28-08-07

I feel so sorry for Mr Beirens from fCCU

Today i've read in the newspaper that Belgium is getting a new group that will pursue small internet fraud and crime because the local justice all around our small country has no will or time or expertise to treat it. So Mr Beirens of the fCCU says that the new staff will inventarize and treat it and try to exchange international information if possible.

He says he wants to reduce internet crime that way.

Poor Mr Beirens. I feel sorry for him.

He wants to reduce internet crime with a DNS provider that sells domainnames with the names of banks and other financial services in it to people that don't have any right to do so.

He wants to reduce internet crime in a country where Visa and mastercard says that eshopping is safe but in which every month hacked belgian eshops are listed on http://be-hacked.skynetblogs.be

He wants to reduce internet crime in a country where the law that would oblige ISP's to filter out spam, phishing and malware before it reaches the servers and surfers is a dead forgotten piece of paper without personnel, budget and the necessary administrative framework.

He wants to reduce internet crime in a country where nobody is responsable for what happens or doesn't happen online and nobody takes any responsability because no law obliges them to be secure and to inform if you were compromised.

He wants to reduce internetcrime in a country where nobody wants to talk about it because .......  You don't break the omerta and you don't want to create panic, don't you.

Well Mr Beirens, don't be a Don Quichotte or yes be one and together we'll clean this mess up. In that case I'll even be happy to be the mule.

16:55 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

the scandal of the hypocritical DNS.Be and typosquatting

Datanews brings the news today. DNS.be - that is the almost private company out of controls that gives the impression that it cares about our domainname .be - said that it is going to do something about typosquatting.

The general manager who lived on the moon before told Datanews - seriously - that it is relatively new.

Let me correct this. There is nothing new about typosquatting .be names because I have tested this already more than a year ago and typosquatting the belgian domainname was already good and well present than.

http://ekz.skynetblogs.be/post/3286928/typosquatting--bel...  24 april 2006  about an article in De Morgen based upon research that was published here http://itsecurity.pbwiki.com/  2 april 2006

And what do they propose ? They propose now a commercial service for which you have to pay to monitor your domainname for typosquatters after which - hold on - you will have to pay another service 1600 Euro to get an arbitrage to get that domainname of the web. And you think that the DNS root provider will do that instantly ? No, 14 days after a decision has been reached (oh yes you receive 800 euro in return if you win....). Now if they think that will kill typosquatting..... Giving scammers another 14 days to get paid by adsense.

And how do they know that that variant is free to get ? Very simple they can find it for free on the website of ...... dns.be. Well you can do the same thing (or use the tools on itsecurity.pbwiki.com)

But if you use the tool from Microsoft with which they have already prosecuted typosquatters and tried to convince Google to clean up its - not so public - nasty act as hoster and sponser through adsense of typosquatted domains, than you will find the websites that will try to domainsquat you. Last year in the Inquirer we have written lots of articles about that - making dns.be not to happy.

But as there is an omerta and nobody wants to ask serious questions, dns is able to put its propaganda and lies and newsspeak in an IT magazine that says it is professional.

But lets go on. Well lawyers and holders of domainnames, dns.be wants your money to control and manage your domainname. Than it has to do something in its place. Why is it possible to buy Belgian domainnames that are surely typosquatters and trafficstealers from existing domains even with the name of the trademark in it ? Why does it take so long to take action ? Because it is a commercial enterprise that is selling a public good without any political and public oversight.

And mr Lawyer and domainholder of .be, it should also interest you that the domainsquatters are still there since 2006. They haven't changed. With some you even ask yourself why did bought the domainname when the free period was over. Did that really bring in so much money that it was worthwhile ? Just curious. 

Oh you say that the presence of the ISP's and some representatives of ministers - that afterwards say they have nothing to do with it - is public oversight. Get serious. On the board of DNS.Be should be people representing the small domainholders, the consumers, the activists. The boardroom should be a room of discussion and debate en scientific analysis, even if that can get rough from time to time. But afterward a consensus has to be found and the public character of the domainname has to be maintained and protected.

16:42 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

how simple is sql injection for stupid people

and how stupid are webmaster to underestimate the power of sql injection and not to patch or upgrade or just throw out the stuff they didn't need anyway

take an sql injection exploit

look for the Google dork (search term)

look for the search term for its own search engine

do the Google

type in the search term

click for results

see the passwords of sites flipping up before your eyes

be amazed  be afraid  be very afraid

it really does not take more than that and I am not going to publish here the names of the exploits, google dorks and sites with which it works, but it works and webmasters should really test their site profoundly and upgrade and patch it all the time.

and in fact this goes for many exploits so have an inventory of all - all - your OS, applications and software that is not inside your network behind your firewalls and patch fast and if you are serious about your ebusiness, place an HIDS, set it after an reverse proxy and application firewall and if you have some more money subscribe to some 0day information service or defense.

00:14 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

27-08-07

SQL injection after Leuven and the UN are you next ?

As the number of hacked Belgian sites (http://be-hacked.skynetblogs.be) continues to grow weekly and the news of the hacked Leuven.be site was in some papers, it is maybe time that you wake up and do some testing yourself if you didn't already. Do not believe that there is only one test and only one kind of SQL injection. SQL injection is a changing attack and new techniques are being developed. In the best case you are only scanned by script kiddies that have downloaded some tools from the internet - so you must be sure that you are covered against these (that is a minimum). In the worst case you are the victim of a targeted attack and someone has taken a big coke, some cd's and a huge pizza and has taken it on himself to get you tonight, whatever the reason. As sql injection is used manually he will take the time to find whatever mistake somewhere in your database to get you.

If you are really professionally on the web you should contract with a firm that does on at least a monthly basis a checking of all the old and new vulnerabilities, exploits and attack techniques against your site.

Meanwhile you can start for free with these tools

http://www.sqlpowerinjector.com/

and 100 articles and tools collected here

http://www.furl.net/members/mailforlen?enc=UTF-8&sear...

23:52 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

some conclusions about wikipedia research

The tool wikiscanner is quite interesting and if you take the time than you can find out a lot about who was stupid enough to think that anonimity could be achieved on the internet without investments. So we can't find out with this tool who used third parties or his own name to make editions.

But even with this tool there is no fundamental change in the way wikipedia functions, even if it has thousands times more traffic than an encyclopedia. Wikipedia will always be open for manipulation, mistakes, spam and selective texts. The problem with the current tool may even be that people won't take the effort to change the mistakes anymore because they can be discovered if they do it by themselves (and can be disciplined for doing so in some cases) and so factual mistakes will take longer to be corrected.

The other thing that springs out is that organisations and brands should be careful what people do on their worktime with the public IP address of the network. If you Google an IP address you may be surprised in what you could find. Are for example those two big firms directly linked to those organisations or is it just the employee ? You can't tell from an Ip address used during office hours.

23:21 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

Toyota Motor Brussels vandals the Wikipedia about its interests

So well apart from the changes that are interesting for its cars where it changes the tone of negative comments about its technology the person - or Toyota has also an interest in something called the Humanitarian International Design corporation

Overleg gebruiker:195.177.83.221 - Wikipedia

Overleg gebruiker:195.177.83.221. Van Wikipedia. Ga naar: navigatie, zoek. Waarschuwing! Het IP-adres van deze organisatie is gebruikt voor vandalisme op ...
nl.wikipedia.org/wiki/Overleg_gebruiker:195.177.83.221 - 21k

23:05 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

The European Commission controls its WIKIPEDIA

You will find the links here

http://wikiscanner.virgil.gr/f.php?ip1=158.169.131.0-135.... for a many factual links

while this link here http://en.wikipedia.org/w/index.php?diff=prev&oldid=7... thought it necessary to put that ECHO was under the direct responsability of Louis Michel (who cares ?)

 

22:58 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |