|
|
DVD Backup Made Easy
If you are running backups on a regular basis, you have probably come across the problem that CDRs or CDRWs are simply to small for some backups. While you could split your backups to multiple CDs, this is not a very good solution if you have to...
How Did I Get Started Online?
In this article, I'm revealing my personal experience of how I started my online business and who influenced me the most with regards to Internet business. Unlike other articles on Internet business, I'm not going to talk about how to write HTML...
Software Evolution
As Internet connections become more permanent with broadband
access, software will be able to evolve into a more efficient
and personalized medium. Currently, most software run from our
hard drives and require installations that alter our...
What Can AutoResponders Do That Will Save Me Hundreds Of Hours?
What Can AutoResponders Do That Will Save Me Hundreds Of Hours? by James Mann http://www.inetstrategiesinc.com/ First let me say there is absolutely nothing wrong with responding to your email manually. I have family, friends and associates that I...
Your Electronic Filing Cabinet
The purpose of this article is to provide the beginner and intermediate computer user with a clear understanding of the computer's filing system: how electronic information is stored and organized. Upon completion you will be able to master all...
|
|
|
|
|
|
|
|
Redirect Worms Away
My site is hosted on an Apache web server. Why is that? Because, in my humble opinion, Microsoft's IIS web server is in no way qualified to service internet web sites (it is excellent as an intranet and applications server, however). Another reason is the vast number of security issues that seem to pop up day after day.
In point of fact, the Gartner Group has recommended "that businesses hit by both Code Red and Nimda immediately investigate alternatives to IIS, including moving Web applications to Web server software from other vendors such as iPlanet and Apache".
http://www4.gartner.com/DisplayDocument?doc_cd=101034
But what about those of us who are already hosting their sites on Apache servers? I've seen lots of articles about how to protect, detect, cleanse and prevent the worms from attacking IIS servers. While the worms do not penetrate Apache security, they do cause damage.
Some of the damage includes:Server logs get filled with junk - The Nimda worm alone created over 20,000 entries in a 2 day period in my log files.
The server is made very busy - This is especially true if you've got a custom 404 error page, as I do. This means that every time the worm attempts a penetration, then entire 404 page is returned (in my case, that's about 40k). That adds up to a lot of wasted bandwidth.
I thought about this issue for a while after examining my logs and seeing thousands of 404 errors from attempted worm penetrations. Surely there was a way to at least reduce the impact of these things? As I saw the 404 error count increase, I realized that a significant portion of the bandwidth that I was paying for was being thrown away.
An examination of the log files produced several thousand attempts at each of the following URLs. Obviously each of these is the address of a possible weakness in an IIS server.
/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe /c/winnt/system32/cmd.exe /d/winnt/system32/cmd.exe /scripts/..%2f../winnt/system32/cmd.exe /scripts/..%c1%9c../winnt/system32/cmd.exe /scripts/..%%35%63../winnt/system32/cmd.exe /scripts/ .%%35c../winnt/system32/cmd.exe
/scripts/..%c0%2f../winnt/system32/cmd.exe /scripts/..%c0%af../winnt/system32/cmd.exe /MSADC/root.exe
The Apache web server provides a feature called .htaccess, which provides commands to control a web site. This file is very obscure and extremely useful when used properly. You have to be careful when editing .htaccess files, as a small mistake can make your web site stop working. What I like to do is immediately test the site to be sure it works.
Be sure not to make the mistake that I made once - I browsed to my site, saw that the home page came up, and went to work. Later, I found it was not working but appeared to work because the home page was stored in my browser cache. Thus I learned a simple lesson the hard way: always hit the refresh key of the browser when testing .htaccess changes.
I did a little research and testing, and added the following lines to my .htaccess file.
redirect /scripts http://www.stoptheviruscold.invalid redirect /MSADC http://www.stoptheviruscold.invalid redirect /c http://www.stoptheviruscold.invalid redirect /d http://www.stoptheviruscold.invalid redirect /_mem_bin http://stoptheviruscold.invalid redirect /msadc http://stoptheviruscold.invalid RedirectMatch (.*)cmd.exe$ http://stoptheviruscold.invalid$1
These lines did exactly what I wanted them to do - they stopped the virus from creating 404 errors in my log file, and they prevented my 404 error page from being triggered, thus creating lots of useless bandwidth utilization. There is still some bandwidth used, obviously, but it is far less than it would have been. The load on the server is also considerably reduced, which should make my web hosting company happy.
Note that log file entries are still made by the various worms as they attempt to penetrate the server. These entries do now show as errors, which makes it easier to pick out real errors from the logs.
About the Author
Richard Lowe Jr. is the webmaster of Internet Tips And Secrets at http://www.internet-tips.net - Visit our website any time to read over 1,000 complete FREE articles about how to improve your internet profits, enjoyment and knowledge.
|
|
|
|
|
Tucows Downloads - Download Freeware and Shareware Software |
Download freeware, shareware, and demos. Maintains over 45000 software titles that are tested, rated, reviewed and ready to download. |
www.tucows.com |
  |
Free Software Downloads and Software Reviews - Download.com |
Download shareware, freeware and Demo software for PC, Mac, Linux, and Handhelds categorized into categories, plus software reviews. |
www.download.com |
  |
Computer software - Wikipedia, the free encyclopedia |
This includes application software such as a word processor, which enables a ... Application software is often purchased separately from computer hardware. ... |
en.wikipedia.org |
  |
Shareware.com - Search for shareware programs and free software ... |
Search for shareware programs from more than a dozen downloadable software directories. |
www.shareware.com |
  |
Jumbo: Free & Shareware MP3 files, Games, Screen Savers & Computer ... |
Source of free and shareware computer programs and utilities for PC and Mac. Evaluate software and read product reviews. Download games and screen savers. |
www.jumbo.com |
  |
Computer Software in the Yahoo! Directory |
Browse categories featuring sites devoted to computer software, including shareware and freeware download sites, operating systems, desktop customization, ... |
dir.yahoo.com |
  |
IEEE Software |
IEEE Computer Society's magazine covering all aspects of software, including software engineering. |
www.computer.org |
  |
Free Downloads on ZDNet | Shareware, Trialware, Evaluation Software |
ZDNet's Software Directory is the Web's largest library of software downloads. Covering software for Windows, Mac, and Mobile systems, ZDNet's Software ... |
downloads.zdnet.com |
  |
FSF - The Free Software Foundation |
Free software is a matter of liberty not price. Think of "free" as in "free speech". |
www.fsf.org |
  |
Apple - Software |
Software products for your digital life. ... The perfect addition for professional review. QuickTime Broadcaster. Encoding software for live events. ... |
www.apple.com |
  |
Open Directory - Computers: Software |
In Partnership with AOL Search. about dmoz | report abuse/spam | help. the entire directory, only in Computers/Software. Top: Computers: Software (38471) ... |
dmoz.org |
  |
freshmeat.net: Welcome to freshmeat.net |
About: The Web browser is probably the most frequently used software today, ... Web professionals can use the software for functional testing and regression ... |
freshmeat.net |
  |
Software - GNU Project - Free Software Foundation (FSF) |
Listing of the GNU software packages. |
www.gnu.org |
  |
Sun Software |
Get enterprise-class software--Solaris 10 OS, the Java Enterprise System, ... Sun Java StorageTek Software reduces cost and complexity with a single, ... |
www.sun.com |
  |
Internet Real Estate.com -- owns and operates a portfolio of the ... |
SOFTWARE.COM · SWEEPSTAKES.COM · PHONE.COM PODCAST.COM ... Software.com | Sweepstakes.com | Phone.com | Podcast.com | Shop.com | Safety.com ... |
www.internetrealestate.com |
  |
Joel on Software |
A weblog by Joel Spolsky, a programmer working in New York City, about software and software companies. |
www.joelonsoftware.com |
  |
Amazon.com Software: Computer & video games, business, accounting ... |
Online shopping for computer & video games, business & office productivity software, software from Microsoft, Apple, Adobe & more; accounting, antivirus, ... |
www.amazon.com |
  |
IBM Software - Home Page |
IBM home page for all of its software products, including Lotus and Tivoli, with keyword search, category browse and AZ product names. |
www.ibm.com |
  |
Opera web browser: Homepage |
Copyright © 2006 Opera Software ASA. All rights reserved. Skip navigation. Opera Software ... Copyright Opera Software ASA . All rights reserved. ... |
www.opera.com |
  |
Google Directory - Computers > Software |
Search only in Software Search the Web ... Software Categorized by Letter: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ... |
www.google.com |
  |
|