23-07-07

BCC (the card company) is hacked

A big Belgian hosting server seems hacked, probably on the SQL front and probably the different servers were not seperated because the list of sites is quite long.

 

hackb_001

 

maybe they should have a hackstop service

and you believe that somebody in Belgium really cares about security ?

and that as BCC says all Belgian websites that do ecommerce are safe

and that people who say otherwise are nuts ?

 

14:39 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

hacking fund.ac.be for islamic terrorist websites

We are checking a list of terrorist websites (of which most seem to be hosted in the US of all places....) and came along this incident. The website of fund.ac.be seemed to be hacked to host links to terrorist websites which are now blocked by Google (will they finally start to get their act together securitywise ?)

 

the searchisl_001

 

the result

isl_002

 

the proof

 

isl_003

 

is anybody cleaning something up there ? If so, you should warn Google that you have cleaned up so you can be mentioned as safe again.

13:40 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

No more P2P on Belgian ISP's

Another Belgian judge is making world news with applying some faulty technical analysis to the World Wide Web as if it is just something futile for which you can depend on just one technician.

 

The consultant was right in one way. you can block the P2P networks if you really want to but it is easier said than done. The network administrators know that it is easy to do in a controlled network with a network policy that is enforced and in which people can in fact do very little with their internet connection (on their workplace) because most of the ports are closed, limited, controlled and content is closely checked by one or more security devices. Due to the legal responsabilities and the security risks involved with P2P a network administrator should be crazy to let those things pass on the same network as his business or legal transactions occur.

 

tip : if you want to be sure that nobody uses it, put the P2P tools internally on a honeypot computer and install the tools and honeyfiles (mp3) as superserver. The P2P clients on the network will connect to this computer faster than they can say mmh and afterwards 'shhit' when caught.

 

But as a networkadministrator in the fronline you know also that the following techniques will render whatever policy and anti-P2P tools caduc if you don't want to find musicfiles on the computers of your network.

* copy the cd or transfer the vinyl

* record the online radio station

* share the music in other programs like MSN

* download the music from online storage (too many to mention)

* find it on usenet

* send it by mail or share the giga full mailbox

* rename the files to something personal like my wedding speech, grandfather tells 1, etc.... and destroy the metatags of the file

* encrypt the files or put passwords on it

* share the files at home with personal file servers (and their networks)

* use more advanced P2P where things are encrypted

* cut the files in thousand pieces and regroup them afterward

* use a personal proxy or anonymizer or put yourself in an mixter network

 

And probably I have forgotten another 10 methods you can use to get music and video online without using any of the P2P networks.

 

The ISP's are right to say that it would be very difficult to control every file that passes its networks to see if it has been paid for or not. The only way to do this is to whitelist the servers from which you could download music and block all the rest (except for some other methods explained above).

 

If the Belgian organisation for the defense of the copyrights SABAM would be more smart, they would concentrate their actions for the moment on the private networks and the school networks. This would have an immediate success in stead of the Fata Morgana of a web free of networks that exchange for free all kinds of files (whatever the means used).

 

BTW if Sabam wants to be purer than white it should also be more open about what it does with the money and it should also ask itself if it is the true sense of copyrights to make organising events too expensive for noncommercial organisations, to make digital copies of your own analog stuff illegal even if the digital prices are much too high and to make certain forms of creativity illegal because it uses snippets of copyrighted materials. And if Sabam is really an organisation that wants to defend art it should re-invest part of the sums that it collects into the digitalisation of works that are public domain.

12:11 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

20-07-07

Top 10 hosting domains of phishing sites june 2007

This according to phishtank.com

 

be_005

 

So if you don't need them, just block them (tw is Taiwan, cn is China io Indian Ocean. Ru is Russia but that you already know that this is a domain that you should better whitelist the sites instead of trying to filter the bad ones out.

16:28 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (1) |  Facebook |

why it is necessary to monitor your sites permanently on marketing

Since some months we are running a test on urltrends.com. They show us a lot of graphics for different webpresence services (search machines, blogs, social bookmarks) that indicates the popularity of the website. But we came to the conclusion that it is too hectic to be 100 believable and otherwise that it shows clearly that if you don't monitor permanently your webpresence if you have serious business on the web that you can be in for some big surprises.

 

be_002

 

No way you could lose more than 8000 links in one month for example and so there are many more examples.

 

You should also always double check this kind of tools and services with some others if you want more than voodoo-science.

 

16:02 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

July 2007 survey of the Insecure Belgian server landscape

According to a study of securityspace.com it counted in july more or less 156.000 servers in Belgium hosting under the .Be domain.

75% of those are Apache server and this since 1999. Even with 2003 Microsoft haven't changed this evolution.

 

This means that any attack against Apache servers can be used against 75% of all servers in Belgium. Taken into consideration that Apache has not the same update mechanism as Microsoft and leaves the administrators enormous possibilities to make mistakes it is no wonder that Apache servers make up more than 80% of all servers hacked in Belgium.

 

be_001

 

If one looks than the number of II6 servers has gone up dramatically the last 2 years to around 24.000 but there are still around 7000 IIS5 servers around. These administrators should be snow whites that don't need a kiss but a slap in the face and give an apple of death to their old server. There is no way you can keep much longer an IIS5 secure enough. There are even 323 IIS 4 servers on the Belgian domain.

 

The Apache landscape is much diffuser and most of them even don't really publish the version they are running. This can be good security politics but it doesn't change anything about the securityholes itself in the server.

 

For example there are still 11,391 Apache 1.33 on the .be webdomein but if you Google for exploits against this server you can find a whole list.

 

The study is not very complete and does not pretend to be but it gives a snapshot of how insecure the basic infrastructure of the Belgian web is.

 

What you should do ? Be sure that you take a professional hoster that guarantees that his servers are defended, upgraded, watched after and taken care of. Don't be a monkey and leave the peanuts for real monkeys.

 

It is time to have an independent auditor that gives a seal of security and professionality to hosting services. Just as any other business in Belgium is submitted to audits and controls. Even the real-estate market nowadays....

14:43 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

18-07-07

brutele.be is the reason the New telecom law should be applied

The new telecom law has not been applied as previewed by the old government even if the amendments to secure the internet were proposed by one of its own political parties (SPA) and at that time supported by the opposition CDV. These put the responsability for the security of their infrastructure and that of their clients on the ISP's. Those articles have not been applied and put into practice untill now even if the two responsable ministers Verwilghen and Vandenbossche said that they were supporters of the consumers and each had their own laughable petprojects about security on the internet - as other ministers had (too much money and too little strategic thinking).

 

On the list http://be-hacked.skynetblogs.be  are now also put servers that send out spam and viruses and later we will put servers that are vulnerable on the list. The hacked list will not only contain servers that are hacked but that are hackable or vulnerable or that are known on the internet as malicious zombies or servers.

 

Trustedsource and the projecthoneypot both identify the infrastructure of brutele.be as one of the weakest links in the security of the Belgian Internet. The number of comprosmised posts and servers is too much even for me to continue to list on that list. As an example some are put but with both indexes you can find many more.

 

As on the internet the safety of one is accomplished by the safety of the others this is a very dangereous situation indeed. The more that brutele is not in a little province or commune but is on the territory of the capital of Europe where many national and international instutions and corporations are based. As attacks start with scanning and infecting the points closest to the first victim this situation can have greater effects on the rest of the infrastructure in Brussels.

 

So will someone wake up or is everybody dreaming about the sun in Spain ?

13:01 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |