Archive for the ‘Website Hosting’ category

An Awe-Inspiring Website Attack: RFI

May 10th, 2009

RFI stands for Remote File Inclusion. We’ve seen some captured demos here and there, but this one is one of the most impressive yet. The example shown in the post Bots Galore! is worth reading – in fact, studying! Look how it ends, with a simple GUI for controlling your site. Chances are, there’s eight or nine of these scripts floating around on underground file sharing networks right now.

Wikipedia gives an excellent description of the RFI attack. Briefly, you used PHP’s “include” function to include whatever file was specified after the ‘?’ prompt in the URL. Guess what? We’ll just include our own file from some other server there and look at your web page that way! No password cracking, no muss, no fuss, and not even any trace left.

Guard against this! Turn off “register_global” on your server if it isn’t off already, and just plain don’t allow URL-include in the first place. If you have several pages of code that have to link together, include the file specifically by name in the code itself.

Peter Brittain

No comments »

Posted in Website Hosting

Tags:

Web Page Speed – Microseconds Count

May 10th, 2009

This little study conducted by Google and Amazon re-confirms what many of us have known for years: Web page visits drop even if the page took a half-second longer to load.

This makes sense when you combine a couple of factors of human nature. One is habit. We people are getting more and more used to instant gratification. Have thought, text message, post to Twitter. Get sudden urge to hear old 80s song again, search YouTube, listen to it. You get the picture. We’re surrounding ourselves by mobile devices of every shape, and it’s just training us to be less and less patient with lag.

The other factor is uncertainty. If you knew, every time, that no matter how long it takes, the page you want will eventually come up, you’d probably wait longer. But there’s so many things that could go wrong. Is it a bad connection? Server failed? Account suspended? Bad link? Too much Javascript slowing the page down? A Flash load? Webmaster mistake? We don’t know, but if it doesn’t come up in a few seconds, we know that we’ll get what we’re lookign for somewhere else.

Just one more reason to only host your site on a server running Linux (the fastest, most efficient system), and with a local web host so you cut out all the lag you can.

Peter Brittain

1 comment »

Posted in Website Hosting

Tags:

Will We Even Invent a Spam-Proof Communications Technology?

May 5th, 2009

Just in case you needed a reminder that the good times never last, there’s a Twitter spammer tool out there now. Like so many of these cases, it’s one person making the software, then dozens of gullible fools buy the software and believe that they can make money by spamming the world.

People always ask, “How do these idiots make money?” There’s your answer: they don’t. They pay money. At the end of the chain, perhaps all of the spam that has ever been sent in the history of mankind has only made one, single person any profit: the guy who made the spamming tools and sold them to a few suckers.

Anyway, look for trouble on the Twitter front. Which means more interoperability for malware and worms, which should be all over this like ants on a sugar cube soon. Bots – even the ones who infect PCs – have traditionally used IRC to communicate in a network and collect orders, but now they might have Twitter available, too.

Peter Brittain

No comments »

Posted in Website Hosting

Tags:

Web Host GoDaddy Hates Women

March 9th, 2009

That title is a sweeping claim to make, and yet that’s just what many of their own customers seem to believe.

This starts with a commercial during the SuperBowl. The SuperBowl is the biggest game of the year of the sport which our friends across the ditch so laughably call “football”, though we’ll throw our lot in with the idea of what football should really be called. Anyway, the advertisements during the SuperBowl are nearly as big a draw as the game itself. » Read more: Web Host GoDaddy Hates Women

2 comments »

Posted in Website Hosting

Tags:

It’s About Time Cisco Showed Linux Some Heart

January 10th, 2008

Cisco, the name spoken with the most reverential tones in the IT and telecommunications market, has a new push for their hardware’s interoperability with Linux software. The move ties in Yahoo!, who will be working with Digium to deploy Asterisk throughout Yahoo’s global communications net, using Cisco SIP end points on the desktop.

Actually, Cisco has shown plenty of love to Linux in the past, just not in supporting Free and Open Source Software on telecommunications systems. Remember, back in 2005, Cisco internally rolled out Linux desktops to their workforce.

The reason given being, not cost, but because Linux is easier to support! Take that, MSCEs!

And then back in April of 2008, Cisco opened up its ISR routers’ API, with an application extension platform based on Linux. So you might actually compare Cisco more to IBM. They’ve been planning this move for a long time, and they do it like they do anything, in slow, steady steps.

Peter Brittain

No comments »

Posted in Website Hosting

Tags: