Never failing to draw criticism, ICANN has included a controversial new step to the gTLD application process: a terrorism background check. The new policy is listed in the latest edition of the gTLD handbook under “Section 1.2.1 Eligibility and 2.1 Background Check.”

Background checks at both the entity level and the individual level will be conducted for all applications, to confirm eligibility. The background check may include, but is not limited to any of the following areas:
• Corruption and bribery
• Terrorism
• Serious and organized crime
• Money laundering
• Corporate fraud and financial regulatory breaches
• Arms trafficking and war crimes
• Intellectual property violations

This has caused quite an upset in the Middle East, where some are afraid background checks by the American-run ICANN could turn into racial profiling. Either way, something tells me that terrorist groups would much rather invest $100,000 in missiles instead of the gTLD application fee.

0 comments

As a part of a security measure to save the Internet from complete and utter destruction in the event of a Dooms Day scenario, ICANN has handed out seven “guardian keys” to secret individuals from the following countries: Britain, the U.S., Burkina Faso, Trinidad and Tobago, Canada, China and the Czech Republic.

In the event of an Internet failure, five of the seven individuals would have to bring their key to a U.S. military base. Each key contains a portion of the DNSSEC root key.

Although I doubt the new cyber guardians would ever need to use the keys, the idea of this is just really cool. Props to ICANN for being a little less boring for once.

Source | Popular Science

1 comment

Over the past year, we have covered many server security issues. Here is a brief summary of some of the highlights.

1. Do not allow direct root/administrator login
2. Make sure passwords are secure and changed regularly (by force if necessary)
3. Use a network firewall, such as APF
4. Use an application firewall, such as ModSecurity
5. Chroot all non-root users to keep them out of system directories
6. Use virus scanners and spam filters
7. Close mail server open relays
8. Keep all software and scripts up-to-date
9. Test your server for security holes
10. Keep up on the latest security news
11. Use SSL for secure data transactions
12. Set permissions as strictly as possible on any web-accessible files

Image Source: Wikimedia Commons

0 comments

Question: My CPU usage on my server is very high, and it seems to be originated from my mail server. What could be the problem?

Answer: If your mail server is sucking up valuable CPU power, there are a couple of possibilities, none of which are pleasant.

1. You or users on your server are getting a lot of emails, more than usual. Although it is possible that it is just a temporary thing, it could be a deliberate attack on your server.

2. Someone is sending spam from your server, using an open relay in your SMTP settings or exploiting a user’s account.

3. Your server is receiving a ridiculous amount of spam (i.e. spam attack). This could be an intentional attack or just a particularly bad day.

Usually, if the CPU upswing is substantial, you should be really concerned about your server’s security. Take a look at the mail server logs and see where the emails are originating and where they are being sent. Take note of IP addresses, user names, and any other useful information. If you cannot figure it out, you can take the data to a security expert who can help you solve the problem.

0 comments

SSH or Secure Shell is a secure method of accessing your web server for manipulation or file transfer (using SCP or SFTP). Here are a few software applications that you can use to access your server via SSH.

1. OpenSSH

OpenSSH is the primary SSH client and server used for Linux, BSD, Mac OS X and other Unix-like operating systems. It is free and open source and is part of the OpenBSD project. It includes scp and sftp for secure file transfers.

2. PuTTY

Although it works with both Windows and Unix, Putty is mostly used by Windows users, since SSH is not installed on Windows by default (unlike Linux and Mac OS X). PuTTY is free and open source.

GUI Applications

1. Filezilla

Filezilla is a file transfer application that includes support for scp and sftp. It is free, open source, and has cross-platform support.

2. WinSCP

A GUI file transfer program, WinSCP supports scp and sftp, and it is core is based on PuTTY. WinSCP is free and open source.

3. Cyberduck

Cyberduck is a file transfer application for Mac OS X that supports SFTP. It is free and open source software.

0 comments

SSH secure iconSSH stands for Secure Shell and is a secure encrypted method of connecting to a server for shell/command line access. It can be useful for shared hosting, virtual private servers, and dedicated servers. Linux server usually come with SSH enabled by default, although some web hosts may disable it for shared hosting accounts.

To connect to your server via SSH, simply type:

ssh -l(username) hostname_or_ip

It will prompt you for a password. Type your password, and you should be connected. Some web hosts may use a different port for SSH, other than the default port (22). If so, you will need to specify it, for example:

ssh -p 2222 -lmyname webserver.com

Normal Linux/Unix shell commands apply, once you are logged into the server. When you are finished, simply type “exit”.

0 comments

On a Linux dedicated server, the normal method for deleting files is to use the “rm” command. This removes the file from the current filesystem, but what many do not know is that those removed files are usually recoverable. As such, rm is more like putting something in the trash or recycle bin on a desktop.

The only way to effectively delete a file is to overwrite the space the file was using. You can accomplish that with the “shred” command. Just like shredding important physical documents, shred makes sure your files are good and gone, so please use with caution. Once it is gone, it is gone.

On a web server, you may want to make sure you delete sensitive information completely (a database of credit card numbers, for example). To do so, run the following command:

shred filename

You can also shred it a number of times just to be sure:

shred -n 7 filename

This will shred “filename” seven times. For more information about shred, type “man shred” from the command line.

Photo Source: Flickr

0 comments

The Public Interest Registry and EURid, operators of the .org and .eu domain names respectively, announced the deployment of DNNSEC on the two gTLDs this week at the 38th ICANN meeting. The domains are the largest yet to adopt the new standard, which will bring greater security to Internet users.

As boring as it sounds, DNSSEC makes domains more secure by verifying and validating name server responses as they cross the Internet. It makes intercepting web traffic harder and can even stop hackers from redirecting visitors to fake sites.

The technology was expensive for the .org and .eu registries to implement, but I think it was worth it. It remains to see whether the general public is aware enough about the technology for it to have an effect on consumer choice for the extensions.

Source | Domain News
Photo | Flickr

0 comments

A test run by Domain Incite on the domains of companies on Deloitte’s list of top-1oo brands shows that even though these firms spend millions on their IT operations, 4 of the 100 have domains with serious security problems.

The blog did not list the vulnerable sites, but mentioned that Deloitte considers the companies on the top-100 list to be prime targets for trademark infringement during the upcoming gTLD launch. An additional 8 sites were possible at risk to security threats.

The test was run using IANA’s Cross-Pollination Check tool. You can use it to check the security of your domain right now for free. Considering how simple domain security is to implement, it’s surprising that even the world’s biggest brands can’t get it right.

0 comments

Budapest police conducted a raid late last week targeting torrent sites. Visiting several hotels and a technical college, it seized 50 servers containing 500 TB of data. According to police, some of the data was used to aid in the illegal distribution of copyrighted material.

Many of Hungary’s BitTorrent sites are now down. The largest, Ncore, has nearly 900,000 peers. The Pirate Bay, which has servers in Hungary, shut down its Hungarian operations after receiving a warning. One of the main targets of the raid, Bithumen, is still operating from Germany.

The video above shows some of the servers police seized. Hungary undertook two similar raids in 2007 and 2009

0 comments