Answer:

1. More than anything else, it is important to keep your passwords secret and unique. No one else should have your password, not even your web host. If someone emails you pretending to be your web host or other authority and asks you for your password, do NOT believe it. Contact your web hosting company and let them know about the email. Also, make your password difficult to guess. Try to use a mixture of letters and numbers rather than a real word.

2. Always keep your personal computer clean from viruses and perform all of your security updates. Chances are, if you are infected with malware or a botnet, it will seek out the computers you connect to first, starting with your server.

3. Always keep third-party scripts and software up to date. This is crucial. You could have taken all other precautions, but if your shopping cart or forum has an unpatched security hole, you are in for a hurting — something that could affect your entire server and be grounds for account suspension.

4. Make sure that none of your files have world-writable permissions. In Linux, this means 777. In a file manager or FTP program, it might look like “-rwxrwxrwx”. Files should be either 755 (only for executable files, when a script requires it) or 644 (writeable only to you and read-only to everyone else). Those will look like “-rwxr-xr-x” and “-rw-r–r–“.

Photo: SXC

“It’s the thread of the domain names being used,” Landesman says. Seven of these “mal-domains” — a term coined by Landesman to describe domain names used solely to build Internet infrastructure to spread malware or otherwise cause harm — were registered under the same name and address (which are clearly bogus, being not more than gibberish).

Most of the domains were registered to a major registrar, which is uncharacteristic of such attacks. Usually attackers choose lesser-known or less reputable registrars in order to slip through unnoticed. The problem is the system, Landesman says, which allows people to register domain names using completely false information with procedure for verifying identity.

Source: Network World
Photo: Flickr

The botnet was linked to Rock Phish, a Russian gang. After an investigation, authorities traced the malware to its source: a web hosting company in Latvia called Real Host. Now, the Swedish service provider Telia Sonera, which provided service to Real Host, has shut down their Internet connections. There was no report about what legal action will be taken on the owners of the company.

Malware has become an underground leg of the software industry. Gangs like Rock Phish can purchase botnets like Zeus for about $1000 on the black market. It does not take them long to make up the difference when they can launch attacks on millions of computers, stealing hundreds or even thousands of credit card numbers and banking information.

Source: ComputerWeekly.com
Photo: Flickr

The company, Triple Fiber Network, hosted some 15,000 websites at a data center in San Jose, California. The sites were taken offline Tuesday after the FTC told its bandwidth provider to stop routing the host’s traffic.

Triple Fiber allegedly hosted all sorts of illegal content, including malware and child pornography. “Anything bad on the Internet, they were involved in it,” FTC Chairman Jonathan Leibowitz said. “We’re very proud, because in one fell swoop we’ve gone after a big facilitator of some of the utterly worst conduct.”

The FTC stated:

[Triple Fiber Network] hosts very little legitimate content and vast quantities of illegal, malicious, and harmful content, including child pornography, botnet command and control servers, spyware, viruses, trojans, phishing related sites, illegal online pharmacies, investment and other Web-based scams, and pornography featuring violence, bestiality, and incest.

The black market provider also hosted the control servers for one of the world’s largest botnets, “Cutwail.” According to the government agency, the host marketed itself to overseas criminals by placing ads in the “darkest corners of the Internet.”

Most of the host’s personnel work overseas. In a message to customers, Three Fiber promised to be back up within days in another location. Meanwhile, some of its customers have already found other hosts and have placed their illegal content back online.

Source: Washington Post
Photo: Flickr