Safe Internet Blog

Most people on the internet are good, honest people. However, there are some people browsing the internet who derive fun from poking around websites and finding security holes. A few simple tips can help you secure your website in the basic ways. Now, obviously, the subject of data security is a complicated one and way beyond the scope of this column. However, I will address the very basics one should do which will alleviate many potential problems that might allow people to see things they shouldn't. Password Protecting Directories.If you have a directory on your server which should remain private, do not depend on people to not guess the name of the directory. It is better to password protect the folder at the server level. Over 50% of websites out there are powered by Apache server, so let's look at how to password protect a directory on Apache. Apache takes configuration commands via a file called .htaccess which sits in the directory. The commands in .htaccess have effect on that folder and any sub-folder, unless a particular sub-folder has its own .htaccess file within.

To password protect a folder, Apache also uses a file called .htpasswd . This file contains the names and passwords of users granted access. The password is encrypted, so you must use the htpasswd program to create the passwords. To access it, go to the command line of your server and type htpasswd. If you receive a “command not found” error then you need to contact your system admin. Also, bear in mind that many web hosts provide web-based ways to secure a directory, so they may have things set up for you to do it that way rather than on your own. Barring this, let's continue. Type “htpasswd -c .htpasswd myusername” where “myusername” is the username you want. You will then be asked for a password. Confirm it and the file will be created. You can double check this via FTP. Also, if the file is inside your web folder, you should move it so that it is not accessible to the public. Reduce Your Error Reporting Level.Speaking mainly for PHP here because that's what I work in, errors and warnings generated by PHP are, by default, printed with full information to your browser. The problem is that these errors usually contain full directory paths to the scripts in question. It gives away too much information. To alleviate this, reduce the error reporting level of PHP. You can do this in two ways. One is to adjust your php.ini file. This is the main configuration for PHP on your server. Look for the error_reporting and display_errors directives.

The author is an expert in Christmas costume hire and mainly serves for Christmas Presents. He is also good at  home improvement.

Safe Internet Blog hacker, secure, security, website

Most individuals about the internet are excellent, honest individuals. On the other hand, you can find some people browsing the world wide web who derive fun from poking around internet websites and finding security holes. A handful of straightforward tips can help you secure your web page inside the basic techniques. Now, obviously, the subject of information protection is usually a complicated one and way beyond the scope of this column. On the other hand, I will correct the incredibly basics one need to do which will alleviate several potential problems that may enable persons to see things they shouldn’t.

On the first line, adjust the directory path to wherever your .htpasswd file is. Once that is set up, you’ll obtain a popup dialog when visiting that folder on your web page. You will probably be needed to log in to view it.

In case you install application and scripts to your internet site, several times they come with installation and/or upgrade scripts. Leaving these six minutes to success ebooks  on your own server opens up a huge protection issue since if somebody else is familiar with that application, they can come across and run your install/upgrade scripts and thus reset your entire database, config files, and so forth. A well written computer software package will warn you to remove these items ahead of allowing you to use the software package. On the other hand, make sure this has been done. Just delete the files from your server.

Forms open up a wide hole in your server for hackers if you usually do not properly code them. Since these forms are commonly submitted to some script on your own server, sometimes with admittance to your database, a form which doesn’t supply some protection can provide a hacker direct gain access to to all kinds of details. Keep in mind…just due to the fact you’ve got an deal with field and it says “Address” in front of it does not mean you possibly can trust folks to enter their correct in that field. Imagine your variety just isn’t correctly coded and the script it submits to just isn’t either. What’s to stop a hacker from entering an SQL query or scripting code into that tackle field? With that in mind, here are a handful of details to try and do and appear for:

Use MaxLength. Input fields in style can use the maxlength attribute in the HTML to limit the length of input on types. Use this to hold people from entering WAY as well much data. This will stop most people. A hacker can bypass it, so you need to protect against data overrun at the script level as well.

Safe Internet Blog business, hacker, secure, security, website

Cyber attacks and virus assaults are on the rise in 2009. From government systems to the home PC, no system seems truly safe anymore. According to the experts at McAfee, “Cyber assaults have become more sophisticated in their nature, designed to specifically slip under the radar of government cyber defenses. Attacks have progressed from initial curiosity probes to well-funded and well-organized operations for political, military, economic and technical espionage.”

Computer hackers and virus vandals deliberately assault either specific, high-value targets (such as various government and military systems) or try to do the most damage to as many computers as possible around the world. Since the widest-used operating system by far is some versions of Microsoft Windows, most viruses by far are designed to attack Windows systems. Specifically, the intended victim is often the Windows Registry.

The registry is a prime target for several reasons. First, it controls literally everything from the color of the desktop to the location and association of files. Second it is incredibly large, with many seemingly innocuous pockets where potential dangerous code can hide. Finally, it is an integral part of the Windows Operating system that cannot be insulated from attack without loss of functionality. It’s the job of outside hardware and software solutions such as firewalls to block potential attacks.

The registry can be attacked from a variety of fronts. One of the latest uses Adobe Acrobat Reader, one of the most popular software considered essential by most computer users. Another threat, the Downadup worm attacked more than 3.5 million PC(computer) before a security patch was released by Microsoft. Various programs install themselves when you surf the Internet, altering registry keys in order to track and transmit Internet usage data to an outside system. much keys can be affected and the program can replicate itself, saving copies all over your hard drive under a variety of innocent-sounding names that are difficult to track and eliminate.

Removing parts of the registry in order to counteract a virus is dangerous at best, since even the smallest change if done incorrectly can being the entire system to a halt. The process is as tedious as it is dangerous for an individual to attempt, since there may be thousands of key entries to examine for viral corruption. Several software companies have been working on the problem and have come up with various software solutions, each having its own strengths and capabilities. Sometimes the search for the right software to meet your needs can be as complicated as researching the viruses themselves.

One website that reviews and compares registry cleaning software is Answer Registry Reviews Visit Answer Registry Reviews site!, The site offers relevant articles on the Windows Registry and compares various registry cleaning software products. The website even offers links to directly download and purchase products such as RegCure, Registry Mechanic and Registry Easy (among others) online.

If your Windows system is running slowly or you suspect a virus, Answer Registry Reviews should be the first stop for information on what might be causing the problem and to download a product that would meet your needs to correct it.

Safe Internet Blog clean, Cleaner, computer, cyberthreat, download, hacker, microsoft, registry, software, virus, windows

Someone wants to use the internet to order tickets and want to find out when and who are playing at a local stadium. Once you open the site, you have to first fill in a query. It is an simple one. In fact, the point is how simple it is. Because you are a human, the whole thing should be plain and simple. A different story for a computer, the simple test would be mostly impossible to do.

This question is what we already know as CAPTCHA. The acronym actually stands for Completely Automated Public Turing Test. It is there to prevent computer-automated user from getting through. There is another term for that, that is a type of Human Interaction Proof or HIP. By now sure you have been through many CAPTCHA tests on many web sites. CAPTCHAs that are widely used nowadays is a sequence of letters but in image form unrecognizable by machines, and made of scratches, undetectable by OCRs. As a human, you only have to type the correct letters in the sequence into a field. If what you typed match exactly the ones in the distorted picture, you are considered a human and pass the test.

So you might be wondering why is this all necessary, to test if it is a computer or a human? The main problem is prompted as there are many people out there who are trying to fool the system. Exploitation of security holes in online systems are more frequently made and improved by hackers. Although they are probably only a minority of all users on the internet, what they do affects almost all of users and web sites. For example, a free dating service might be massively bombarded with an automated account requests from a script. The requests of new accounts could be in a scenario of romance scam that’s meant to harm millions of people. By implementing CAPTCHA to sort out computer programs, the bad attempts can be vastly reduced.

Safe Internet Blog automated, black hat, captcha, computer security, exploitations, exploits, hacker, internet security, security

1. Is my communication with someone online can’t be seen by others, can I have privacy? Yes you can. You can make use of data encryption by sharing key only to legitimate end users. In case the data do get to other parties, it will not be of any use since it is encrypted thus making it unreadable.

2. What is a hash? Is it the key? A hash value is a string of characters that represent encrypted data. In other words, it is the encrypted data.

3. What does SSL stand for, what does it mean? SSL is an acronym for Secure Socket Layer. SSL is a type of public key encryption.

4. How can a firewall protect my computer? A firewall monitors and filters out unwanted data packets from an Internet connection.

5. What is a proxy server? Proxy servers stands between computers accessing the internet and the web servers. They relay requests from users to web servers and vice versa, without the servers realizing who is behind them. This creates a privacy for the users in that web servers have no idea that the real user interacting with them are behind the proxy server.

6. What is a botnet? It is an network of what we call zombie computers. A bot or zombie computer is a computer that has transformed into automatic machines or bots that are under the control of a malicious operator.

7. What is DDoS what does it stand for? DDoS is Distributed Denial of Service. It is an attack that uses computers over the internet to send millions of requests to a server with the goal of overwhelming and crashing the server. In a large scale DDoS attack, the whole internet traffic is affected.

8. Define computer virus, what does it do? Usually, a computer virus is a malicious code that resides within a big program. Although not all viruses harm computer, there are ones that are recorded to have caused calamities.

9. What is phishing? Phishing is a method intended to fool ignorant people into giving away classified information like bank account numbers, usernames and passwords and credit card information, by faking a legitimate web site.

10. What does Cracker mean? What’s a Black Hat? We call hackers infiltrating secured systems to cause rogue things acquire certain informations as crackers. A black hat hacker is someone who actively attempts to break into systems or use computer viruses to steal information or achieve other purposes.

Safe Internet Blog black hat, botnet, Computer Virus, cracker, ddos, encryption, firewall, hacker, hash, password, phishing, proxy, ssl, zombie computer

We don’t use E-gold very often since most of our online business and customer sales are conducted through our online merchant account. However, we occasionally have someone who will request paying by E-gold so we keep an account there for this reason. Once a month or so we withdraw the funds and decided to do so yesterday. Imagine our dismay when we logged into our E-gold account yesterday and found our balance to be a big fat ZERO! We had checked the balance just a few days ago so we knew this was not correct. After investigating the history of the account, we found that a spend had been made to another e-gold account user WITHOUT our knowledge or authorization. We had been hacked!

Since we have up to date anti-virus and firewall software on our computer, we assumed we were safe. Not so! It seems this is not enough to keep away the hackers as the software does not prevent “Spyware” from being installed on your computer.

“Spyware” is software that gets onto your computer and literally “spies” on your activities. The spying can range from relatively harmless use of cookies tracking you across multiple websites… to extremely dangerous “keystroke loggers” which record passwords, credit cards, and other personal data. That data then gets relayed to the person who put the software on your computer.

Spyware gets on your computer in one of several different ways.

First, it rides along with software you download from the ‘Net and install on your system.

Second, they come as email attachments (much like viruses) and automatically install themselves on your computer when you open the email message.

Third, hackers find an open port on your computer and use the “back door” to install basically anything they want.

And fourth, the more malicious types, like keystroke loggers, can even get installed by someone with direct physical access to your computer such as an employer, suspicious spouse, business competitor, or someone who wants to know exactly what you’re doing.

So how do you protect yourself against these malicious hackers? You need a program that specifically scans your system for the tens-of-thousands of existing spyware programs along with the new ones appearing daily.

Below are two programs which specifically check for and remove spyware from your system:

“Spybot Search & Destroy” – http://www.safer-networking.org
“Ad Aware” – http://www.lavasoft.de/software/adaware/

You may have spyware lurking on your computer right now so protect yourself today by downloading one of the above programs!

As a point of reference, we contacted E-gold and informed them that we had been hacked. We provided them with the account number of the person who received the funds and asked for a contact e-mail address on the person. E-gold informed us that they could not provide that information without a “court order” and that basically there was no way of getting the money back!

Take action today to protect yourself from this growing threat! The bottom line is: – Keep your anti-virus program current

– Install a firewall
– Carefully screen software before installing it
– Scan specifically for spyware weekly
– Stay current on this growing threat.

We recommend that you take a look at Spy Stuff, Computers Troubleshooting and Cool Gadgets.

Safe Internet Blog anti virus, hacker, software, technology