.

 

but sometimes this is even very practical like information about trains (so no homepage, just some practical links)

 

http://plannerint.b-rail.be/  This is an international belgian train time planner in different languages, much easier than on the homepage. Strangely enough it is called <HTML><HEAD><TITLE>HAFAS SITE</TITLE> or you can use this link. Prices you should find one way or another here and more info about it here. Information about incidents and work on the railways in Belgium can be found here directly.

 

oh yes, it will start again soon, googling the Belgian web space

13:54 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

Fgov.be and news.belgium.be send you to the best poker sites

http://news.belgium.be

&quot; So watch out, World Series of Poker card sharks, there's about to be a digital throwdown comin' your way.&lt;p style=&quot;clear: both; padding: 8px ...
news.webguide.fgov.be/xml.php?id=MTU5MjA1LDE0MTIwMg==&channel=poker - 12k - Supplemental Result - Cached - Similar pages

 

news.belgium.be

Computer beats world chess champion, moving on to poker and go · ePoker Room, a way to play virtual poker in a real casino ...
news.webguide.fgov.be/list_tagitems.php?pid=Y2hlc3MgcG9rZXI=&id=cG9rZXI=&lang=en - 12k - Cached - Similar pages

 

and this while the Ministery of Justice has just launched a big campaign to crack down on

online and offline pokerplaying, which seems to attract naive youngsters watching too much

smart kids getting rich on tv with poker tournements playing against stupid people like themselves.

Off course people always think that they are as smart as the winner, not as dumb as the loser.

 

Well our national portal is truely a strange place to be

11:36 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |