Some time ago I got an hosting account at a cheap company (I won’t mention any names). All was good and fine until the trouble started.

1. No detailed access logs

There is no way to see who logged in when over ftp. The only thing that is logged is the access over the web interface. This is not enough! I just found out that several index.html and index.php files where modified between april and may. They all where “infected” with some extra javascript code. Funny enough, somewhen during this time there was a modification to the FTP server of that provider. All passwords where modified and you had to change the password over the webinterface for all accounts. Strange isn’t it. There was no official statement about anything getting hacked. 

2. Useless webstats

One of my sites hosted there had in a day about 200Gig traffic. Although they promise you about 5000 Gig traffic per month, all my sites where locked down due to bandwidth exceeding. Support told me this:

All ***** accounts are allowed to use 167 GB of transfer per day. If you site goes over this limit it will be taken offline until the next day. 

 I tried to find anything about this on their website and find no trace about this limitation. Anyway, the reason for the huge traffic amount was of course someone with bad intentions. It is weird since there is no real website on that account. It was used for exchanging larger files (legal content, no piracy) and nothing that would really be of interest to someone. I couldn’t find out what was downloaded and from where to cause such huge traffic, the support was of no help and ALL MY SITES WHERE OFFLINE for one day. Really all of them! Not just the one causing the traffic. 

There where some other minor issues why I don’t like this provider, but they I can’t remember now and anyway, like I mentioned, they where minor issues. The two big issues I mentioned above is the reason why I will cancel my account. 

oh yes … one of the minor issues is they don’t support sFTP or FTP with SSL, just plain unencrypted FTP. Not very nice.

Comments(0)

Since yesterday I am facing a DoS attack on one of my IP’s
The server is being hit by UDP packets on port 80. I could solve some of the issues created by this high load and server are running, but the attack is still going on as I write this with 20Mbit and creating traffic of about 9 GB/hour.

Comments(0)

Skype has learned that a computer virus called “w32/Ramex.A” is affecting users of Skype for Windows. Users whose computers are infected with this virus will send a chat message to other Skype users asking them to click on a web link that can infect the computer of the person who receives the message.

Please note that Skype users ONLY become infected after they have downloaded the link and run the malicious software. The chat message, of which there are several versions, is cleverly written and may appear to be a legitimate chat message, which may fool some users into clicking on the link.

On the worm that affects Skype for Windows users - Heartbeat

Comments(0)

Oare sa imi pun si eu asa ceva in masina ?

Pentru a-si proteja exponatele cele mai de pret marile magazine folosesc sisteme de alarma avansate sau bodyguarzi masivi. Totusi, magazinul Harrod’s din Londra a considerat ca acestia nu ar fi indeajuns.

Retailerul a hotarat sa adopte o masura mai extrema pentru a proteja o pereche de sandale Rene Caovilla in valoare de 120.000 de dolari, care urmau sa fie prezentate in data de 10 septembrie.

Harrod’s a considerat ca de un sarpe veninos nu se va apropia nimeni, de aceea a introdus unul in vitrina unde sunt expusi pantofii. Cobra egipteana a fost inchiriata sa patruleze prin vitrina in ziua lansarii. Dupa lansare, Harrod’s a restituit reptila proprietarului.

Sistemul de alarma care nu scoate niciun sunet « Actualitatea « Revista Capital

Comments(0)

Chinese military hackers have prepared a detailed plan to disable America’s aircraft battle carrier fleet with a devastating cyber attack, according to a Pentagon report obtained by The Times.

China’s cyber army is preparing to march on America, says Pentagon - Times Online

creepy …

Comments(0)

Want to send an email in the name of the Iran embassy ? Or maybe the Indian embassy?
Here a list with working passwords to exactly 100 email-accounts to Embassies and Governments around the world

DEranged Security » Blog Archive » DEranged gives you 100 passwords to Governments & Embassies

Comments(0)

This is very interesting. I have no clue what use this could be …

pagetable.com » Blog Archive » Skype Reads Your BIOS and Motherboard Serial Number
Skype Reads Your BIOS and Motherboard Serial Number

Comments(0)