Redirect Worms Away

Written by Richard Lowe

My site is hosted on an Apache web server. Why is that? Because, in my humble opinion, Microsoft's IIS web server is in no way qualified to service internet web sites (it is excellent as an intranet and applications server, however). Another reason isrepparttar vast number of security issues that seem to pop up day after day.

In point of fact,repparttar 132109 Gartner Group has recommended "that businesses hit by both Code Red and Nimda immediately investigate alternatives to IIS, including moving Web applications to Web server software from other vendors such as iPlanet and Apache".

But what about those of us who are already hosting their sites on Apache servers? I've seen lots of articles about how to protect, detect, cleanse and preventrepparttar 132110 worms from attacking IIS servers. Whilerepparttar 132111 worms do not penetrate Apache security, they do cause damage.

Some ofrepparttar 132112 damage includes:Server logs get filled with junk - The Nimda worm alone created over 20,000 entries in a 2 day period in my log files.

The server is made very busy - This is especially true if you've got a custom 404 error page, as I do. This means that every timerepparttar 132113 worm attempts a penetration, then entire 404 page is returned (in my case, that's about 40k). That adds up to a lot of wasted bandwidth.

I thought about this issue for a while after examining my logs and seeing thousands of 404 errors from attempted worm penetrations. Surely there was a way to at least reducerepparttar 132114 impact of these things? As I sawrepparttar 132115 404 error count increase, I realized that a significant portion ofrepparttar 132116 bandwidth that I was paying for was being thrown away.

An examination ofrepparttar 132117 log files produced several thousand attempts at each ofrepparttar 132118 following URLs. Obviously each of these isrepparttar 132119 address of a possible weakness in an IIS server.

/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe /c/winnt/system32/cmd.exe /d/winnt/system32/cmd.exe /scripts/..%2f../winnt/system32/cmd.exe /scripts/..%c1%9c../winnt/system32/cmd.exe /scripts/..%%35%63../winnt/system32/cmd.exe /scripts/ .%%35c../winnt/system32/cmd.exe /scripts/..%c0%2f../winnt/system32/cmd.exe /scripts/..%c0%af../winnt/system32/cmd.exe /MSADC/root.exe

Web Legalities: Bandwidth Stealing

Written by Richard Lowe

Information (files) loaded to or from servers is called bandwidth. Every time you upload a file to your ISP, surfrepparttar web or download a video, you are using bandwidth.

Bandwidth is limited. Why? Because it actually is a bunch of wires or fibers connecting servers torepparttar 132106 global network. And wires can only carry so much data. When someone attempts to get more data than can be handled byrepparttar 132107 wire,repparttar 132108 transmission ofrepparttar 132109 data is slowed down.

Some ISPs limitrepparttar 132110 amount of data that a site can use during a particular time period. As an example, an ISP might limit you to 1gb of data per month for your flat fee, then charge you an extra $10 for each additional gigabyte. Some ofrepparttar 132111 more obnoxious ISPs actually just block transmissions whenrepparttar 132112 bandwidth is exceeded (effectively putting that site out of business for a time).

It's common practice to load most ofrepparttar 132113 images, sound files, videos and documents in your web on your own site. This excludes, of course, advertising banners which are rotated and some specific documents and images which are supposed to be loaded from a central location.

It's common among amateurs and beginners to link to images and other files directly to some other server instead of putting them on their local server. Sometimes they just don't know better, sometimes they are just lazy, and sometimes they've just run out of space at their free host.

Cont'd on page 2 ==> © 2005
Terms of Use