If you're new here, you may want to subscribe to my RSS feed. So that you can read the latest updates about Web2.0 tools, Making Money Online, Tips in SEO, Ajax and many more. Thanks for visiting ProgramimiCOM!

There are companies such as Picky Domain Names that specialize in finding the perfect URL for your business, but there is no reason why you can’t do the same thing yourself, for free! All it takes is a good imagination and some time to brainstorm. If you have friends who can help, all the better.

Most of the regular domain names have been bought up and used now, so it is a real challenge to find ones that are unique, describe your business and are easy to remember. That’s why you need to get creative.

-First off, there are a few general ground rules to ensure that your visitors remember your domain names. This is obviously the most important part of choosing an URL, so keep the following in mind:

-Limit yourself to a maximum of three words. Longer phrases tend to be difficult to remember and also they take too long to type in. People want information fast and if they have to try and remember a twenty letter URL, they probably won’t bother.

-Use words that are easy to spell. If you use weirdly spelled words just to get the domain names you want, you will lose a lot of visitors. For example, if myspace.com is taken, don’t go for myspayce.com, you will just end up sending traffic to the other domain name.

-Think carefully before using anything apart from .com as an ending for your domain names. It is the most common and often people will forget if you use a more unusual ending such as .name or .tv.

Now that you have the basics in mind, it is time to brainstorm. Start by writing down all the words you can think of that relate to your business. For example, if you have a diaper service, you would end up with a list of keywords that include “diaper, diapers, baby, bottom, cloth, wet, dirty, clean, service” etc. Include any slang or nicknames as well, such as “nappy, stinky,” etc.

Once you have a good long list, start trying to put the words together in a form that would work as domain names. You should be able to come up with at least a dozen that fit the description of your business. For our diaper service example you might end up with nomorestink.com, dirtytoclean.com, nappybottom.com, etc.

Next, you need to go to a domain names registrar such as GoDaddy and check to see if your domain names are available. Start with the ones you like best and work your way down the list. Chances are you will find at least two or three that are available. These are then your choices for domain names!

This whole process works best if you have two or more people to bounce ideas off of. Domain names that are wacky and outrageous are sure to come up as you work your way through a brainstorming session with friends or coworkers! And at the end of it all, you should have a handful of domain names that you can go with.

• 0 Comments

Article marketing basically consists of submitting your promo pieces to article directories and hoping that they will be approved. However, there is a better way of doing things than simply submitting and waiting with crossed fingers. The trick is to guarantee that article directories accept your work.

It takes time and effort in order to write an article, submit it by hand to the article directories (the recommended method), and if you get rejected, you have wasted all of that time. Simply completing the submission process can take a minute or two and if you are submitting to several article directories or are trying to send multiple submissions to one, that could easily add up to half an hour, time for you to write a whole other article!

The best way to guarantee that article directories accept your work is to be familiar with their guidelines. Each directory is different, but by following general rules, you can ensure that everyone will accept your article. The editors are not usually that picky, as long as you follow formatting guidelines and stick to non-offensive information, you have a pretty good chance of adding your work to the roster.

Formatting guidelines for article directories are pretty standard. If you write an article that is between 400-800 words, you will be fine for length. Article directories tend to like their articles formatted for the web, which means writing in the same manner as this article that you are reading right now, single spaced lines, with a double space between paragraphs. This is easy to read and easy to write, as well. Avoid using TABS or indentation and stay away from automated numbers and bulleted lists. While using number is encouraged for steps, just make sure that your word processor isn’t adding them and indenting them automatically.

Your paragraphs should be fairly short as well. Three to four sentences is usually good. This means there is plenty of white space on the page and gets your article noticed faster. While the editors might accept your article even with long paragraphs, webmasters and ezine editors will be more likely looking for something that is easy on the eyes.

Spellchecking is a must for any article that will see the light of day. There is no excuse for submitting misspelled words to article directories. They will not accept this. All basic grammar rules should be followed, as well. Capitalization at the beginning of sentences and all other such rules need to be applied or your article will probably be rejected. The idea is to look professional, even if that means getting someone else to critique your work.

Links are also a no-no in many article directories and it is best to simply avoid them. If you want to add a link, you can do so in your bio at the end of the article. Otherwise, you can mention company names (like Chapters), but not the site (chapters.com). This will boost your chances of getting accepted into article directories drastically.

By following the guidelines above and making sure to read the submission rules on all article directories that you submit to, you will be sure to have success.

• 0 Comments

It is worth cataloguing the basic principles to be enforced to increase website traffic and search engine rankings. 

• Create a site with valuable content, products or services.
• Place primary and secondary keywords within the first 25 words in your page content and spread them evenly throughout the document.
• Research and use the right keywords/phrases to attract your target customers.
• Use your keywords in the right fields and references within your web page. Like Title, META tags, Headers, etc.
• Keep your site design simple so that your customers can navigate easily between web pages, find what they want and buy products and services.
• Submit your web pages i.e. every web page and not just the home page, to the most popular search engines and directory services. Hire someone to do so, if required. Be sure this is a manual submission. Do not engage an automated submission service.
• Keep track of changes in search engine algorithms and processes and accordingly modify your web pages so your search engine ranking remains high. Use online tools and utilities to keep track of how your website is doing.
• Monitor your competitors and the top ranked websites to see what they are doing right in the way of design, navigation, content, keywords, etc.
• Use reports and logs from your web hosting company to see where your traffic is coming from. Analyze your visitor location and their incoming sources whether search engines or links from other sites and the keywords they used to find you.
• Make your customer visit easy and give them plenty of ways to remember you in the form of newsletters, free reports, reduction coupons etc.
• Demonstrate your industry and product or service expertise by writing and submitting articles for your website or for article banks so you are perceived as an expert in your field.
• When selling products online, use simple payment and shipment methods to make your customer’s experience fast and easy.
• When not sure, hire professionals. Though it may seem costly, but it is a lot less expensive than spending your money on a website which no one visits.
• Don’t look at your website as a static brochure. Treat it as a dynamic, ever-changing sales tool and location, just like your real store to which your customers with the same seriousness.

• 0 Comments

Compiling the kernel

Wanted to try out the 2.6 edition kernel? Never knew how to do it? Well heres how! Includes everything from compiling the kernel to configuring your bootloader.

Lets Begin!

cd /usr/src
wget -c http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.7.tar.bz2
tar xvfj linux-2.6.7.tar.bz2
cd linux-2.6.7
make clean && make mrproper
make oldconfig ( or make menuconfig )
make bzImage
make modules
make modules_install

( i prefer this method rather then just “make” )

If you get alot of errors about .ko modules when you run make modules_install you need to update your modutils package with module-init-tools, see below.

Now to copy the files over for the kernel itself.

cp .config /boot/config-2.6.7
cp arch/i386/boot/bzImage /boot/vmlinuz-2.6.7
cp System.map /boot/System.map-2.6.7
mkinitrd /boot/initrd-2.6.7.img 2.6.7

You may experience an error such as this:

/dev/mapper/control: open failed: No such file or directory

if you receive that error run the following commands:

rm -rf /boot/initrd-2.6.7.img
mkinitrd –omit-lvm-modules /boot/initrd-2.6.7.img 2.6.7

Now to add it to the grub / lilo configuration.

[Grub]

Your config will look something like this. Please note you need to follow the format for your current config.

title Red Hat Linux (2.6.7)
root (hd0,0)
kernel /vmlinuz-2.6.7 ro root=LABEL=/
initrd /initrd-2.6.7.img

Add your new entry to the top of the kernel list. Set the default to your working kernel. NOTE: the first kernel in the list is “0″. (ex. default=1)

Now exit. Type “grub” at the bash prompt.

savedefault –default=0 –once

issue that at the grub prompt then use quit to exit. Once your reboot you need to go back in and set the default to the 2.6 kernel by setting default=0

[lilo]

Your config will look something like this. Please note you need to follow the format for your current config.

image=/boot/vmlinuz-2.6.7
label=2.6.7
append=”root=LABEL=/”
read-only
initrd=/boot/initrd-2.6.7.img

Leave the default as is.

/sbin/lilo -v -v
/sbin/lilo -R 2.6.7

Once it reboots and comes back online you can change the default to be 2.6.7 and /sbin/lilo -v -v

The above tells you how to enable failsafe in your kernels. SO that if the box panics the dc tech does not have to console in he just has to reboot the box.

How to install module-init-tools:

cd /usr/src
wget -c http://www.kernel.org/pub/linux/kernel/people/rusty/modules/module-init-tools-3.0.tar.gz
tar -zxvf module-init-tools-3.0.tar.gz
cd module-init-tools-3.0
./configure –prefix=”"
make moveold
make install
./generate-modprobe.conf /etc/modprobe.conf

How to determine what boot loader you are using?

dd if=/dev/hda bs=512 count=1 2>&1 | grep GRUB
dd if=/dev/hda bs=512 count=1 2>&1 | grep LILO

one of them will kick back something like:

root@w00t [~]# dd if=/dev/hda bs=512 count=1 2>&1 | grep GRUB
Binary file (standard input) matches
root@w00t [~]#

which means its using grub.

• 0 Comments

What is APF (Advanced Policy Firewall)? APF Firewall
APF is a policy based iptables firewall system designed for ease of use and configuration. It employs a subset of features to satisfy the veteran Linux user and the novice alike. Packaged in tar.gz format and RPM formats, make APF ideal for deployment in many server environments based on Linux. APF is developed and maintained by R-fx Networks: http://www.rfxnetworks.com/apf.php

This guide will show you how to install and configure APF firewall, one of the better known Linux firewalls available.10

Limit SSH connections to one IP with APF in this advanced tutorial

Requirements:
- Root SSH access to your server

Lets begin!
Login to your server through SSH and su to the root user.

1. cd /root/downloads or another temporary folder where you store your files.

2. wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz

3. tar -xvzf apf-current.tar.gz

4. cd apf-0.9.5-1/ or whatever the latest version is.

5. Run the install file: ./install.sh
You will receive a message saying it has been installed

Installing APF 0.9.5-1: Completed.

Installation Details:
Install path: /etc/apf/
Config path: /etc/apf/conf.apf
Executable path: /usr/local/sbin/apf
AntiDos install path: /etc/apf/ad/
AntiDos config path: /etc/apf/ad/conf.antidos
DShield Client Parser: /etc/apf/extras/dshield/

Other Details:
Listening TCP ports: 1,21,22,25,53,80,110,111,143,443,465,993,995,2082,2083,2086,2087,2095,2096,3306
Listening UDP ports: 53,55880
Note: These ports are not auto-configured; they are simply presented for information purposes. You must manually configure all port options.

6. Lets configure the firewall: pico /etc/apf/conf.apf
We will go over the general configuration to get your firewall running. This isn’t a complete detailed guide of every feature the firewall has. Look through the README and the configuration for an explanation of each feature.

We like to use DShield.org’s “block” list of top networks that have exhibited
suspicious activity.
FIND: USE_DS=”0″
CHANGE TO: USE_DS=”1″

7. Configuring Firewall Ports:

Cpanel Servers
We like to use the following on our Cpanel Servers

Common ingress (inbound) ports
# Common ingress (inbound) TCP ports -3000_3500 = passive port range for Pure FTPD
IG_TCP_CPORTS=”21,22,25,53,80,110,143,443,2082,2083, 2086,2087, 2095, 2096,3000_3500″
#
# Common ingress (inbound) UDP ports
IG_UDP_CPORTS=”53″

Common egress (outbound) ports
# Egress filtering [0 = Disabled / 1 = Enabled]
EGF=”1″

# Common egress (outbound) TCP ports
EG_TCP_CPORTS=”21,25,80,443,43,2089″
#
# Common egress (outbound) UDP ports
EG_UDP_CPORTS=”20,21,53″

Ensim Servers
We have found the following can be used on Ensim Servers - although we have not tried these ourselves as I don’t run Ensim boxes.

Common ingress (inbound) ports
# Common ingress (inbound) TCP ports
IG_TCP_CPORTS=”21,22,25,53,80,110,143,443,19638″
#
# Common ingress (inbound) UDP ports
IG_UDP_CPORTS=”53″

Common egress (outbound) ports
# Egress filtering [0 = Disabled / 1 = Enabled]
EGF=”1″

# Common egress (outbound) TCP ports
EG_TCP_CPORTS=”21,25,80,443,43″
#
# Common egress (outbound) UDP ports
EG_UDP_CPORTS=”20,21,53″

Save the changes: Ctrl+X then Y

8. Starting the firewall
/usr/local/sbin/apf -s

Other commands:
usage ./apf [OPTION]
-s|–start ……………………. load firewall policies
-r|–restart ………………….. flush & load firewall
-f|–flush|–stop ……………… flush firewall
-l|–list …………………….. list chain rules
-st|–status ………………….. firewall status
-a HOST CMT|–allow HOST COMMENT … add host (IP/FQDN) to allow_hosts.rules and
immediately load new rule into firewall
-d HOST CMT|–deny HOST COMMENT …. add host (IP/FQDN) to deny_hosts.rules and
immediately load new rule into firewall

9. After everything is fine, change the DEV option
Stop the firewall from automatically clearing itself every 5 minutes from cron.
We recommend changing this back to “0″ after you’ve had a chance to ensure everything is working well and tested the server out.

pico /etc/apf/conf.apf

FIND: DEVM=”1″
CHANGE TO: DEVM=”0″

10. Configure AntiDOS for APF
Relatively new to APF is the new AntiDOS feature which can be found in: /etc/apf/ad
The log file will be located at /var/log/apfados_log so you might want to make note of it and watch it!

pico /etc/apf/ad/conf.antidos

There are various things you might want to fiddle with but I’ll get the ones that will alert you by email.

# [E-Mail Alerts]
Under this heading we have the following:

# Organization name to display on outgoing alert emails
CONAME=”Your Company”
Enter your company information name or server name..

# Send out user defined attack alerts [0=off,1=on]
USR_ALERT=”0″
Change this to 1 to get email alerts

# User for alerts to be mailed to
USR=”your@email.com”
Enter your email address to receive the alerts

Save your changes! Ctrl+X then press Y
Restart the firewall: /usr/local/sbin/apf -r

11. Checking the APF Log

Will show any changes to allow and deny hosts among other things.
tail -f /var/log/apf_log

Example output:
Aug 23 01:25:55 ocean apf(31448): (insert) deny all to/from 185.14.157.123
Aug 23 01:39:43 ocean apf(32172): (insert) allow all to/from 185.14.157.123

12. New - Make APF Start automatically at boot time
To autostart apf on reboot, run this:

chkconfig –level 2345 apf on

To remove it from autostart, run this:

chkconfig –del apf

13. Denying IPs with APF Firewall (Blocking)
Now that you have your shiny new firewall you probably want to block a host right, of course you do! With this new version APF now supports comments as well. There are a few ways you can block an IP, I’ll show you 2 of the easier methods.

A) /etc/apf/apf -d IPHERE COMMENTHERENOSPACES
> The -d flag means DENY the IP address
> IPHERE is the IP address you wish to block
> COMMENTSHERENOSPACES is obvious, add comments to why the IP is being blocked
These rules are loaded right away into the firewall, so they’re instantly active.
Example:

./apf -d 185.14.157.123 TESTING

pico /etc/apf/deny_hosts.rules

Shows the following:

# added 185.14.157.123 on 08/23/05 01:25:55
# TESTING
185.14.157.123

B) pico /etc/apf/deny_hosts.rules

You can then just add a new line and enter the IP you wish to block. Before this becomes active though you’ll need to reload the APF ruleset.

/etc/apf/apf -r

14. Allowing IPs with APF Firewall (Unblocking)

I know I know, you added an IP now you need it removed right away! You need to manually remove IPs that are blocked from deny_hosts.rules.
A)
pico /etc/apf/deny_hosts.rules

Find where the IP is listed and remove the line that has the IP.
After this is done save the file and reload apf to make the new changes active.

/etc/apf/apf -r

B) If the IP isn’t already listed in deny_hosts.rules and you wish to allow it, this method adds the entry to allow_hosts.rules

/etc/apf/apf -a IPHERE COMMENTHERENOSPACES
> The -a flag means ALLOW the IP address
> IPHERE is the IP address you wish to allow
> COMMENTSHERENOSPACES is obvious, add comments to why the IP is being removed These rules are loaded right away into the firewall, so they’re instantly active.
Example:

./apf -a 185.14.157.123 UNBLOCKING

pico /etc/apf/allow_hosts.rules

# added 185.14.157.123 on 08/23/05 01:39:43
# UNBLOCKING
185.14.157.123

Thanks to R-fx networks for developing and maintaining APF Firewall.

• 1 Comment

Masking or anonymizing a Web server involves removing identifying details that intruders could use to detect your OS and Web Port80 Software has developed an IIS server module called ServerMask to combat the majority of issues explored here for the Windows Web Server.

The Server Header Tells All
Most Web servers politely identify themselves and the OS to anyone who asks. Using a network query tool like Sam Spade or this Header Check, you can discern the HTTP Server header. Just request a Web site’s home page and examine the resulting HTTP headers or “banners” sent back by the server. Among them, you will likely find something like this:

Server: Microsoft-IIS/5.0

There is not much mystery here. Apache’s default settings make it no less identifiable:

Server: Apache/2.0.41-dev (UNIX)

You can remove or obscure this HTTP Server header in a variety of ways, depending on your platform. Apache 2.x users who have the mod_headers module loaded can use a simple directive in their httpd.conf file, as follows:
Header set Server “New Server Name Goes Here”

Unfortunately, mod_headers cannot alter the Server header in prior versions of Apache, so 1.3.x users will have to resort to editing the defines in httpd.h and recompiling Apache to get the same result. IIS users can install IISLockDown and use the configuration option in URLScan’s INI file for removing or replacing the header. Be careful with URLScan if you are using Cold Fusion application server — the way the current version replaces the Server header wreaks havoc with CFM pages. In fact, removing the header is the way to go when using URLScan, since if you try replacing the header it moves to the bottom of the header order — which pretty much gives away that you are running URLScan on IIS.

Unsightly File Extensions
Displaying file extensions like .asp or .aspx in a site is a clear indication that you are running a Microsoft server and, in general, hiding file extensions is a good practice to mask the technology generating dynamic pages. You can change your application mappings (.asp becomes .htm or .foo, etc.), but such one-to-one mapping can make mixing server-side technologies painful and does nothing to alleviate headaches during site migrations. Doing without file extensions altogether is an even better idea, not only for security but also for ease-of-migration and content negotiation. Apache people will want to take a look at mod_negotiation. Watch out, though, for the Content-Location header in the server’s response, which can give away the file extension that is not shown in the URL. You might have to suppress this header separately using mod_headers. In a similar vein, Port80 offers a tool called PageXchanger that allows file extension hiding in IIS.

Half-Baked Cookies
The ASP session ID cookie, used by the Session object to maintain client state, is another dead giveaway:

Set-Cookie: ASPSESSIONIDQGQGGWFC=MGMLNKMDENPEOPIJHPOPEPPB;

You can disable ASP Session State so that this cookie is not placed, but you lose the convenience of using the Session object to maintain client state. You could also create an ISAPI filter to change the names of any session ID cookie. On the other hand, ASP sessions are resource intensive, and turning them off improves the performance and scalability of your ASP application, while also helping to anonymize your server.

Send These to the Recycle Bin
WebDAV: Another way of identifying Microsoft servers is their implementation (from Windows 2000 and IIS 5.0 on) of WebDAV — the HTTP Extensions for Distributed Authoring and Versioning. WebDAV itself is not unique to Microsoft or IIS; it is a proposed standard (RFC 2518) with an IETF Working Group. Microsoft’s WebDAV support, however, adds a lot of information to the headers sent back by the server, especially when an HTTP OPTIONS request is made. If you are not using WebDAV (to support Outlook Web Access or Web Folders, etc.), you can disable it entirely by editing the registry or by using IISLockDown and URLScan.

Public Header: Certain Web servers betray their identity by displaying the Public header in HTTP responses. Few popular Web Servers send this header in response to OPTIONS requests (while almost all respond with the similar Allow header). The presence of Public is a good indication you are connected to either an IIS box or Netscape Enterprise 3.6. The Public header can be removed with a custom ISAPI filter (IIS) or NSAPI plug-in (Netscape).

Integrated Windows Authentication: IIS users should not rely on “Integrated Windows Authentication” — especially not as a way of hiding anything on the server. This method betrays the very secret it would keep, since a script or visual hacker can identify the Windows box by means of the WWW-Authenticate headers sent by the server. When a file or directory is protected by NT Challenge-Response authentication, one of the authentication headers contains the string “NTLM” (NT LAN Manager) — a Microsoft-specific form of HTTP authentication.

Get Your Headers Straight
The number and sequence of your HTTP headers and the presence or absence of certain platform-specific headers provide handy ways for more sophisticated hackers to fingerprint your Web server. A relatively unexplored area of server profiling, this will become a more common exploit as administrators start to implement countermeasures against obvious HTTP vulnerabilities like the Server header. For IIS users, a custom ISAPI filter can alter the Microsoft-specific header order or sequence to emulate, say, a default Apache installation. Apache users can accomplish any header order emulation they wish by experimenting with the location and order of Header directives in mod_headers.

Whose Default is That?
Default messages, pages and scripts of all kinds often contain clues to server identity, and these should be removed or modified accordingly. Software behind the Web server often bubbles error messages back through the HTTP request/response cycle, and customized HTTP errors can mask application server, database server, Web server and OS identity. For IIS, CustomError makes it easy for developers to deploy custom 404 and other HTTP error pages. This article shows how to implement custom HTTP errors in Apache. Avoid this on a development server, since, when done properly, it prevents database and server-side scripting errors from being seen — making it tough for developers to debug their applications! Remove or hide any Web or application server administration pages, scripts or documentation installed under your server’s Web root, and make sure to replace those default home pages.

• 1 Comment

Allowing the root user to login directly is a major security issue, we’ll show you how to disable it so you can still login as root but just not directly, reducing the security issue.

This will force a hacker to have to guess 2 seperate passwords to gain root access.
(you do have 2 seperate passwords for admin and root right?)
What happens is you’ll first need to login as your admin user in SSH, then switch to the super user with the su command to get root.

We also will be forcing the use of SSH protocol 2, which is a newer, more secure SSH protocol
Just a couple more ways to help your server stay safe from the bad guys. If you’re using cPanel make sure you add your admin user to the ‘wheel‘ group so that you will be able to ‘su -‘ to root, otherwise you may lock yourself out of root.

1. SSH into your server as ‘admin‘ and gain root access by su

2. Copy and paste this line to edit the file for SSH logins
pico -w /etc/ssh/sshd_config

3. Find the line
Protocol 2, 1

4. Uncomment it and change it to look like
Protocol 2

5. Next, find the line
PermitRootLogin yes

6. Uncomment it and make it look like PermitRootLogin no

7. Save the file Ctrl+X then Y then enter

8. Now you can restart SSH
/etc/rc.d/init.d/sshd restart

Now, no one will be able to login to root with out first loggin in as admin and ’su -’ to root, and you will be forcing the use of a more secure protocol. Just make sure you remember both passwords!

• 0 Comments

What is a rootkit?

A rootkit is a set of software tools inteded to conceal running processes, files or system data from the operating system. Basically they let someone get access or run commands when they shouldn’t be allowed and don’t want to be found. Rootkits can go undetected for long periods of time so it’s a good idea to check your system for them regularly in additional to virus scans.

The concept of the rootkit isn’t a new one, and dates back to the days of Unix. An intruder could use a kit of common Unix tools, recompiled to allow an intruder to have administrative or root access without leaving traces behind. Rootkits, as we’ve come to know them today, are programs designed to conceal themselves from both the operating system and the user — usually by performing end-runs around common system APIs. It’s possible for a legitimate program to do this, but the term rootkit typically applies to something that does so with hostile intent as a prelude toward stealing information, such as bank account numbers or passwords, or causing other kinds of havoc.

Many antivirus and security-software manufacturers have since added at least some rudimentary level of rootkit detection to their products, but there have been a number of free, standalone rootkit detection tools that have been in use for some time. In this article, I examine six of the more prevalent standalone applications, and talk about their relative merits and abilities. To test them out, I used them to scan a system for three varieties of rootkit: Fu or FuTo, which can “stealth” any process; the AFX Windows Rootkit 2003, which can hide processes and folders from the system; and Vanquish, which is similar to AFX but uses a slightly different concealment mechanism.

How They Work
The detectors themselves typically work by comparing different views of the system and seeing where there’s a mismatch. One of the original ways to perform this kind of detection was to dump a complete list of all the files on the volume while inside the operating system, then boot to the Recovery Console and dump another file list, then compare the two. If a file shows up in the second list but not in the first and isn’t a Windows file kept hidden by default, it’s probably a culprit. More recent rootkit detectors use variations on this scheme that don’t require exiting the operating system to get usable results.

I’ve also looked at these applications in a more general light and tried to consider how useful the program is likely to be in the future: how easy the detector is to use; how easy it is to interpret the results; how often the detector was updated; and so on. Remember that rootkits, like viruses, are a moving target. An anti-rootkit program that protects you today might be defenseless tomorrow against a whole new variety of threat — in fact, many rootkit makers write their programs to specifically avoid detection by some existing programs.

For the most part, these programs are for advanced- to expert-level users. They’re not intended to be used as general-purpose solutions; they don’t always distinguish between false positives (i.e., files hidden by the operating system deliberately) and real rootkits; they come with no warranty — they’re provided “as-is” — and some of them (such as Trend Micro’s product) have their core technologies available in a far more user-friendly version in a commercial product. In short, if you’re not a professional, your best bet, at least for now, is to either hire a guru or use a mainstream product that has some kind of rootkit detection capability (such as Trend Micro Internet Security 2007).

Continue article

• 0 Comments

As you should know, on Windows 2003 Server, CDONTS was deprecated and CDOSYS is the new one Microsoft email sender component (read more on Microsoft Website)

However, some ASP scripts will require CDONTS and customers can need CDONTS install.So, to install CDONTS

1) First, install MailEnable or other SMTP server. Make sure it is running.
2) Download and unzip cdonts.dll to C:WindowsSystem32 folder
3) Register the CDONTS.DLL component on your server by clicking start >> run >> type :
regsvr32 c:winntsystem32cdonts.dll >> ENTER

Now CDONTS should being work perfectly.

To know if CDONTS is installed you can use http://www.pensaworks.com/prg_com.asp to view a list of installed components.

Based on: http://www.windows-2003-hosting.co.uk/?pagename=cdontshowto

• 0 Comments

1) Start Internet Information Services Manager or open the Internet Information Services (IIS) snap-in.

2) Expand Server_name, where Server_name is the name of the server, right-click Default SMTP Virtual Server, and then click Properties.

3) Click the Access tab, and then under Access control, click Authentication.

4) Click to select either or both the Basic authentication and the Integrated Windows authentication check boxes, click to clear the Anonymous access check box (if it is selected), and then click OK.

By doing so, authentication is required before access is granted to the SMTP virtual server. In this case, if the user or computer does not successfully authenticate, the user or computer cannot send mail to the server.

NOTE: If you click to select the Anonymous access check box and do not click to select the Basic authentication and the Integrated Windows authentication check boxes, all users and computers are able to access the SMTP virtual server.

This disables authentication.

5) Under Relay restrictions, click Relay.

6) Note the options that are available in the Relay Restrictions dialog box. By default, the Only the list below option is selected and this list is empty. Additionally, the Allow all computers which successfully authenticate to relay, regardless of the list above option is selected. With this feature, users and computers that can authenticate with the server can relay through the server. All computers are blocked except those that meet the authentication requirements that you configured earlier in the Authentication dialog box of the Access tab.

Note that if you allow only anonymous access, the server does not authenticate users or computers.

7) Click Add, and then do one of the following to add a single computer, group of computers, or a domain:

Click Single computer.

Type the IP address of the computer that you want in the IP Address box, and then click OK.

Click Group of computers.

Type the subnet address and the Subnet mask of the group into the corresponding boxes, and then click OK.

Click Domain.

Type the domain name that you want in the Name box, and then click OK.

If you do not want to add a computer, group or computers, or a domain, click Cancel.

8) Click OK, and then click OK.

• 0 Comments