EV1Servers Raises Prices on Domains and SSL Certificates

EV1Servers has raised its prices for domains and SSL certificates, rolling back its cut-rate pricing of third-party offerings in a bid to acquire new hosting customers.

The dedicated server provider raised its domain name prices from $5 to $6.49 per year, and increased the cost of GeoTrust QuickSSL certificates from $25 to 49.95. It also hiked the price on ChainedSSL certificates from FreeSSL, which were introduced two weeks ago at $10 but now sell for $19.95. EV1Servers' dot-com domain pricing had been the lowest among major hosting providers, a distinction now held by 1&1 Internet at $5.99 a year. EV1Servers remains one of the lowest priced providers, but the move marks an uptick after months of declining prices for domains.

Continue reading

Interview: Rackspace Co-chairman Morris Miller

Morris Miller joined Rackspace Managed Hosting in 1998 as chief operating officer, and now serves as Managing Director as well as co-chairman along with Graham Weston. Miller's primary focus is on corporate strategy, business development and M&A activity. He recently shared his thinking on key issue affecting Rackspace and the hosting industry.

Q: Rackspace considered going public prior to the downturn in the tech market. Is Rackspace still considering an IPO? What are the key factors for you in deciding whether and when to go public?

A: Fortunately, we are profitable and don't need to go public in order to fund our growth. Instead of focusing on an IPO, we concentrate on building our business for the long haul and creating the best hosting brand in the world. That said, an IPO is something we may consider in the future.

Continue reading

CAIDA: Data Confirms DDoS at SCO

A data-based analysis of SCO's web site by the Cooperative Association for Internet Data Analysis (CAIDA) has found that this week's outage was related to a distributed denial of service attack (DDoS). Data collected by CAIDA's Network Telescope indicates that the sco.com site responded to more than 700 million attack packets over 32 hours, according to the analysis.

"Early in the attack, unknown perpetrators targeted SCO's web servers with a SYN flood of approximately 34,000 packets per second," CAIDA said. "Together www.sco.com and ftp.sco.com experienced a SYN flood of over 50,000 packets-per-second early Thursday morning."

SCO's statement attributing its outage to a DDoS attack had been widely questioned following a critique of the SCO press release at the Groklaw web site. CAIDA has previously used its technology to document Internet traffic events including the Code Red and Slammer worms.

SCO web site downtime

A dynamically updating graph is available here.

IE Flaw Allows Spoofed URLs

A newly publicized bug in Internet Explorer shows that it is possible to craft html which causes Internet Explorer to display an incorrect URL in its address and status bars, making it easier for Internet fraudsters to trick web users into divulging critically important information such as their bank account details, while apparently interacting with a completely authentic URL.

The technique, which can be exploited by anyone with a rudimentary knowledge of HTML tags, is being demonstrated on several web sites. URLs with an '@' such as


[the text to the left of the @ in a url is taken to be a user account on the sitename which follows] are commonly used by fraudsters launching electronic mail fraud attacks on customers of banks and credit card companies.

In the example Explorer serves a page from the local server, while displaying the url as www.microsoft.com.

Microsoft's immediate response is to recommend that people only enter sensitive information on SSL sites, after checking the certificate details.

Mozilla [both Windows and Linux versions] displays the url correctly.

DDoS takes SCO Site down

SCO said its web site has been knocked offline by a distributed denial of service attack (DDoS), and remains unavailable more than eight hours after the attack began. DDoS Takes SCO Site Down

A dynamically updating graph is available here.

The site has been down since 4:20 a.m. Mountain Time (11:20 am GMT) , when it experienced "a large scale distributed denial of service (DDoS) attack," SCO said in a statement. The attack affected the company's web site, e-mail, intranet and customer support operations. SCO said it is working with its Internet Service Provider to restore the site to operation.

SCO is working with law enforcement officials and its ISP to gather information to help identify the origin of these attacks. The company said the DDoS, known as a syn attack, used "several thousand servers (that) were compromised by an unknown person to overload SCO's Web site with illegitimate Web site requests."

The SCO site was offline for more than three days in August, and cited a DDoS for that outage as well.

US Regulators Probe Security Lapses at Retailers

E-commerce providers that make customer data available to attack over the internet may find themselves open to enforcement actions by the U.S. Federal Trade Commission, which is stepping up its scrutiny of online retailers. In the most recent case, pet supply retailer PetCo disclosed that it is being investigated by the FTC after a security hole exposed 500,000 credit card numbers to the Internet.

The Petco case is at least the fourth instance in which the FTC has pursued enforcement actions against companies whose security and privacy practices fall short of assurances made to consumers. "Consumers have every right to expect that a business that says it's keeping personal information secure is doing exactly that," said Howard Beales, Director of the FTC's Bureau of Consumer Protection. "It's not just good business, it's the law."

Continue reading