Symantec has confirmed a flaw
in its firewall software products for Windows that could enable remote access or denial of service by attackers.
The company has released updates to fix the security holes, discovered by eEye Digital Security. Secunia termed the flow extremely critical because of the large installed base for the affected Norton Internet Security and Norton Personal Firewall products and the potential for the flaw to be exploited by an auto-propagating worm.
Despite the ease of repair (Symantec users can simply run the products' LiveUpdate auto-update feature), vendors expressed concern about the similarity to the mid-March revelation of a vulnerability in ISS' Black Ice products, which was exploited barely a day later by the Witty worm. That incident raised alarms about "zero day exploits" - attacks published the same day a security hole becomes public, leaving no time for network administrators to repair vulnerable systems.
A few weeks ago I wrote - a
little unfairly, perhaps - that blogs were "little more than personal Web pages". Of course, one
of the reasons some blogs are interesting is that they can be much more than that, providing
an alternative kind of online journalism that is often better informed and far more topical than
traditional publications. Moreover, the usefulness of such blogs is increased enormously
when news items are syndicated - made available as a feed that can be accessed on a
regular basis and displayed automatically on a subscriber's machine. By aggregating many
syndicated feeds it is possible to create a powerful form of constantly-updated, personalised
Like the basic blog format, syndication is not new. Its roots go back to one of the most
discredited ideas of the early dot-com days: push technology. Instead of visiting a Web site,
information was sent - pushed - to clients as a "Webcast". Unfortunately, the result was
something horribly close to television, complete with intrusive advertising. Worse, the model
employed by push pioneers like
Pointcast meant that corporate intranets were soon clogged with the constant and
redundant transmissions of multimedia content.
Active hacking attacks on CodeFish Spam Watch
have forced the site to pause its analysis of Internet "Phishing" scams. The site has documented the increasing sophistication
of the coding and techniques employed by phishers.
Codefish operator Daniel McNamara has spent the past week defending against the attacks. "As far as we can tell the site has not been compromised as yet," McNamara wrote Sunday, saying the hack attempts were "heavy and consistent" included "multiple cross-site scripting attacks as well as SQL injection attempts."
Digital vandals using distributed denial of service (DDoS) attacks are proving effective in driving e-commerce and security sites offline, and even out of business. The recent attacks show the DDoS becoming a potent weapon against sites with limited resources to defend their sites or pay overusage fees from attack-related bandwidth consumption.
Authorize-It, a Kentucky firm processing online credit card transactions, says it was knocked offline for a week by a DDoS extortion scheme. The attack occurred in mid-April, roughly the same time another online card processor, 2Checkout, was also hobbled by a DDoS blackmail plot. Both 2Checkout and Authorize-It serve the small business e-commerce market.
As a previous column noted, Google represents the culmination of the first Web search engine era. Its rise
was due in part to a reaction against the portals and their increasingly baroque
attempts to shoe-horn links to huge chunks of the Net into a single Web page. Google is
simultaneously the ultimate portal and an anti-portal, with a studiedly minimalist home page (even if the logo varies).
Google has entered the language, the souls and the bookmarks of the
world - probably most regular users of the Internet have made Google their browser's start
page. Already an essential part of our Zeitgeist, the question is: What new
Google will emerge in the wake of its IPO
later this year?
grew by more than 800 percent in April as it integrated the U.S. hosting assets of Cable & Wireless
, which it purchased in a February bankruptcy court auction for $155 million. The shift of more than 350k hostnames from C&W to SAVVIS is one of the largest distress sales to result from the collapse of the telecom/dot-com market.
But that huge block of hostnames doesn't equate to nearly that many accounts. Over 161K of those hostnames belong to Fabulous.com, and 60K to Domain Active. At the time of auction, C&W's 1,00 hosting customers included General Electric, Starbucks, Office Max, CBS Sportsline and Slashdot.
Top Hosting Providers By Growth, March 04 to April 04