Best Tips to Protect your Web Sites from Hackers and Malicious contents

Hack

The Web is scarier than most people realize, according to research published recently by Google.These Web-based attacks become much more common in recent years as firewalls and better security practices by Microsoft have made it harder for worms and viruses to directly attack computers. Nowadays about 1.3 percent of all Google search queries list malicious results somewhere on the first few pages.

Criminals are getting better at this kind of work. They have built very successful automated tools that poke and prod Web sites, looking for programming errors and then exploit these flaws to install the drive-by download software. Often this code opens an invisible iFrame page on the victim’s browser that redirects it to a malicious Web server. That server then tries to install code on the victim’s PC. “The bad guys are getting exceptionally good at automating those attacks,”

[ad#add-top-in]

Following are some tips to get rid of this hackers or hijackers activity.

Keep you password and username safe change it frequently only with strong password check your password with Microsoft

Keep your PC clean from viruses and spy-wares because there are chances to hijack your PC contents and login cookies etc. Scan your PC for viruses now with NOD32 Online Antivirus Scanner

Keep all folders and files permissions proper in your web hosting accounts/server. Never give full permission for the folders and files, that means read write and execute permission. If you are hosting sites in Linux platform never give 777 permission (read write and execute permission) to all members even for net users of file and folders. The preferred maximum permission is 755. This means write permission for root user and only read and execute permission for others.

There are many techniques used to hack/hijack the website

Cross Site Scripting (XSS)

SQL injection flaws

Site reconnaissance

Session hijacking

Application denial of service

Cookie/session tampering

To withstand from this you need “professionally well designed websites” and also powerful web sitefirewall at server end.

You need to choose good web hosting platform or company which provides good firewalls and Security. If you are going for Linux platform better to choose Grsecurity enabled kernel Servers; especially for shared hosting.

But not the least the best way to find the flow in website is by checking the web site stats all the day. By this you can find the links/URL which are not related to your website so that you can delete it before it spreads through search engines.

If some one reports your site having virus then its 99% sure your site home pages are having masked IFrames at the beginning or last lines of the page, which actually downloads virus file form some other server/site. You can fix it your self by editing your home page and removing the contents which looks like as shown bellow.

Iframe

These are some of the tips which really helps to protect yourself from Hackers and Malicious contents

Mozilla updated JavaScript security Flaw

mozilla

Mozilla updated JavaScript security issue in Firefox, Thunderbird and SeaMonkey.

Security problem in the JavaScript engine introduced a stability problem with the applications, where some users experienced crashes during JavaScript garbage collection. The Web browser developer said the fix is being issued to mainly address the stability issues and made a point of saying that there is no evidence that the issue is exploitable.
[ad#add-top-in]
The issue now fixed in Firefox 2.0.0.14, Thunderbird 2.0.0.14 and SeaMonkey 1.1.10. The applications are available for download from the developer’s Web site.

Symantec Confirmed The Flaw in Norton Security Applications

symantec

Symantec confirmed the flaws in most popular consumer security software that could give attackers the means to hijack the Windows PCs that the programs are supposed to protect.

The vulnerabilities are in an ActiveX control that ships with several products, including Norton AntiVirus, Norton Internet Security, Norton SystemWorks and Norton 360.

Ironically, Symantec analysts have both cited the popularity of ActiveX bugs and urged caution when using the controls in comments about other companies’ product flaws.

According to alerts released Wednesday by VeriSign Inc.’s iDefense, the ActiveX control “SymAData.dll” sports two vulnerabilities that could be used “to execute arbitrary code with the privileges of the currently logged in user” by attackers able to entice victims to malicious Web sites.

Symantec confirmed the vulnerabilities Wednesday in its own advisory, and said the buggy control has shipped with Windows versions of Norton AntiVirus 2006-2008, Norton Internet Security 2006-2008, Norton SystemWorks 2006-2008 and Norton 360 version 1.0.

While it acknowledged the bugs, Symantec also downplayed the threat, saying that attacks would only succeed from specially crafted sites. “To successfully exploit either vulnerability, an attacker would need to be able to masquerade as the trusted Symantec Web site, such as through a cross-site scripting attack or DNS poisoning,” read the company’s advisory .

Symantec has updated the affected consumer security software with new detection definitions designed to block any exploit of the ActiveX flaws, but will not automatically patch everyone’s copy of the flawed control.

“An updated (non-vulnerable) version of the AutoFix tool will be automatically installed if customers participate in an online Chat session with Symantec Technical Support,” Symantec said. Alternately, users can manually download and install a patched AutoFix from its Web site.

source:read

Stirling Microsoft Next-Gen Security Software Set to Announce

MS-logo Next week in San Francisco Microsoft’s unveiling next-generation of security software, code-named Stirling.

Over the past few months, Microsoft has quietly shown the software to a select group of users, but sources familiar with the company’s plans said that it will release a beta version of the code to users during the RSA Conference next Tuesday. Microsoft will allow attendees to “see new technologies,” including Stirling and the company’s next-generation Windows Server 2008 software, according to the conference agenda.

After running the product through beta testing phase, Microsoft expects to ship Stirling by the end of June 2009.

source:read

Security Researchers At Linux Role In Botnets Btudied

LINUX
Over two-thirds of the malware infections suffered by Sophos’s Linux honeypots involve Rst-B, which attempts to infect ELF (Executable and Linkable Format) binaries in the current working directory and in /bin, and to create a backdoor to the system.

it a six-year old Linux virus is still in circulation, and Sophos suspects the high uptime exhibited by servers (compared with the typical home or office Windows PC that spends much of the day switched off or asleep) makes them valuable to bot-herders as central control points.

Sophos has created a detection tool specifically for this virus, and encourages administrators to use it and then forward any infected files to SophosLabs for analysis.

“If you don’t find Linux/Rst-B on your system, it’s good news but obviously doesn’t mean that you are not infected with something else, said Billy McCourt, SophosLabs UK.

“I’d encourage you to at least do regular on-demand scans on your Linux box but ideally run an on-access scanner.”

A previous analysis by McCourt suggested that Rst-B infections are not being used by intruders to gain access to systems, rather they occur as a side-effect of already-infected hacking tools being downloaded onto servers once a foothold has been gained.

source:itwire 

Security Pros: Kill ActiveX

Acivex

A wave of bugs in the plug-in technology used by Microsoft’s Internet Explorer (IE) browser has some security experts, including those at US-CERT, recommending that users disable all ActiveX controls.

The U. S. Computer Emergency Readiness Team (US-CERT), part of the federal government’s Department of Homeland Security, put it bluntly in advisories posted in the last two days: “US-CERT encourages users to disable ActiveX controls as described in the Securing Your Web Browser document,” the organization recommended.

  • Vulnerabilities

US-CERT’s advice was prompted by multiple vulnerabilities in high-profile ActiveX components used by members of the popular Facebook and MySpace social networks, as well as users of Yahoo Inc.’s music services.

Three new vulnerabilities in the photo uploader software used by both Facebook and MySpace were disclosed Monday by researcher Elezar Broad, who on Monday also posted sample attack code for a pair of critical bugs in Yahoo’s Music Jukebox. Last week, Broad had pinned the Facebook and MySpace ActiveX controls with two other flaws. All five of the Facebook/MySpace vulnerabilities originated with an ActiveX control developed by Aurigma Inc.

As the number of vulnerabilities mounted, security professionals began ringing the alarm. On Monday, for instance, Symantec analysts urged users to “use caution when browsing the Web” and told IT administrators to disable the relevant ActiveX controls by setting several “kill bits” in the Windows registry.

  • Aggressive Security Tips

US-CERT, however, offered up more aggressive advice as it recommended users move IE’s security level to the “High” setting, which completely disables all ActiveX controls.

Setting IE’s security level to ‘High’ disables all ActiveX controls. To get here, select Internet Options from the Tools menu, then click on the Security tab. Click Internet at the top for the zone, then move the slider up to the maximum.

“That’s the easiest way to protect yourself,” agreed Oliver Friedrichs, director of Symantec Corp.’s security response group. “But it can also have an adverse impact on your browsing experience.” A compromise, said Friedrichs, would be to disable “only those plug-ins that pose a current and imminent threat,” such as the flawed ActiveX controls used by Facebook, MySpace and Yahoo.

Disabling individual ActiveX controls, however, requires editing the Windows registry, a task too scary for most consumers to contemplate.

 source:pcworld