09-11-07

online virus infections - internet certs are working at it

The internet storm center is working to clean up the list with infected online websites I have sent them. I looks like futurestep.be  is clean now.

You should be sure that your programmer knows something about XSS and SQL infection. So instead of giving him an IPOD for christmas give him a course and some books.

 

14:26 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

Waarom ik dit doe (sinds 2004) ?

Een oudere blog http://manifest.skynetblogs.be is een basistekst op basis waarvan ik indertijd de traagheid en onwerkbaarheid van oa het BIPT sinds 2004 aan de kaak stel. Het was aan de loopgraven rond de netwerken toen immers dweilen met de dijken doorbroken. En de regering en politici die keken ernaar en lieten het over aan zij die niets wilden doen.

Tot op een goede dag enkele dappere politici vonden dat het wel genoeg was geweest en dat  - zoals de tendens is in het Buitenland  - de ISP's ook wel een paar verplichtingen hebben (zoals autobouwers en andere fabricanten of zoals energietransportbedrijven)  en zo kwamen de artikels 113/114 van de Nieuwe Telecomwet tot stand die stelden op pagina 47 dat

len_003

Het is trouwens vreemd dat Test Aankoop zal zogenaamde verdedigers van de consumenten er maar niet in slagen om dit af te dwingen want elke ISP in België wenst haar gebruikers te doen betalen voor extra beveiliging. 

De gangmakers achter dit initiatief zijn de heer Roel Deseyn (toespraak) van cd&v en Philippe De Coene (sp.a) die er trouwens een eigen website aan besteedde

Maar hierna begon pas de processus van Eternach. Volgens vele specialisten hebben we een uitzonderlijke wet, maar ze heeft nooit haar uitvoeringsbesluiten gekregen. Het is nu afwachten of de nieuwe regering er wel in zal slagen om ons op zijn minst toch een 'internet storm center' te geven of wat ook de naam wordt van het ding. En dan drink ik dan een glas - of beter een fles - champagne.

14:13 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

a hack a day ? taxshelter.be supported by the Belgian ministry of Finance

this is a site to attract investors for the film world and maybe those people are very good financial specialists supported by the minister of Finance himself but they don't know how to chose a professional website builder, even if they have made for their members a login and so on (but would you give your credentials as a financial investors to amateurs ?)

http://www.taxshelter.be/index.html  direct link to hack

this site is rehacked, the  first one was noted the 28th of october............

IF YOU WERE HACKED ONCE, YOU WILL BE RE-ATTACKED AND IF YOU DO NOTHING YOU WILL BE HACKED AGAIN AND AGAIN AND AGAIN....

taxshelter2

is the man behind him a turkish hacker

12:23 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

these links are infected with the online virusdownloading script


http://mycusthelp.com/
http://infosquestions.com/
http://www.pyreneesaccommodation.com/
http://www.boursier.com/
http://www.idowebhosting.net/
http://www.ultimatepursuits.co.uk/
http://www.futurestep.com/
http://www.fmcsa.dot.gov/
http://templates.entheosweb.com/
http://www.kornferry.com/
http://www.daea.com/
http://www.psypress.com/student/
http://www.futurestep.be/
http://www.powernaturally.org/
http://www.nice.org.uk/
http://www.bfcoffee.com/
http://www.cincinnatiusa.com/
http://www.pinkpaper.com/
http://www.nzblood.co.nz/
http://www.visualartist.info/
http://www.premiumgaragefloors.com/
http://rodeo.cincinnati.com/
http://www.musica.com/
http://www.michaelhick.com/
http://www.cooperpower.com/
http://musicvideowire.com/
http://www.facilitiesnet.com/
http://www.ukhairdressers.com/
http://www.waiterealty.com/
http://guidance.nice.org.uk/
http://www.manubiz.com/
http://www.tcci.hradvance.com.au/
http://www.ecuadorciencia.org/
http://www.concord-solutions.com/Page/
http://www.mvwire.com/
http://www.cdhcorp.com/
http://pdf.hankyung.com/
http://www.kenwoolgar.net/
http://www.96fm.ie/
http://www.centerforajustsociety.org/
http://www.visionpost.it/
http://www.ticketmania.co.uk/
http://www.formafoto.it/
http://www.tucumanoticias.com.ar/
http://www.panalimentos.org/
http://www.realtorhaley.com/
http://www.dieselpub.com/
http://www.barbing.landkreis-regensburg.de/
http://www.sltower.com/
http://www.adriancluff.com/
http://www.landkreis-regensburg.de/
http://www.maolberding.com/
http://www.lindasnyder.com/
http://www.tvauthority.com/
http://www.regensburg-land.de/
http://dieselspec.com/
http://web.siegburg.de/
http://www.cammt.org.cn/
http://www.sligoweekender.ie/
http://www.hemau.de/ 
http://www.babaflash.com/
http://husochhalsa.formas.se/
http://www.multimodo.it/
http://www.ticketsone.com/
http://www.compressortech2.com/
http://www.chinajci.com/
http://www.nice.nhs.uk/
http://www.neutraubling.landkreis-regensburg.de/
http://www.ticketmania.co.uk/
http://mvwire.com/
www.ticketmaniaonline.com

00:11 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

08-11-07

the analysis that stops all stupid discussions about security

The most boring thing in discussions about security is the discussion that always pops up between nix and windows, and IIS and apache and asp en php and so on. This is a stupid discussion because we are all under attack. The analysis by Turk-h.org about the number of hacked websites makes this clear

47,5%  Windows (93091)
50,6%  Unix (99257)

47,3%  Microsoft (92669)
50,4%  Apache (98750)

47,3%  Asp (92665)
50,3%  Php (98534)

security is most of all about HOW you do it, whatever you do

23:02 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

Do not pannick, but think, plan and act

So we don't say that this weekend the internet and the world will come down, we only say that there is an increase in attacks on this belgian internet and that the jihad cyberattack announced and overhyped is just another negative stream that will happen this weekend.

So just as in old days, before you go home and leave your network alone, you

* close down the gateways of your network and make sure that there no stupid or default password on external servers

* patch and upgrade and firewall and antivirus and backup and monitor your external servers

* make a list of all the people you should call if there is a virus infection, a ddos or a hack

and if you really are in for some fun, you make an exercise about it. What would you do if sunday you were attacked by a virtual ddos and how long does it take to set the things in motion ?

Better be prepared than be sorry or on http://be-hacked.skynetblogs.be and on the news

17:43 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

update can you still trust antwerpen.be servers ?

The antwerpen.be infrastructure was already hacked before and is now been hacked again and according to this article some servers are still running IIS 4.0 and NT

I didn't want to expose this in the hope that they would upgrade or something but they can get hacked bigtime now they didn't upgrade. They even didn't outsource the hosting of the sites in the meantime.

They keep these websites online running IIS 4 and put networks, backoffice and related sites and their users into danger. (read the article below about new viruses distributed by hacked servers)

This is their network http://www.robtex.com/dns/antwerpen.be.html 

If you find yourself on this list, please be sure that you have no trusted relationship with those servers that were hacked, in fact think if you wanne have anything to do with any of those servers that have no security review whatsoever and are put up as IIS 4.0 as if it is the most normal thing to do. 

As long as we don't have some itsecurity laws and audits around here your only defense is to be as selective as necessary in chosing who you will trust and with who you will share common dns and mailservers and so on. Keep in mind that this weekend is hyped as being dangerous with all kinds of attacks brewing around here.

Trust is fine, control is better

11:05 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |