It has been said before and it is touching some nerves - but brutal blacklisting is an active defense that works. Ok, some innocent services and services are also blocked but it is the only way to make it cristalclear to the guys who don't care about security upline or downline their business that they will lose much more business if they continue like this.
Look at the free .tk domain. It was a hotbed for spammers and crooks. But then it become blocked - just like .biz and .info (and .euro beginning) - as a whole without finetuning. If they don't clean up their act and don't invest time and effort in running a clean business why should be invest time in trying to make a difference between the good and the bad sites they are hosting. The .tk domain saw immediately the number of registrations falling and decided to take action and since than malwaresites are disappearing faster than re-appearing. The blockade of the .tk domain is more or less overkill now but only after a few weeks of total blockade by numerous servers and networks.
The other example is the Russian Business Network in the Ukraine. I think that after more or less a year security people got fed up with researching hundreds of domainnames and ip adresses and the rest to block and the decision was more or less taken by the antimalware fighters to block the whole ASN internetrange. Some good firms and sites would be hurt, but it would be the only way to make sure that if the hosters and ISP's that were selling their businesses to those crooks they would understand that they would faster than sooner be cut out of the internet. RBN has been cut out of the Ukrainan Internet by their ISP's and the blockade has been called to an end. Rumors are saying they will go to China. Well who needs .cn anyway ? Even the gov.cn sites are full of viruses, spam and crackers.
Maybe we should take out one malware hosters or ISP a month. All over the world. Blocking them out for at least a month untill they clean up their business. It will never end - sure - but maybe we shouldn't let the cancer develop itself like this and some operations are necessary to cut them out.
The internet storm center is working to clean up the list with infected online websites I have sent them. I looks like futurestep.be is clean now.
You should be sure that your programmer knows something about XSS and SQL infection. So instead of giving him an IPOD for christmas give him a course and some books.
Een oudere blog http://manifest.skynetblogs.be is een basistekst op basis waarvan ik indertijd de traagheid en onwerkbaarheid van oa het BIPT sinds 2004 aan de kaak stel. Het was aan de loopgraven rond de netwerken toen immers dweilen met de dijken doorbroken. En de regering en politici die keken ernaar en lieten het over aan zij die niets wilden doen.
Tot op een goede dag enkele dappere politici vonden dat het wel genoeg was geweest en dat - zoals de tendens is in het Buitenland - de ISP's ook wel een paar verplichtingen hebben (zoals autobouwers en andere fabricanten of zoals energietransportbedrijven) en zo kwamen de artikels 113/114 van de Nieuwe Telecomwet tot stand die stelden op pagina 47 dat
Het is trouwens vreemd dat Test Aankoop zal zogenaamde verdedigers van de consumenten er maar niet in slagen om dit af te dwingen want elke ISP in België wenst haar gebruikers te doen betalen voor extra beveiliging.
Maar hierna begon pas de processus van Eternach. Volgens vele specialisten hebben we een uitzonderlijke wet, maar ze heeft nooit haar uitvoeringsbesluiten gekregen. Het is nu afwachten of de nieuwe regering er wel in zal slagen om ons op zijn minst toch een 'internet storm center' te geven of wat ook de naam wordt van het ding. En dan drink ik dan een glas - of beter een fles - champagne.
this is a site to attract investors for the film world and maybe those people are very good financial specialists supported by the minister of Finance himself but they don't know how to chose a professional website builder, even if they have made for their members a login and so on (but would you give your credentials as a financial investors to amateurs ?)
http://www.taxshelter.be/index.html direct link to hack
this site is rehacked, the first one was noted the 28th of october............
IF YOU WERE HACKED ONCE, YOU WILL BE RE-ATTACKED AND IF YOU DO NOTHING YOU WILL BE HACKED AGAIN AND AGAIN AND AGAIN....
is the man behind him a turkish hacker
The most boring thing in discussions about security is the discussion that always pops up between nix and windows, and IIS and apache and asp en php and so on. This is a stupid discussion because we are all under attack. The analysis by Turk-h.org about the number of hacked websites makes this clear
|47,5% Windows (93091)|
|50,6% Unix (99257)|
|47,3% Microsoft (92669)|
|50,4% Apache (98750)|
|47,3% Asp (92665)|
|50,3% Php (98534)|
security is most of all about HOW you do it, whatever you do