Interview: EV1Servers CEO Robert Marsh

As the CEO and "HeadSurfer" of EV1Servers, Robert Marsh has directed the Houston-based dedicated server company through spectacular growth. In our interview, Marsh shares his thoughts on EV1's success, the high cost of domains and SSL certificates, and the difference between "affordable" and "bargain basement."

Q. Last year was a huge one for EV1Servers, as your company had a big influx of new customers, rebranded itself, and wrestled with growing pains that tested your infrastructure. What was 2003 like for you?

A. 2003 was the best - and at the same time most difficult - year of my life. Our team made a long list of accomplishments: we began offering first cPanel, then Windows hosting, then domain registration and SSL certificates. We also overcame a lot of challenges. I'm particularly proud that not one customer suffered a single second of outage when a transformer explosion in June cut off our utility power for six days. Most importantly, 2003 made us a better company. We ended the year with a more secure network, a stronger and more experienced team, and a new data center whose first phase will see us through our next 12,000 servers. I think this puts us in a great position to make even more progress in 2004.

Continue reading

Microsoft has alternative site available, just in case

Microsoft has made an alternative web site available at https://information.microsoft.com. in case people experience difficulty accessing www.microsoft.com.

Although our measurement points have seen some requests to www.microsoft.com fail today - to put this in context, www.inetu.net, the top ranked hosting company site hasn't had a request fail in over two months - it's been pretty much business as usual for the web site to date, with most response times little different from any other day.

Windows computers infected with MyDoom.B are programmed to begin attacking www.microsoft.com today at 13:09:18 (UTC) and continue through March 1st.

Performance data for the sites involved in the MyDoom DDoS is available here.

New SCO site experiences outages and slow response times

Overnight, response times on www.thescogroup.com have become erratic, and the site has suffered over an hour of outages. Performance data for the sites involved in the MyDoom DDos is available here.

Additionally, www2.sco.com has been taken out of the DNS.

% host www2.sco.com
Host www2.sco.com not found: 3(NXDOMAIN)

Microsoft Issues Critical Update On URL Spoofing

Microsoft has issued a promised patch for Internet Explorer that addresses a URL spoofing flaw, as well as a critical security hole that could allow crackers to gain control of Internet-connected computers through Javascript links in web pages.

The latest IE update disallows the use of the "@" character in URLs, addressing a snafu which has helped phishing scammers to disguise the Internet address of a fake Web site. Once the update is installed, including the @ symbol in urls will return an "invalid syntax error" message. Internet scammers have been using @ signs in urls to trick bank customers into revealing their account details.

The latest patch also fixes a cross-domain scripting vulnerability in Internet Explorer, through which a remote attacker could bypass security measures that limit the commands that Web-based code can execute on a user machine. The flaw enables a link containing Javascript code to run commands in the Local Machine Zone with user privileges.

Netcraft has developed a service to help banks and other financial organizations identify sites which may be trying to construct frauds, identity theft and phishing attacks by pretending to be the bank, or are implying that the site has a relationship with the bank when in fact there is none.

Microsoft shorten www.microsoft.com TTL in anticipation of MyDoom.B payload

In anticipation of the MyDoom.B payload striking www.microsoft.com tomorrow, Microsoft have shortened the TTL [time to live] on the www.microsoft.com DNS entry to five minutes. Yesterday the TTL was set to just under an hour.

Essentially, Microsoft is accepting the significantly higher load on its name servers [outsourced to Akamai] as the premium of an insurance policy in the event that it wants to move www.microsoft.com very quickly.

In this regard Microsoft is being very circumspect towards the potential payload of MyDoom B virus, which anti-virus companies have tended to belittle. Of course, this may simply reflect the fact that Microsoft is directly at risk from the payload, while the anti-virus companies are merely informed bystanders, rather than Microsoft's view of the likely traffic levels being significantly different to the anti-virus companies' expectations.

Our expectation is that Microsoft will defend the payload from its own network, at least initially. If Microsoft does decide to deploy Akamai's http caching, this should not necessarily be read as an admission that its in-house infrastructure could not cope; it is more likely to be motivated by a public spirited desire to keep the traffic off the Internet's main arteries by absorbing the payload as close to the sources of the attacks as possible.

Continue reading

SCO to use new domain for the duration of MyDoom DDoS

The SCO Group, Inc. will use www.thescogroup.com as an alternate web site while www.sco.com remains under a denial of service attack from machines infected with the My Doom worm, the company said this morning. The URL is expected to serve as an interm site for SCO through Feb. 12, when the DDoS is expected to conclude. "SCO has developed layers of contingency plans to communicate with our valued customers, resellers, developers, partners and shareholders," asid Jeff Carlon, the company's director of worldwide IT infrastructure, who called the new domain "the first step" in its planning.

sco.com actually resolves to the same ip address as www.thescogroup.com.

% host sco.com
sco.com has address 216.250.128.21
% host www.thescogroup.com
www.thescogroup.com has address 216.250.128.21
%

Performance data on www.thescogroup.com is available now.