News : Official Linux Website Taken Down Due To A Breach in Security

It came as a shock to everyone when the news about the security breach faced by Linux foundations website spread like a wild fire. The impact was caused on LinuxFoundation.org and Linux.com, and their sub-domains.

It was during this week ie. 8th September 2011 when they discovered a malware. The following was an official announcement made on their website “The Linux Foundation made this decision in the interest of extreme caution and security best practices. We believe this breach was connected to the intrusion on kernel.org.”. The sites are still down for maintenance. According to reports, the action was taken as a precautionary measure after a trojan had infected the computer of a kernel developer and kernel.org servers. The passwords and user interactions were logged during the compromise.

The exact impact and proximity of the breach is not known at the moment and have suggested users to change the passwords as soon as the site is functional and made available again. According to the announcement, it seems that they are still in process to restore the services and all the systems are being audited.

Users who wish to know more information or have any questions can send and email to info@linuxfoundation.org. But first we would recommend you to visit the site to check if a similar question has already been answered.

Related Posts:

• No Related Posts

Nowadays, more and more companies are using the cloud hosting as a secure solution to keep their data safe and ensure that they can recover the data at any time if required.

Many of the experts in uk web hosting and corporate industry have agreed that this would be the right strategy, to ensure the data security, safety and restoring their data online in just few clicks would be a comfortable solution. But, if security is regularly discussed when talking about these services, we need to be sure about the physical security as well. If the data is sent via a secure connection, then at the other end of the real infrastructure they must meet very specific requirements to be considered perfectly safe (fire, flood, access, electricity, etc.)…

How to ensure the security of data ?

Only if certain criteria are met then the security of data is complete, it’s not just flow in transit. So companies should not hesitate to ask questions relating to the physical security of the data center.

Among other important questions that can be asked are:

• Who has access to server rooms ?
• How to get your does ?
• What happens if there is an situation of fire ?
• Is the data center built in a flood or seismic zone ?
• Do you have redundancy for electrical systems, air conditioning, network lines, etc… in your data center ?

Finally, never hesitate to ask for a document explaining the security measures taken for infrastructure (data center) to prevent disasters.

Related Posts:

• Let Me Help You Find the Cost of Cloud
• VMware Cloud Foundry – An Insight
• Cloud based CRM Software Tool
• Choosing the Right Cloud Hosting Service Provider
• Cloud, As Reliable and Secure as your Home Computer

The online forums are considered as playgrounds by many online marketers and link builders. It may so happen that the purpose of the forum might get shattered. As a matter of fact, there are multiple advantages that a forum has to offer, for example : it might be a place to share and discuss knowledge, source of earning, promotion of websites, share experiences, offer suggestions and advice and lots more.

But it is a serious concern how forums are being populated by spammers, leading to hamper the genuine experience of using a forum. Most webmasters are concerned about managing spams and banning spammers from their online forums. If a particular forum is left un-audited for a week, it may destroy the community completely. Though there are certain methods that can help you limit this continuously increasing concern.

Tips to Prevent Spam on Forums

Moderators to keep a watch on the activity over Online Forums

Moderators can be of great help with tackling the issue. They have the rights to delete or edit spam threads and ban the users doing such activities. Though it may prove to be a stressful job on a busy forum. In that case you can seek help from volunteers or employ someone who can moderate your forum in a timely manner.

This also involves your role of making the moderators understand their role clearly. For that purpose you may need to train and educate them until they get a hold of things. Neat and clear walk-through can be laiden in occur to tackle the task of forum moderation on their own. While doing so, you must also think about those users who haven’t spammed the forums intentionally, but at the same time must identify the actual users that are spamming the forums.

For users who haven’t spammed your site intentionally, you may ask them to remove the post stating the appropriate reasons, this way you can not only maintain trust as you haven’t deleted the post without their knowledge but would also educate them about what is not allowed. For this purpose a simple PM might do the trick.

Restricting Registrations made via. Open Proxies

As most of us are aware, there are number of sites that provide a list of open proxies which can be used by anyone over the web. You may restrict the member registrations done via. these forums or ask your developers to include such a list for you. Many users would do this to encapsulate their identity and stay anonymous for any reason. While few spammers too would make use of such server and get registered with your forum. Hence, having a system in place that would instantly detect registration done via. proxy servers can help you avoid a great deal of spam activity on the forum. If you are using a software for forum which does not have such as facility, you download or purchase a mod that is capable of blocking proxy registrations.
Since social networking sites are being used by most of the people, some of the forum softwares now allow users to login to their forums using the social networking profiles. There are plugins that would allow you to do so.

Ask the Users to Populate the Member Profile Fields

Inorder to get registered in the forums, the users should need to manually populate the fields instead of some spam bots to register automatically. Creating such a bottle-neck can help you control and avoid forum spams to a great extent. You must also need to keep in mind that the registration form isn’t too long that it’ll piss-off them off and hence leave the registration and move away.

Picture Authentication for Forum Registration

Picture or image authentication is one of widely used techniques for avoiding spam. It helps in preventing spam bots from registering automatically on a website. Most webmaster would also refer it as captcha authentication, it is a tool that generates random texts or images and the users need to type the same in the adjacent fields. If the entered text matches with the captcha, only then the process goes to the next stage of registration. This technique has been proved very helpful with filtering out the automated tools like spam bots from getting an access to the site.

Send a confirmation URL via. Email

You would find this with most of the existing forums and is considered to be a reliable authentication and verification methods in the industry. In this, once a user has completed the registration process stated above, an automated email is sent to the registered email address. A confirmation URL is included in the email which the users needs to access to successfully get registered with a forum. Most individuals with an intention of spamming would never click the confirmation link for verifying the account hence eliminating spamming over your site.

Apart from the techniques stated above, there are few others such as IP blocking, swear filters, filtering URLs and website names, enabling flood control to limit the number of posts per user, using mass pruning, reporting spammer details to blacklist websites and ISPs and enabling existing forum members report spam etc. that can further enhance your efforts in controlling spam.

Spam has been a serious concern all across the Internet industry, newer and better techniques of spamming as well as their counter active measures are being implemented. So choosing an appropriate technique can help you protect your online existence.

Related Posts:

• How to protect the system from Malwares
• A Complete Guide For Newbies | Web Hosting Features | Part 7

Nowadays, the SPAM coming into your mailbox is disguised forms of any type of trying to look like a legitimate email and inviting us to follow their instructions. In this article, you will see some useful tips on how to detect SPAM in your email and avoid problems on your computer, especially if its a personal computer.

Based on the following references review your email before Open, Read, Reply or open any of the attachments.

• Post in another language: Most spam comes in English, so if one does not usually have such communication is a sign.

• E-misbranded: Much of the spam does not reach its name, but if the name of user name mail account. For example: If your name is Jason, and his email account is Jasonpj @ Mail can arrive as “Greetings JASONPJ” Rest assured that it is false. Against him, if your username is Jason @ match and appear to be directed at you.

• Social networks, banks and service password change request: No, under no circumstances change or modify prompted for a password if you have not requested. Much less opening and running a file included in the mail. Reminders can be reached, but should never access the site by links in the mail.

• Post from yourself or the same domain (own domain): It’s easy to pretend to be another sender, so it should not rely on emails apparently sent by itself. If they sent you, then it is yours.

• Known mails asking to download files with generic messages: You can e-mail from someone they know, but the key is in writing and asking you to do. Do not trust generic newsrooms do not even mention your name, technically could be directed to anyone.

• Post that give things and money: Nobody gives away computers, money, free service suspended, or donate money to anyone if you forward or mail to your contacts. Any email that asks to be forwarded to your contacts, It is false!. No matter how attractive, seeming to be true or depressing, that’s exactly what they are trying to achieve.

These are just some of the most common places where it still falls on deception.

Why is it so important to be suspicious of emails and access these features ?

If you trust any of these emails and falls into the trap, one of the following things may happen.

• Your computer may get infected.

• It could be confirming that your account is active and then be receiving more spam.

• If you forward emails incorrectly, will be giving away the accounts of all the recipients to be receiving more spam.

• Could carry out a fraud and stealing their social network account, email or worse access your bank account, etc… that you have. Even with all the security mechanism implemented banks, it is still possible, has happened and unfortunately continues to happen.

Many negative things can happen for those who fall into such trap and be fooled. Remember that just what all SPAM trying to achieve is to appear legitimate, real or accurate. We at web host uk always advise our customers with any questions or concerns that may arise with suspicious e-mail.

Related Posts:

• No Related Posts

There may be an instance when you realize or find unexpected behaviours of your Joomla website or webpages, there is a possibility that it has been compromised by hackers.

Q. How to confirm whether the site is hacked ?

Ans. The most primary step that you may take is to run through the logs and look for suspicious users (IP’s) trying to get access to pages which they shouldn’t ideally be trying to use.

Such an identification might take a few minutes, or hours or even couple of days. Despite after spending long hours, you might not be able to locate the culprit. Hence, it is always better to equip you Joomla website with implementing security practices before-hand. Further, you should make yourself aware with how a Joomla site can be compromised.

Following are few of the aspects that may cause risk to your Joomla website :

I. Having an outdated version of Joomla – It is strongly suggested to install an updated version of the underlying platform, in this case, Joomla. The latest updates contain fixes for any sort of detected vulnerabilities that the old version. Hackers and attackers are constantly on the look-out for such vulnerabilities, which when located by them can cause serious destruction to the website. These damages need not always be recoverable.
Inorder to know the version of Joomla that you are currently using, you must log-in to the admin panel. If it isn’t a latest version, the following steps must be followed

II. Outdated Add-on components and modules – It widely observed that webmasters usually fail to have their addon components and modules in Joomla updated. It is advisable to check for updates on a regular basis, if there are any updates available, it is important that your install them over your Joomla hosting server. The updates usually contain patches and bug fixes to offer better stability and security to your Joomla installation. If you have an eCommerce website designed in Joomla, using an SSL Certificate can harden the security of your website. It is also advisable to follow the instructions stated on the updates page.

Incorrect configurations offering a chance for security breach. The following are few common misconfigurations that webmasters usually tend to commit maybe unintentionally.

i) register_globals : Switching this to an ON state in PHP configuration, this particular directive would enable a simple variable poisoning, therefore it is necessary to keep it OFF.

ii) allow_url_include : Switching this to an ON state in PHP configuration, would enable remote code to be included in your scripts, hence it is highly advisable to switch is OFF.

iii) The use of default table prefix _jos : This corner is usually the cause for MySQL injections, hence it is strongly advised to change the table prefix to something tougher to find.

iv) RG_EMULATION : If this directive is switched to an ON state, it emulates register_globals locally, which may call for disaster. Incase this is enabled, a Warning is displayed almost instantly when you access the Joomla administrator panel. Inorder to turn it OFF, you may add it in between the configuration.php file.

Incase you are a victim of hacking, please contact our support department at support@eUKhost.com or use our Live Chat to assistance.

Related Posts:

• Creating 404 page for Joomla
• Joomla Website Security – Part II
• Features To Make Your Website Secure