Best Tips to Protect your Web Sites from Hackers and Malicious contents

Hack

The Web is scarier than most people realize, according to research published recently by Google.These Web-based attacks become much more common in recent years as firewalls and better security practices by Microsoft have made it harder for worms and viruses to directly attack computers. Nowadays about 1.3 percent of all Google search queries list malicious results somewhere on the first few pages.

Criminals are getting better at this kind of work. They have built very successful automated tools that poke and prod Web sites, looking for programming errors and then exploit these flaws to install the drive-by download software. Often this code opens an invisible iFrame page on the victim’s browser that redirects it to a malicious Web server. That server then tries to install code on the victim’s PC. “The bad guys are getting exceptionally good at automating those attacks,”

[ad#add-top-in]

Following are some tips to get rid of this hackers or hijackers activity.

Keep you password and username safe change it frequently only with strong password check your password with Microsoft

Keep your PC clean from viruses and spy-wares because there are chances to hijack your PC contents and login cookies etc. Scan your PC for viruses now with NOD32 Online Antivirus Scanner

Keep all folders and files permissions proper in your web hosting accounts/server. Never give full permission for the folders and files, that means read write and execute permission. If you are hosting sites in Linux platform never give 777 permission (read write and execute permission) to all members even for net users of file and folders. The preferred maximum permission is 755. This means write permission for root user and only read and execute permission for others.

There are many techniques used to hack/hijack the website

Cross Site Scripting (XSS)

SQL injection flaws

Site reconnaissance

Session hijacking

Application denial of service

Cookie/session tampering

To withstand from this you need “professionally well designed websites” and also powerful web sitefirewall at server end.

You need to choose good web hosting platform or company which provides good firewalls and Security. If you are going for Linux platform better to choose Grsecurity enabled kernel Servers; especially for shared hosting.

But not the least the best way to find the flow in website is by checking the web site stats all the day. By this you can find the links/URL which are not related to your website so that you can delete it before it spreads through search engines.

If some one reports your site having virus then its 99% sure your site home pages are having masked IFrames at the beginning or last lines of the page, which actually downloads virus file form some other server/site. You can fix it your self by editing your home page and removing the contents which looks like as shown bellow.

Iframe

These are some of the tips which really helps to protect yourself from Hackers and Malicious contents

The Web Is Scarier Than Most People Realize- Google

Hacker

The Web is scarier than most people realize, according to research published recently by Google.

The search engine giant trained its Web crawling software on billions of Web addresses over the past year looking for malicious pages that tried to attack their visitors. They found more than 3 million of them, meaning that about one in 1,000 Web pages is malicious, according to Neils Provos, a senior staff software engineer with Google.

These Web-based attacks, called “drive-by downloads” by security experts, have become much more common in recent years as firewalls and better security practices by Microsoft have made it harder for worms and viruses to directly attack computers.

In the past year the Web sites of Al Gore’s “An Inconvenient Truth” movie and the Miami Dolphins were hacked, and the MySpace profile of Alicia Keys was used to attack visitors.

Criminals are getting better at this kind of work. They have built very successful automated tools that poke and prod Web sites, looking for programming errors and then exploit these flaws to install the drive-by download software. Often this code opens an invisible iFrame page on the victim’s browser that redirects it to a malicious Web server. That server then tries to install code on the victim’s PC. “The bad guys are getting exceptionally good at automating those attacks,” said Roger Thompson, chief research officer with security vendor Grisoft.

In response, Google has stepped up its game. One of the reasons it has been scouring the Web for malicious pages is so that it can identify drive-by-download sites and warn Google searchers before they visit them. Nowadays about 1.3 percent of all Google search queries list malicious results somewhere on the first few pages.

Google’s Provos has this advice for Web surfers: Turn automatic updates on. “You should always run your software as updated as possible and install some kind of antivirus technology,” he said.

But he also thinks that Webmasters will have to get smarter about building secure Web sites. “I think it will take concentrated efforts on all parts,” for the problem to go away, he said.

source:pcworld 

Microsoft Web Ads Prototypes

Microsoft

Microsoft Corp.’s online advertising researchers will spend this year teaching computers to be smart about sticking ads into video clips, and to be even smarter about targeting ads to specific web surfers.

Microsoft showed off a handful of early-stage advertising projects at its headquarters Tuesday that may or may not turn up as part of Microsoft’s Web advertising platform.

The demonstrations come just days after Microsoft’s $44.6 billion bid for Yahoo Inc., which, if successful, will boost the software maker’s Web traffic and online ad revenue.

With its 2006 acquisition of aQuantive, the software maker gained a broader network of Web sites on which to sell ads, and tools to help marketers buy them.

A few of Microsoft’s projects were aimed at helping advertisers get better at reaching their ideal customers online, particularly using search keywords.

The company showed a dashboard advertisers could use to forecast the success of certain keyword advertising campaigns and a system it says will make it easier for advertisers think about key ideas, rather than hundreds of individual keywords.

But most of the adCenter Labs prototypes had little to do with search.

“Search itself gets a lot of attention because of Google,” said Tarek Najm, a technical fellow at Microsoft. “Advertising in search, as a result, gets a lot of attention.”

Najm said spending on search keyword ads will be dwarfed by what marketers spend on other types of online advertising, such as placement based on ‘audience intelligence’ and display ads including video.

Microsoft – along with Google and other competitors – is also hard at work on new ways for companies to advertise their brands to Web surfers watching video clips.

One crunched a clip, looking for the most appropriate stretch of time and spot on the screen for an advertiser’s ‘bug’, or logo. For example, if a car company wanted to show its logo for 10 seconds in the bottom right corner of the screen, the computer program would find the 10 seconds in which the logo interferes least with the action in the video.

Another used speech recognition to make a transcript of a video, then served up ads – in the demonstration, they were text links – alongside the video. As the topics discussed on screen changed, so did the ads.

The third program scanned a video for surfaces where ads or product images could be inserted later. The demo showed how the same frames could display a Coke ad one moment and a Pepsi ad the next, without having to reshoot the video.

Other experiments included an interactive shopping kiosk that used elements of Microsoft Surface, a next-generation touch screen, to show ads and coupons, and a computer program that helped marketers avoid accidentally putting their brand on a web page with distasteful content.

source:tech2