Web 'U' RSS Feeds
Archive for the ‘Web Security’ Category
Is Your Website Springing a Leak?
Imagine that you own a beautifully designed yacht. It looks great on the surface of the water, with superb lines, gleaming decks, a well-appointed galley… but you’re having real trouble getting out of the harbor and you can’t figure out why!
You investigate, and you find that beneath the surface your beautiful boat has a number of slow, silent, leaks. None of them are big enough to sink you on their own, so there’s no obvious immediate crisis – just a constant drain on your efficiency and your speed.
I’ve been reviewing Web traffic reports for over 10 years, and I believe that this analogy applies very well to almost all business websites. Very few sites are so terrible or have something so wrong with them that they’re clearly a disaster. Yet just about every site has some area where it’s quietly losing traffic, losing potential business or the opportunity to create relationships – or failing to attract visitors in the first place.
If you’re not regularly reviewing your traffic analysis, you can’t know for sure if your site is leak proof. In this article, I’ll show you a few of the most common areas where you can look for – and fix – those silent leaks:
1. Leaks in your Brand & Positioning
The excellent folks at MarketingExperiments online research laboratories have shown that clearly articulated and differentiating value propositions have a critical effect on Website conversion rates. (The conversion rate is the measurement of visitors fulfilling your desired outcomes – which might include calling you, buying a product at your site, signing up for your newsletter or blog feed, etc.) Your value proposition should be front and center on your home page. It should answer the classic question: “Why should we do business with you instead of your competition?”
Although this question isn’t a Web strategy issue in itself, it is one that many people struggle to answer. But the lack of a compelling opening message can be a major impediment to your online success.
How to check for this leak: Even if they don’t enter your site at the home page, most visitors who don’t know you will go there as the second page they look at to find out more about you and your business. If visitors are taking a quick look at your home page and then immediately leaving, something is wrong. Your copy is failing to pique their curiosity or to answer their questions: “Can this company meet my needs?” and “Should I explore further?” You have a leak!
2. Leaks in Visitor Engagement
Popular theory says that you have 10 seconds to engage a visitor – i.e. convince them to stay on your site before they click away in search of something more interesting.
While I don’t believe that it’s quite that simple, there are some definite ways to get rid of visitors fast before they’ve had a chance to really check you out. The best of these is probably the infamous splash page – the entry page to your site that your Web designer persuaded you to have because it “does cool stuff”. Hopefully there’s a “Skip Intro” button somewhere on the page! In all my reviews of traffic reports I’ve seen a consistent leak of up to 30% of visitors leaving from this page alone – before they’ve ever seen who you are or what you offer.
How to check for this leak: Easy – look for the splash page in your traffic reports and see how many visitors exit at that point. If it’s more than a small percentage, you have a leak – take the page out today!
The other major area where you should watch for leaks in visitor engagement is in what are called “landing pages”. These are inside pages of your Website which turn out to be the first page that a visitor sees, usually because you have some well-indexed content that they’ve found in a search engine.
Here it’s absolutely critical to understand the visitor’s mindset. Each visitor is at your site looking for something specific, they may well have found you by accident, so they may have no idea who you are – and worse, no interest in you.
The first page that they see on your Website must engage them immediately in accordance with their needs, and it must have enough context to draw them into other areas, and to want to find out more about you. It’s not enough to give great information on this page – they’ll soak that up, and then leave.
How to check for this leak: Hopefully your traffic reports are sophisticated enough to show you which keywords bring visitors to each specific page of your site. This shows you each visitor’s “mindset”.
If visitors are leaving a page very quickly, then it probably isn’t satisfying their informational needs, so you should review the content.
If visitors are reading the page (your traffic reports should show the time spent at each page) and then leaving, you’ve given them what they wanted but failed to draw them into the rest of your site. This can be fixed with more compelling navigation and calls to action.
Either way, you have a leak!
3. Leaks in Directions & Outcomes
I’m constantly amazed by the number of Web pages that give great information and content – and then just end abruptly – perhaps with some navigation tabs if you’re lucky!
Steve Krug in his excellent book “Don’t Make Me Think!” describes how crucial it is to direct visitors to the next step that you want them to take. If you don’t do this, and rely on your visitors to figure this out for themselves, there’s a strong chance that they’ll make a different choice than the one you want – or they’ll leave your site altogether, creating leaks in your potential revenue stream.
Every page of your site needs strong calls to action that stand out visually and click directly to where the visitor can fulfill the outcome that you want (e.g. “buy now!”, “sign up for our newsletter / RSS feed”.) Pages can have more than one call to action, and there’s nothing wrong with repeating them on longer pages so that they’re always within eyeshot.
And by the way, “Back to top” is not a call to action!
How to check for this leak: If your traffic reports show this information, look at the paths that visitors take through your site – where do visitors go next from each page? If many of them are exiting the site and / or they fan out across many pages with no clear pattern or direction, you have a possible leak.
4. Leaks in your Credibility Building
MarketingExperiments research has also shown that powerful, specific, and authoritative testimonials can have a major impact on your site’s conversion rates.
Consider this statement: “Documented results show that just a few hours with [ expert ] can increase lead generation by 125%”. Imagine how much stronger that assertion would be if there were some examples of the “documented results” and some customer quotes to that effect.
However, including a page on your site called “What Customers Say” doesn’t do it – I can safely say that visitors don’t go to those pages. And it’s not just traffic reports that tell me this – whenever I ask a live audience “Would you click this link?” there’s always a resounding “No!”
How to check for this leak: This is a much more subtle leak to detect, but it’s an important one. The question here is whether you are potentially losing business because your site fails adequately to establish your value and credibility.
My recommended approach is to review your site for credibility-building content such as client lists, testimonials and case studies. You need to spread your testimonials through your site, using short one or two line excerpts that are relevant to the content of each page – whether it’s about a product or a service, or the value of subscribing to your newsletter or blog.
Make sure that all of this material is linked to from other pages so that it’s easily found by visitors. If you then experience an increase in calls, or in the quality of your leads, then you might have just fixed a leak!
(0 Comments)
Outsourcing: Mistakes and How to Avoid Them
posted by Web_University @ 8:00 AM
Tuesday, November 29, 2011
Outsourcing: Mistakes and How to Avoid Them
As a busy Internet marketer, you will be most likely be swamped at some point with the amount of work involved getting your websites designed and online. You will be desperate to find quality help quickly.
* Some of the major tasks you have to deal with include:
1. Creating your own products to sell.
2. Marketing your products in ways that drive traffic to the site.
3. Building your online reputation and constantly networking to build your online presence…to name a few.
The truth is that you are likely to get buried in details and get lost along the way.
At some point, it might occur to you that you do not have much free time nor are you having much fun and you’ll start thinking that you are unable to work from home and tend to the other aspects of your life, like family and a job.
Overloaded to-do lists are a common problem with new marketers facing all the labor-intensive details you never thought about when you first got involved in creating an online income.
The most popular solution to this common dilemma is to outsource those tasks that you either do not have time to complete yourself or tasks that are not appealing to you.
* Outsourcing is transferring some of your tasks to external service providers
Those tasks can include:
1. Ghostwriting
2. Help desk management
3. Customer service
4. Site design
And that’s just a short list. Literally, it can include any task that you want to outsource.
It is very common in the information marketing niche to escalate viral marketing results with articles submitted to article directories or ebooks written by ghostwriters.
As in any business transaction, problems can arise and mistakes will happen. One of the most critical is lack of clear and frequent communication between you and your Outsourcer. You, as the client, have to make your goals and expectations very clear and ensure that you are being understood.
Since outsourcing often occurs with agencies that are located in countries other than your own, you must interview your prospective outsourcer as completely as you can.
Check the company or service agency just as closely. Look for online reviews of their service and get referrals, if you can. Additionally, its a good idea to ask for samples of their work.
Another problem that could cost you a lot of money is a poorly managed budget for the work you want done. Decide how much money you want to spend and make your budget accordingly.
Not all outsourcing contractors or service agencies follow the same payment plans for projects. Some charge by the project with a one-time payment, while others expect retainers on a time frame, like monthly for long projects.
There should be a specifically written contract with all expectations, delivery deadlines and payment schedules outlined in detail so there’s no angry misunderstandings later.
Another mistake you could easily make that would be a costly one would be to avoid building a relationship with the people tending to your business, particularly the business owner and the contractor you’ve hired.
When you are outsourcing you need crystal clear, two-way lines of communication. Although your contractors are working for you, do not make the mistake of treating them like normal emplyees.
You might not be their only client, which means they are not working exclusively for you. Setting up milestones for your project will help to keep you to keep track of your project’s progress as well as allowing you to keep an eye on any possible delays to the scheduled delivery date.
One final caution is to remember that you are hiring a professional to do a professional job for you and your business. When you have a contractor you can work with, use them for as many other jobs as they are qualified to do for you. They will know what you want and expect and you will know what type of support you will get in return.
When you establish a business relationship with a contractor, you might be able to negotiate lower rates if you are a frequent client.
If you’ve found a reliable Outsourcer that completes projects correctly and efficiently, be loyal and give them as much work as you can afford. Most likely you will also earn their loyalty…and, that’s a good thing.
7 Killer Ways To Make People Click on Your Ads
posted by Web_University @ 8:00 AM
Sunday, November 27, 2011
7 Killer Ways To Make People Click on Your Ads
Fed up with wasting money on ads that don’t work? Here are some killer ways to turn things around and get writing ads that pull in the clicks, visitors and sales in droves:
1. Reverse Psychology
This is where you encourage people to do the opposite of what you really do want them to. For instance, if you want them to sign up for your marketing newsletter say something like “If you’ve got all the sales, visitors and profits you need, don’t sign up for our SuccessNewsletter”. Just remember that people don’t want to be told what to do, or what not to do, so out of sheer cussedness, and a helping of curiosity they will click.
2. Use exciting and appealing words
People respond best to words that appeal to their emotions and to their desire for money, so use words that aim at these two aspects of the human psyche. Use words such as You, Ultimate, Free, Master, Power, Discovery, Easy, Guaranteed, Love, Money, New, Scientific, Profits, Proven, Results, Incredible, Discover, Breakthrough, Secret, Private, Cash, Shocked, Shocking, Revealed, Uncovered, Hidden, Exciting, Sizzling, Hot and so on. Be careful not to overdo it as less is more when it comes to emotive words.
3. Offer a discount
The Internet started out as the place to get things free. Usually this meant information in the early days, so capitalise on this basic human instinct of wanting ’something for nothing’ and offer your visitors a discount if they buy NOW! Alternatively off a free bonus. Make it compatible with the product you’re selling so that they both form a useful combo.
4. Include testimonials
If you have people write or email you thanking you for your product, get back to them and ask if you can quote them in your advertising. Mostly they will be happy for you to do so. This lets prospective buyers know that a real person has got a real benefit from your product or eBook etc. Don’t be afraid to ask for a testimonial. Send buyers a follow-up email to see if they have benefited from your product and ask them to tell you why (if they have). Testimonials are one of the most persuasive tactics there are.
5. Use a guarantee
Always use a strong guarantee in your ad. One guarantee you often see on downloadable products is ‘Try this eBook for 8 Weeks’ because this is now the length of time ClickBank will offer an automatic money back facility. Other payment providers may differ. Include the guarantee in your headline: ‘Our eBook Will Save You Money – Guaranteed!’
6. Tell your customers what to do
People will often act on an instruction such as ‘Click Here Now’. It may be stating the obvious but this is again the psychology of the prospect. They often need just that little nudge to make them take action.
7. State the major benefit of your product or website
Make sure you tell people what the major benefit of your product is. Even in a classified ad you must answer the question ‘What’s in it for me?’ With some products this is not difficult. For instance if you product is a cure for acne, make you can say something like ‘Our product can cure your acne in 21 days’. If you are selling something less obvious you could say ‘Our Nirvana CDs will soothe and relax you after a hard day’. Make it clear what benefit your product or website has to offer.
Now take a good look at your current ads and apply one or more of the tactics given above and you will begin to see some real results. When you do, why not email me and let me know? I like to get testimonials too!
Computer Virus: Remove The Dangers
Computer viruses have risen in the recent years and for some, the hassle of removing a particular nasty one is part headache and part frustration when it comes to protecting your computer. While there are several varieties of computer viruses, most of the solutions can be applied to nearly all. This article will give a brief description of the types of viruses you may encounter, the damage that can be done, and how you would go about getting rid of one.
A computer virus in the simplest of terms is a program that can move from computer to computer and has the capability of disrupting the daily operations of a computer. What makes viruses so intrusive and difficult is that there are a wide variety; there are worms, trojan horses, file infectors, boot infectors, etc. With the emergence of the Internet and the ability to go anywhere and be anywhere from the comfort of your home or location, the probability of becoming infected with a virus is very high.
Symptoms of a computer that may have a virus include slow performance, programs no longer working as they should or programs that were there are no longer (seemingly) installed, installed anti-virus programs no longer running or you’ve lost the ability to install any type of anti-virus program, etc.
It seems rather easy and simple to have a computer infected with a virus, but it is also easy and simple to get rid of one and making sure to lessen the chances of getting another. One important factor is making sure you have an anti-virus program. There are a variety, which can be free or for purchase; it is however the user’s choice and preference on which they feel will work for them. For free anti-virus, check out the popular Avast Home version or AVG; for paid, there is the popular McAfee and Trend Micro.
Do be careful in the selection of an anti-virus if you currently do not have one; one of the new types of virus are those that pretend to be actual anti-virus programs.
Things like Anti-Virus 2010 or PC Secure are NOT actual anti-virus programs; they are in fact rogue programs designed to take your money.
Once you have chosen an anti-virus program, make sure you run it immediately. If the program has a quick scan, run it to see if there are any infections on your computer. If it does find something, make sure you select any option that will delete the virus and its subprograms. When the scan is complete, run a full scan to make sure that any leftovers (or any that may have not shown in the quick scan) are caught. Make sure you also run any anti-spyware, anti-malware software that you have or obtain a copy of such a program. Many free programs include Search and Destroy, Malware Bytes, and Ad-Aware.
When it seems like everything has been caught, run any system updates, program updates to ensure that your system is current. Make sure that you are conscious of things that you receive through email or through downloads, as well as sites that you may browse.
Getting a computer virus is bad news for any computer, however by following the steps above, you will be able to remove any current viruses. The tip to make sure that you don’t get any other occurrences is to make sure that you keep your system and its programs current and up to date. Be wary of receiving emails from people you don’t know or attachments that look suspicious; be careful of downloads that seem sketchy; lastly, be careful of websites that you browse.
What do I do If my Windows Registry is Damaged?
posted by Web_University @ 8:00 AM
Sunday, November 13, 2011
What do I do If my Windows Registry is Damaged?
This question is asked by many people from all over. The registry is a complex storage system in all versions of Windows. Its easy to understand why so many people ask this. Educating yourself on how the registry works and how to properly maintain it is important to keep your PC functioning correctly.
The purpose of the registry is to store configuration settings for Windows operating systems. The operating system uses the registry to access vital information for software and hardware settings.
If the registry gets damaged or corrupt in can cause many frustrating symptoms. Also if the registry gets filled with too much information it can also cause these symptoms. The symptoms of a corrupt registry can vary depending on what is damaged in the registry. Slow startups, sluggish performance, annoying error messages, lockups and crashes are the most common. These can all get worse over time if not taken care of.
Your Windows registry can be damaged from installing and uninstalling software and hardware. Viruses and other malware can also cause damage to your systems registry. Regular use of your PC will eventually lead to registry issues as well.
There are several way of repairing or maintaining the Windows registry. Using a registry editor to manually change the registry is one way. This method is only recommended to users with PC repair experience. You can create problems and make issues worse. Another method is to just reinstall Windows. This should be used as a last resort as it can be a tedious process especially for someone who has never done it. Or you can use a highly rated registry cleaner to repair and maintain the registry.
The use of a registry repair tool makes it easy enough for anyone to repair corrupt registry and to properly maintain it. Used in conjunction with virus/spyware protection and disk defrag it makes it simple to keep your PC’s performance and reliability at 100%
Think of your PC as your car or even your own body. All 3 are complex machines that from time to time require repairs. You can go to a specialist which usually requires more money then most are willing to pay. Learn how the registry works and try and repair it yourself or use programs made to safely repair and maintain it with little effort.
Dedicated Server Provider Checklist
I recently read with interest an article on pcmag.com which gave advice on what to look for when buying a server. The comments were well thought through for those purchasing their own server – perhaps for installation into an on-site corporate data center. For those who need to rent a dedicated server from an external hosting provider, there are a few other important items to consider. The following is a list to refer to when contemplating selecting and using a dedicated server provider. Thanks go out to dedicated server provider 34SP.com for contributing expertise to this piece.
* Security
A top priority for those outsourcing their servers is security. The data and processes that are most frequently running on dedicated servers are mission-critical to businesses or contain highly sensitive corporate or consumer information. There are specific security requirements for the most sensitive data such as credit card transactions. For example, it is well known that to process credit cards one needs a secure certificate often referred to as an SSL certificate. Any hosting provider can accommodate this requirement, however, you will also want a hosting provider to be PCI compliant as well. You can read all the details on PCI compliance on the website of the PCI Security Standards Council. You can visit the TrustWave website if you need to buy an SSL certificate.
The other important security issues are based around malicious activity – someone hacking your server. No hosting provider or server will ever be completely immune to malicious activity. There are simply too many exploits, worms, DDOS attacks and brute force password hacks to thwart them all 100 percent of the time. That being said, you should select a dedicated server provider that is hyper vigilant to the security of your server and will jump in very quickly to resolve any issues. You can assess the company’s security preparedness by asking for an outline of their security practices and what steps they take in the event of an incident.
* Backups and Recovery
In the unfortunate event that your server is compromised at some point you will need to recover your data and processes quickly to minimize the damage. While every hosting provider touts their ability to backup and recover data, it is well worth your time to investigate these processes thoroughly. For example, how often are backups made? Also important – look for a company that has off site backups. This is important in the event of a facility emergency such as fire or flood. Your server and or hard drives may be damaged and if the backups are sitting right next to the server in the data center – then the backups may become corrupt as well. Then you are stuck. If the data is backed up off site then there is a much better chance that the initial disaster will not effect your ability to get your server back up quickly. Of course you will also want to create your own backups of your critical data and only rely on the hosting provider as a last resort. This gives you an added layer of redundancy.
* Connectivity and Reliability
If you have your own corporate data center, then all the myriad issues of Internet connectivity and reliability are covered. With an external dedicated server provider, however, the reliability of the server hardware is only as good as the reliability of the network and connectivity. That is – if your server is unable to connect to the Internet for any reason then your server will be down. Any decent dedicated server provider will use capable hardware and switches, so it is usually how the network is configured and traffic routing that makes a difference. There is also an issue of multiple redundant bandwidth providers, and the ability to switch seamlessly between them in the event of a connectivity disruption. To judge a service provider on this metric, look for third party independent measurements of uptime and reliability such as Netcraft.com. The company publishes a list of the most reliable websites each month as rated by connectivity failures from a network of collector sites distributed around the globe. You can also view a real-time list of hosting providers network performance. Be certain to select a dedicated server provider with a low failure rate for the network – otherwise your server will be subject to unwanted downtime.
* Server Maintenance
There are two types of server administrators: hands-on and hands-off. You should know which category you fall into. Your server will require patches and updates from time to time. The server will undoubtedly need rebooting occasionally. There will be rogue processes which need chasing down and correcting. Also as mentioned above, someone needs to be hyper vigilant regarding server security. If you are hands-on them you will be fine with an unmanaged server. The unmanaged server saves money in that the responsibility for the admin tasks lies squarely on the user. If you are hands-off then you need a managed server provider who will conduct the server tasks necessary for the proper maintenance of the server for you. With a managed server the monthly service fees may be slightly higher to account for an engineer’s time to maintain your server, however this frees you up to do other important tasks for your business. So in the end the costs are really not that different.
* Service and Support
The cornerstone of all the above considerations are the service and support provided by the Linux dedicated server provider. You are resting the future of your business in the hands of your hosting provider. You need to be confidant that they will come through for you during an emergency – and there will be an emergency. In fact, there will be many emergencies over the life of your server – some small and some more serious. It is imperative that the service and support are of the highest order. Look for having a 24 x 7 x 365 dedicated server engineer on call for your server at the other end of a phone call. You can assess the capabilities through online forums such as webhostingtalk.com or search for a provider’s name on Google or use a Twitter real-time search for the brand name.
Spamming Techniques That You Should Avoid
posted by Web_University @ 8:00 AM
Monday, November 7, 2011
Spamming Techniques That You Should Avoid
There are many ways to spam search engines and trick search engine spider to increase traffic to websites. Some of these popular methods are better known as ’search engine spamming.’ Let’s know more about these methods in order to gain clarity:
* Keyword Stuffing
It is commonly known as the repeated use of word or phrase in order to make a page look more relevant. There is a specific way of including keywords in a webpage. Determine your exact keywords and use them in different ways to include in the page.
* Invisible Text
In this method, spammers usually insert text that is a combination of repetitive use of keywords on a webpage. The main aspect of this kind of process is that it is discolored and make to look similar as the background color so as to making invisible for common users.
* Tiny Text
Many times, spammers use small font size to place their content. By doing so again and again, search engines may penalize the website.
* Page Spoofing / Meta Refresh / Redirection
This is a process that automatically redirects users to a newly developed webpage. Usually, spammers create a separate page for particular keywords. So, when users click on the link, it will lead users to a different page with very content with no relation with the mentioned keywords. Therefore, most search engines simply decline such pages.
* Meta Tag Stuffing
Usually, adding keywords to a webpage without putting in excess keywords is an accepted form of search engine popularizing. However, many people place high traffic keywords which are directly not related with a webpage in any way.
Common spam indexing techniques are content spam and link spam. Content spam may include: keyword stuffing, hidden or invisible, meta tag stuffing, gateway or doorway pages, scraper sites, article spinning. Link spam includes: hidden links, link building using automated software, page hijacking, cookie stuffing, Sybil attacks and link farms.
Other spam indexing techniques are cloaking, URL redirection.
3 Hidden Traffic Tactics
If you’re like me, then you’ve probably heard all about article marketing, SEO, video marketing, social bookmarking, press releases, blogging, etc…
They are the cornerstones of Internet Marketing. And they work. But sometimes don’t you just want to read about something new. I know I do. In fact, every time I discover a new traffic technique, it’s like opening a shiny new present on Christmas morning.
And I’m hoping I can give you that feeling with this article, because I’m about to reveal 3 traffic methods that you may not have heard of yet.
1. Download Sites
You can get thousands of visitors with download sites, even if you’ve never programmed a day in your life.
Here’s what I do. I take my articles and turn them into EXE files. This allows me to submit my article to hundreds of software directories, sending me hundreds of one-way links and visitors.
Now, here’s a quick tip on how you can use this technique to build your subscriber list quickly. Require people to register for your software (in this case your ebook is considered software) before they are able to read your ebook. This allows you to grow your list quickly simply by recycling your articles and turning them into EXE files.
You can turn your articles into EXE files using some free software called WebSiteZip Packer. This software will allow you to turn an HTML page into a solid executable file (.exe) with an integreated HTML browser.
Quick Tip: This is an excellent way to get hundreds of one-way backlinks by using those PLR articles you have laying around.
Since you’re converting the articles into software, you don’t have to worry about duplicate content. Just one of your plr articles can now generate you 100’s of one-way backlinks by converting it into software and submitting it to all the different software directories.
Here’s a list of some of the top download sites you can submit to:
Download.com
Tucows.com
Versiontracker.com
Jumbo.com
freedownloadcenter.com
regnow.com
regsoft.com
5star-shareware.com
shareit.com
topshareware.com
passtheshareware.com
sharewarejunkies.com
softpedia.com
shareware.com
Plus, Google loves these authority sites, especially Download.com. I’ve found many of my software titles ranking on the front page of Google with these high-authority download sites.
2. Get your articles into Google News
Google News has become very popular in the past couple years and can send you a ton of traffic. To get your article into Google news, all you have to do is get published on one of the many sites that is syndicated by Google News.
I personally use the American Chronicle.
You can sign up for an author’s account and start submitting articles. Once your article is published, it will be listed on 20 sites owned by the American Chronicle as well as Google News.
This strategy can send you a lot of traffic, especially if you use the right keywords.
3. Webwire.com
I have saved the best for last… Webwire.com is a hidden gem that I have been using to rank on the front page of Google within 24 hours.
Here’s a quick overview of how I am able to capture front page rankings…
First, I title my press release with the keyword phrase that I want to rank for. I have found that keyword phrases with a competition of less than 30,000 (in quotes) in Google rank really well.
I then make sure to include the phrase and variations in the first and last paragraph. Sprinkle it in but don’t go hog wild.
The Botnet Frenzy Requires Titanium Strong Internet Security
posted by Web_University @ 8:00 AM
Tuesday, September 27, 2011
The Botnet Frenzy Requires Titanium Strong Internet Security
A zombie is a computer that has been infected with malware, allowing an attacker to gain complete control which is a security threat. Tens of thousands of computers are infected with some type of botnet or ‘bot’ and computers that have been infected are generally referred to as ‘zombies.’
These criminals are able to access lists of ‘zombie’ PC’s and activate them to help execute denial-of-service attacks against various websites, host phishing attack sites or send out spam email messages. Trying to trace an attack back to the original source is useless. They will find a victim rather than the criminal because they are so clever.
How do you know if your computer is infected? If you notice anything odd as you are working, such as a slow computer or a computer that seems to slow down or crash for no reason, there might be some malware running in the background. You need to scan your computer with current versions of your anti-virus software, to detect malware. Zombies can be used extensively to send out email spam.
In fact an estimated 80 percent of all spam worldwide was sent by zombie computers. This is what enables spammers to avoid detection. Spam greatly furthers the spread of Trojan horse computer viruses, which rely on the movement of emails or spam to grow.
They can be used to conduct distributed denial-of-service attacks, where a large number of zombie computers make simultaneous requests of a website’s server with the intention of crashing the server thereby preventing legitimate users from accessing the website.
There is a variant of this type of attack known as distributed degradation-of-service. Committed by “pulsing” zombies, distributed degradation-of-service is the moderated and periodical flooding of websites, done with the intent of slowing down rather than crashing a victim site. The effectiveness of this tactic springs from the fact that intense flooding can be quickly detected and fixed, but pulsing zombie attacks and the resulting slow-down in website access can go unnoticed for months or years.
You should make sure to have the latest anti-virus software, install firewalls, and make sure you always delete suspicious email messages. Cloud technology automatically stops viruses and spyware before they reach your computer. This is a new way to protect your computer and it won’t slow you down.
Anti-virus software should have the following features:
- Only real-time updates to safeguard you from the latest online threats today and in the future.
- Easy on system resources so your PC runs faster.
- Is designed to be easy-to-use and understand with simple screens and graphical reports.
- It also should block spam.
- Has parental controls keep kids safe online.
10 Free Ways to Help Prevent Malware Threats
posted by Web_University @ 8:00 AM
Sunday, September 25, 2011
10 Free Ways to Help Prevent Malware Threats
It seems that every day there is a new virus, spyware or adware threat. What are you doing to protect your personal data and identity? Here are ten free ways which can help a home user can protect his/her personal computer from online malware threats.
1. Use anti-virus software, keep it up-to-date and run scans regularly
There are many choices of software out there some cost money others are free for home users. If you are a home user I recommend AVG Anti-Virus. AVG can be setup to update itself, scan incoming email for potential viruses as well as be set to run periodic scans. In other words, AVG does not require much user intervention at all. It has a clean, well laid out out user interface and is really quite simple to use.
To download AVG or view an entire list of free anti-virus applications go to our free anti-virus software page
2. Use anti-spyware software, again, keep it up-to-date and run scans regularly
My personal favorites in this department are SpyBot Search & Destroy, AdAware, Windows Defender and HiJackThis, all of which are free for home users. I have found that running Spybot Search & Destroy, AdAware and Windows Defender will pick up most, if not all spyware threats. For a more advanced tool you can use HiJackThis but I recommend finding an online forum where you can post your HiJackThis log so a professional can analyze the file and let you know what is safe to remove. I have used Spybot Search & Destroy, AdAware and Windows Defender to remove infections from many computers. Running these programs while in Safe Mode seems to be most effective. To learn how to start a computer in Safe Mode go here
To read more about the above mentioned free spyware detection/removal applications go to our free anti-spyware software page.
3. Keep your computer’s operating system up-to-date
If you are running Windows XP this is a fairly simple process using Windows build in feature called Windows Update:
a) Click on the “Start” menu and choose “Control Panel”.
b) Double-click the “System” Control Panel and click the “Automatic Updates” tab.
c) Put a check the box that says “Keep my computer up to date”.
d) Under “Settings” choose “Automatically download the updates and install them on the schedule that I specify”.
e) Now choose a convenient time for Windows to update your computer.
f) Click the “Apply” button and then click “OK” to close the window.
4. Do not open email attachments from unknown sources
Email is probably one of the most common ways to pick up a computer virus. Image this, an email comes into your inbox, it’s from an unknown sender but the attachment is called freemoney.txt.exe. You see the .txt file extention and think that the file must be safe because it’s only a text file so you decided to open the attachment. Within seconds your computer is infected by a Trojan virus, without your knowledge your computer sends a virus infected email to all of the contacts in your address book. As a result, your friends open the attachment, their computers get infected, they send the infected message to all the contacts in their address book and so on……In other words you computer can become part of the larger problem. This can be avoided by making sure that you know who is sending you the attachment and that the file is indeed safe.
5. Use passwords that are not easy to guess and change them frequently
Do not use your first name, phone number, dogs name etc.. as your password. Choose something that is unique to you. Use a combination of letters (both uppercase and lowercase), numbers, symbols and punctuation. if you can. For example using: ‘3eRz17b’ as a password would be more difficult to guess than ’spot’. Change your online banking passwords, computer login passwords and email passwords frequently. Keep your passwords safe and don’t write them down on paper and tape it to your computer monitor. . I know that this seems like common sense but I had to mention it.
6. Do not download free software unless you have verified that it is legitimate
There are many websites online that are simply there to infect your computer. If you see something that you want to download type the name into a Google search box and see what others have to say about it. Gather up a few sources and be certain that it’s safe to install. The time you take to verify the legitimacy of the software will probably much less than the amount of time and it would take to clean viruses and spyware from your computer.
7. Use a software firewall
A firewall is exactly what it sounds like – a barrier between your computer and the Internet but we are not talking about protection from fires! A good firewall monitors both incoming and outgoing network traffic. Windows XP and Vista both have built in firewalls but they only monitor incoming traffic. I recommend a program called Zone Alarm. Zone Alarm is free for personal use. It’s simple to configure and offers solid protection from unwanted Internet traffic. There are many other free firewalls out there. Read more about Zone Alarm and other free options here
8. Stay away from ‘questionable’ websites
Plain and simple, if you are going to visit ‘the dark side of the web’ you run the risk of infection.
9. Be wary of pop-ups
Do not click any button in the pop-up for example: do not use the ‘Close’ or ‘Cancel’ buttons, or the Close box that may appear in the upper-right corner of the window. Closing a pop-up in that way could potentially install a virus or other malicious software on your computer. To close a pop-up ad, press Ctrl-W.
10. Back up your data regularly
This is self explanatory, keep backups of your personal data. There are many cost effective ways to do this do some research and develop a plan to backup your data frequently preferably on some form of external media such as DVD, CD or external hard drive. For more on how to back up data see this tutorial.
Are Your Websites Secure Or Is The Back Door Wide Open?
posted by Web_University @ 8:00 AM
Friday, September 23, 2011
Are Your Websites Secure Or Is The Back Door Wide Open?
One of the topics that all of us online business people are aware of but usually don’t feel totally on top of is website security.
Coming from a background of having spent over 20 years in the U.S. military, and having spent four years as a software tester, I have a greater awareness of the need for continuous vigilance in this area than your average marketer.
I also know that you can never make your websites or your computers completely secure. Instead, you can only do things that reduce the risk.
Given that you spend a lot of time, money, and energy, building your online business, it only makes sense that you set aside time periodically to review security related issues, and to look for problems that can be easily minimized.
Here are a few easy “fixes” that you can implement today that will increase the security of your online business.
1) Delete outdated scripts that you no longer use from your server. Many of “the bad guys” have studied the exact same scripts that you use to power your websites, and they know where the backdoors and vulnerabilities are. They know exactly which file will allow them to create all kinds of havoc.
If you have old programs on your server that you are not using, simply delete them.
2) Update older scripts that you are using. Often, the reason that updates are released for a script IS to patch a vulnerability that the developer has become aware of.
YES, upgrading can seem time consuming, and it can be tempting to skip an update, and just wait for the next one. When you wake up one day and can’t access your server, or all of your websites have been defaced or erased, you’ll see the wisdom in ALWAYS keeping the scripts powering your websites completely updated.
If you are as non-techie as I am, you simply hire a trusted programmer to perform this task.
3) Change the default setting when installing scripts on your servers. Many scripts have default passwords, and default locations for critical directories that make these scripts work flawlessly. Since everyone obtaining a copy of these script have these settings, you probably want to change them, and you also may want to rename certain directories.
4) Secure your web logs. Many web hosts have a standard location for the website’s logs and statistics on each hosting account. The files that allow you to access, read, download, and manipulate this data often aren’t secured. At a minimum, password protect that directory.
The danger in someone readily accessing your logs is that they can see the names and paths of the files on your server, including your download pages and the file names of files that may actually be for sale products 
There are not only people who search on your product name, looking for unsecured files – there are also people who enjoy posting those links on sites where this type of information is shared.
5) Put an index page in every directory on your server. If someone surfs to the domain name of one of the directories on your server, and there is no index page in that directory, they will get a directory tree… showing them all of the files in that directory, and allowing them to simply click in a given file name to access it.
Servers can be configured to prevent this, but for many people, the quickest and simplest way to protect their directories from prying eyes is to stick an index page in each directory.
6) Give your download pages hard to guess names. Don’t use urls like YourDomain.com/ProductName/download.html Instead you want to give download pages names comprised of a random sequence of letters and numbers, perhaps stick them in directories not even associated with a given product, or use a “download guard-type” script that gives each customer a unique download link and protects your files.
3 Critical Alerts Regarding Your Website Legal Forms For Privacy and Data Security
posted by Web_University @ 8:00 AM
Wednesday, September 21, 2011
3 Critical Alerts Regarding Your Website Legal Forms For Privacy and Data Security
Website privacy and data security violations continue to be the most critical legal concern for webmasters of software-as-a-service (SaaS) websites and ecommerce websites.
Just think about it – most marketing practices involve capturing data, including personal information about prospects, and using this data to market products or services.
How you collect, store, use, and share this information is now highly regulated, not only by the Federal Trade Commission (FTC), but also by various states. What you say in your website legal forms, website legal documents, and privacy policies is critical.
Three recent legal developments illustrate why webmasters of SaaS websites and ecommerce websites should monitor and stay current with these developments, or suffer severe consequences.
* New Massachusetts Data Security Statute
Effective March 1, 2010, the Commonwealth of Massachusetts requires new data security requirements for personal information of Massachusetts residents (201 CMR 17.00). The new requirements apply to all persons or businesses that “own, license, store or maintain personal information about Massachusetts residents.
“Personal information” includes a Massachusetts resident’s name if linked to his/her social security number, driver’s license or state ID card number, or financial account/credit/debit card number that would allow access to the resident’s financial records.
If you’re regulated by the new statute, you’re required among other things to develop and maintain a data security policy and to require encryption “to the extent technically feasible” of the storage and transmittal of personal information regardless of whether the storage is electronic or the transmittal is by portable device (laptop or handheld device) or over public networks or the Internet.
Penalties and fines for violations are $100 per person affected with a maximum cap of $50,000.
* FTC Issues Guides for Peer-to-Peer Networks
On February 22, 2010, the Federal Trade Commission (FTC) announced that it had notified almost 100 organizations — including large and small private and public companies, schools, and local governments – that their customers’ or employees’ personal information was vulnerable on peer-to-peer (P2P) networks.
The FTC was concerned that P2P networks operated by these organizations may inadvertently be providing an opening for unintentional access to personal information. According to FTC Chairman Jon Leibowitz, “Companies should take a hard look at their systems to ensure that there are no unauthorized P2P file-sharing programs and that authorized programs are properly configured and secure.”
In addition to the notification letters, the FTC issued a guide on its ftc.gov website entitled “Peer-to-Peer File Sharing: A Guide For Business”. The guide provides data security recommendations including identification of security risks and steps to protect personal information from unauthorized access on P2P networks. are no unauthorized P2P file-sharing programs and that authorized programs are properly configured and secure.”
* ControlScan CEO Pays $102,000 in FTC Settlement
On February 25, 2010 the FTC announced a settlement with ControlScan.com of FTC charges that ControlScan had misled consumers about how often ControlScan monitored websites, including steps taken by ControlScan to verify the websites’ privacy and security practices.
The founder and former CEO of ControlScan entered into a separate settlement requiring him to pay $102,000 in ill-gotten gains.
Privacy and security certification programs such as ControlScan are used by webmasters to provide assurance to consumers regarding how the website treats the privacy and security of personal information. The FTC alleged that ControlScan provided its certifications to websites with “little or no verification” of their privacy protections.
Most of these website documents and legal forms should be posted on the website, and therefore would be visible to any potential joint venture partner checking out your website.
This case underscores how seriously the FTC views privacy and security of personal information stored on websites, as well has how closely the FTC is observing representations regarding privacy and security. The FTC is on the lookout not only for websites that misrepresent what they do regarding privacy and security, but also what certification websites represent that other websites do about privacy and security.
* Conclusion
The worst mistakes a n ecommerce webmaster can make is to have “borrowed” a privacy policy from someone else or to have an outdated privacy policy that either does not make the required disclosures or misrepresents what the website does regarding privacy and security.
PCI Compliance and the New PA-DSS: Vital Information for Online Storeowners
A) Confusion Runs Rampant
Many folks in the e-commerce industry have found themselves scratching their heads in confusion over the new PCI PA-DSS (Payment Card Industry, Payment Application – Data Security Standard) rules and guidelines. PCI Compliance has never been an easy topic to wrap one’s head around and the new DSS is starting to cause panic among some involved in businesses that operate online. The July 1, 2010 compliance deadline is looming and many payment applications are still not DSS certified.
This is not good news for anyone involved in the e-commerce sector. There is no set punishment established for non-compliance with the new PA-DSS. If an online storeowner is found to be non-compliant then they will likely be charged increased merchant fees and penalties, face hefty fines and in some cases have their merchant account or even their entire website terminated.
Most of the confusion and controversy revolves around who exactly needs to comply with the new DSS. The answer to this is somewhat complex but the primary rule of thumb is that if your store processes credit cards online then you need to use a shopping cart that is PA-DSS certified in order to be PCI Compliant.
As an e-commerce merchant, vendor or retailer (those operating a business online), it is your duty to ensure you are utilizing fully PCI Compliant Hosting and that your shopping cart application is PA-DSS certified. If either your host or cart is not compliant with the PCI than your site is in trouble. Many carts and other merchant service providers are still shuffling to get scanned and added to the list of compliant applications before the July deadline.
If you are in the market for new shopping cart software than you do not want to use a program that is non-compliant with the PCI or PA-DSS. It is not worth losing money or possibly your business over something so simple to remedy. The responsibility falls on you – the storeowner – to find a host and cart that are compliant with the PCI and to fulfill the required network scans and questionnaires.
B) PCI Compliance vs PA-DSS: What’s the difference?
The PA-DSS (Payment Application – Data Security Standard) applies to products that are distributed as applications that people can purchase and then do whatever they wish. For example, this applies to shopping cart programs and e-commerce solutions. The DSS started as the PABP (Payment Application Best Practices) by Visa before becoming affiliated with the PCI Security Council, which represents all five major credit card companies. In order to be PCI Compliant you must be on a DSS certified application. In other words, your cart must be compliant.
PCI Compliance is a broader set of rules and guidelines. The PCI Compliance rules are the standards for the way in which credit card transactions and other confidential information is processed online.
As of July 2010, both PCI and PA-DSS Compliance are necessary for a site that accepts credit card payments. The PCI applies to all e-commerce businesses, web hosts, shopping carts, payment gateways and merchant account providers. When a company becomes DSS certified they are then added to Visa’s list of compliant companies. The PCI Compliance rules are the standards for the way in which credit card transactions and other confidential information is processed online.
In order to be fully PCI compliant with the new PA-DSS, level 4 merchants must be running compliant applications on their site (such as their shopping cart). Their web hosts must also be PCI compliant by using properly encrypted networks, regularly updating their anti-virus software and performing regular system scans.
There are a number of PCI scanning companies approved by Visa and MasterCard that will help small merchants pass PCI audits and complete the PCI questionnaire in order to show PCI compliance. Being fully PCI and DSS compliant is like having an insurance policy in the event of a security breech.
Antivirus Protection from the Power of the Cloud
posted by Web_University @ 8:00 AM
Tuesday, May 3, 2011
Antivirus Protection from the Power of the Cloud
Computer netbooks offer an affordable entry into portable computing especially for buyers with tight budgets.
Basically, netbook users do not want to be frustrated by a slow computer while browsing the Internet or when sending or receiving email. In addition, these lightweight computers are most often used to surf the Internet and many people may not be aware of precautions they need to take to protect themselves against online threats.
Sophisticated netbook users often shut down critical security programs to boost speed of their computer. Despite its sophisticated cloud technology security, anti-virus and anti-spyware for netware must be light on the device’s memory, and run in the background, providing comprehensive, up-to-date protection against online threats without slowing down the system.
In-the-cloud computing technology has been compared to the early proliferation of electricity. Homes, towns, and businesses did not want to rely on their own source of power. They began connecting into a greater power grid, supported and controlled by power utilities. And so along with this utility connection came time and cost savings, in addition to greater access to, and more reliable availability of power.
In-the-cloud computing has evolved through a number of phases including grid and utility computing, application service provision (ASP), and Software as a Service.
Delivering computing resources through a global network was a concept rooted in the sixties by.C.R. Licklider, who was responsible for enabling the development of the Advanced Research Projects Agency Network in 1969.
Furthermore, much like what we call cloud computing today, Licklider’s vision was for everyone around the world to be interconnected and accessing programs and data at any site.
Since that time, cloud computing developed progressively, and since the Internet, only started to offer significant bandwidth in the nineties. That’s why there are other key factors that enabled cloud computing to transpire. This includes the maturing of what is known as virtualisation technology. This is universal high-speed bandwidth and software interoperability standards. This is why cloud computing for the masses has taken time, with the most recent being for Web 2.0.
The industry analysts appear to all be in support of next generation cloud computing, also known as private clouds, public clouds, and hybrid cloud environments. The latest technology called cloud computing is transforming today’s computing for a better future in the clouds.
This exciting new in-the-cloud-client content security infrastructure, is designed to block Internet security threats before they reach users. It’s protection while reducing reliance on time-consuming signature-downloads. By combining Internet-based or “in-the-cloud” technologies with smaller, lighter-weight clients, users will have immediate access to the latest protection wherever and however they connect – from home, or when on the go anywhere.
Cloud technology helps automatically stop viruses and spyware before they reach your computer, so it won’t slow you down – it’s a whole new way to protect your computer.
This means that real-time updates keep your PC protected from the latest online threats. This Internet security technology is light on your system resources so your computer runs faster.
Twitter Case Provides Critical Lessons in Administrative Security
posted by Web_University @ 8:00 AM
Thursday, April 28, 2011
SaaS-eCommerce Sites: Twitter Case Provides Critical Lessons in Administrative Security
In June, 2010, the Federal Trade Commission (FTC) settled charges that Twitter’s micro-blogging site had engaged in lax security practices that amounted to “unfair and deceptive trade practices”.
While previous cases brought by the FTC for lax security procedures focused on lax electronic controls, the Twitter case focused on lax administrative controls. Webmasters of SaaS and ecommerce sites who fail to learn and apply the critical lessons of the Twitter case do so at their peril.
- Twitter Case Facts – Two Hacks
The FTC’s complaint against Twitter alleged that lax administrative controls for data security permitted at least two hackers to acquire administrative control of Twitter resulting in access to private personal information of users, private tweets, and most surprising – the ability to send out phony tweets.
Here’s how the hackers got access to Twitter. According to the FTC, hacker no. 1 was able to hack in by using an automated password guessing tool that sent thousands of guesses to Twitter’s login form. The hacker found an administrative password that was a weak, lowercase, common dictionary word, and with it the hacker was able to reset several user passwords which the hacker posted on a website that others could access and use to send phony tweets.
Hacker no. 2 compromised the personal email account of a Twitter employee and learned of the employee’s passwords that were stored in plain text. With these passwords, the hacker was then able to guess the similar Twitter administrative passwords of the same employee. Once into Twitter, the hacker reset a user’s password and was able to access the user information and tweets for any Twitter user.
- Twitter Settlement Lessons
The FTC noted that Twitter’s website privacy policy promised: “We employ administrative, physical, and electronic measures designed to protect your information from unauthorized access.”
Focusing on Twitter’s administrative controls (more accurately on the lack thereof), the FTC alleged that Twitter failed to take reasonable steps to:
* Require employees to use hard-to-guess administrative passwords that they did not use for other programs, websites, or networks; * prohibit employees from storing administrative passwords in plain text within their personal e-mail accounts;
* Suspend or disable administrative passwords after a reasonable number of unsuccessful login attempts;
* Provide an administrative login webpage that is made known only to authorized persons and is separate from the login page for users;
* Enforce periodic changes of administrative passwords, for example, by setting them to expire every 90 days;
* Restrict access to administrative controls to employees whose jobs required it; and impose other reasonable restrictions on administrative access, such as by restricting access to specified IP addresses.
* The FTC settlement included (among other things) the requirement that Twitter set up and manage a comprehensive data security policy that will be reviewed by an independent auditor periodically for ten years.
- Conclusion
The FTC represents consumer interests to prevent fraudulent, deceptive, and unfair business practices. Privacy and data security have been high-priority issues for the FTC, as evidenced by the 30 cases brought over the last few years for lax data security practices.
In its investigations of data security cases, the FTC looks at 2 standards:
* What the FTC considers as “standard, reasonable” security procedures, and
* What a website’s privacy policy promises to consumers regarding data security.
If the website’s actual data security practices do not measure up to either of these standards (a worst-case scenario would be the failure to measure up to both), the FTC concludes that the website has engaged in lax security practices that amount to “unfair and deceptive trade practices”. A complaint and costly lawsuit may follow.
The reason that the FTC publishes the results of its settlements is to provide lessons to others regarding what the FTC regards as an “unfair and deceptive trade practice”.
Do you know if your site measures up to the two standards?
The Botnet Frenzy Requires Titanium Strong Internet Security
posted by Web_University @ 8:00 AM
Monday, January 24, 2011
The Botnet Frenzy Requires Titanium Strong Internet Security
A zombie is a computer that has been infected with malware, allowing an attacker to gain complete control which is a security threat. Tens of thousands of computers are infected with some type of botnet or ‘bot’ and computers that have been infected are generally referred to as ‘zombies.’
These criminals are able to access lists of ‘zombie’ PC’s and activate them to help execute denial-of-service attacks against various websites, host phishing attack sites or send out spam email messages. Trying to trace an attack back to the original source is useless. They will find a victim rather than the criminal because they are so clever.
How do you know if your computer is infected? If you notice anything odd as you are working, such as a slow computer or a computer that seems to slow down or crash for no reason, there might be some malware running in the background. You need to scan your computer with current versions of your anti-virus software, to detect malware. Zombies can be used extensively to send out email spam.
In fact an estimated 80 percent of all spam worldwide was sent by zombie computers. This is what enables spammers to avoid detection. Spam greatly furthers the spread of Trojan horse computer viruses, which rely on the movement of emails or spam to grow.
They can be used to conduct distributed denial-of-service attacks, where a large number of zombie computers make simultaneous requests of a website’s server with the intention of crashing the server thereby preventing legitimate users from accessing the website.
There is a variant of this type of attack known as distributed degradation-of-service. Committed by “pulsing” zombies, distributed degradation-of-service is the moderated and periodical flooding of websites, done with the intent of slowing down rather than crashing a victim site. The effectiveness of this tactic springs from the fact that intense flooding can be quickly detected and fixed, but pulsing zombie attacks and the resulting slow-down in website access can go unnoticed for months or years.
You should make sure to have the latest anti-virus software, install firewalls, and make sure you always delete suspicious email messages. Cloud technology automatically stops viruses and spyware before they reach your computer. This is a new way to protect your computer and it won’t slow you down.
Anti-virus software should have the following features:
- Only real-time updates to safeguard you from the latest online threats today and in the future
- Easy on system resources so your PC runs faster.
- Is designed to be easy-to-use and understand with simple screens and graphical reports.
- It also should block spam.
- Has parental controls keep kids safe online.
A Brief History of Spyware
“Spyware” has evolved in the cyber era as the most dangerous, damaging and menacing technological appliance in current history. It is no aggravation of statement that if you are linked to the Internet, there’s every chance of being affected by this nuisance. So, it is a good time for us to possess a peripheral view about “spyware”.
It was on 16th October 1996, when the word “spyware” was used in the public for the first time. It appeared on the Usenet. Basically it was on an article sarcastically aimed at the business strategies of the global leader Microsoft. Later still, around about the year 1999, its usage was synonymous to spy equipment like microphone bugs or miniature cameras. Later that year in a press release of Zone Alarm Personal Firewall by the Zone Labs Company it was used in the meaning we know it today.
The word “spyware” was an instant hit in the mass media and among the general mass and soon after in June 2000, the first anti-spyware application OptOut was released by Steve Gibson. Gibson planned to market its OptOut for a very competitive price but they faced tough competition from Lavasoft, around the middle of 2000 with their free anti-spyware software version 1.0 offered absolutely for free. Lavasoft’s application was more competent as a spyware removal component and already was performing multi-tasking applications. As a result Gibson had to abscent himself from the race leaving their OptOut with no more development. Nevertheless, OptOut could be termed as the pioneer of anti-spyware applications.
It must be stated that the term “spyware” yields a bit of confusion. Though the word renders a notion of information being send back to certain individuals, not all spyware applications may perform this job. Many computer personnel dealing with data security management prefer the word “malware” in place of “spyware” as it indicates a software that is particularly detrimental to the computer system. Another word “adware” is also popular to specify software applications like keyloggers and Trojans, which are nothing but “spyware” in usage.
According to a once celebrated cyber report, an explicit spyware application was put forward to numerous internet users under the covering of a free, exceedingly user friendly and a mass alluring game software named “Elf Bowling”. This occurrence took place in around the 1999s. At present, and in general, the Windows operating system is the more favorable target of the spyware applications.
A few of the most iniquitous spyware programming are Xupiter, Gator, XXXDial, DirectRevenue, Euniverse, CoolWebSearch, 180 Solutions, Bonzi Buddy and Cydoor. One thing is to be noted. All these applications attack only Microsoft Windows operating systems. Platforms like Linux and Mac OS X are never ever reported to be affected in anyway by these spyware applications.
In October 2004, America Online and the National Cyber-Security Alliance performed a survey. The result was startling. About 80% of all internet users have their system affected by spyware and about 93% of spyware components are present in each of the computers and 89% of the computer users were unaware of their existence. Out of the affected parties almost all, about 95% confessed that they never granted permission to install them.
Legally speaking, spyware cannot be entitled as a virus as it never replicates itself. As a result it remains undetected when anti-virus applications are used. What’s more, you actually agree to be spied upon while you click the ‘I agree’ button on the screen while you install software which contains spyware files (often bundled in). Unfortunately, people rarely read end user licence agreements while downloading and, if they were to read them, the documents are written in legalize. People never refer to a lawyer while doing such things as downloading or installing.
To safely enumerate what spyware actually is, we can easily quote what Dick Hazeleger, famous for his “Spyware List”, said, “Spyware is the name which was given to software that – without the user of the program knowing that the software performs this kind of action – traces the user’s usage of the internet and sends this information – again without the user knowing this is happening – to a computer (”Server”) designated by the developer of the Spyware software. By performing these actions, detailed user profiles may be collected – without the user’s knowledge and approval – which then can be used for commercial or other purposes. By gathering and sending this information both resources on the user’s computer as well as bandwidth on the Internet is abusively used, not to mention the breach of privacy such a User profile would be.”
The state of Utah has already gone a step ahead of others and announced that several tasks performed by spyware would be strictly proscribed. Even the US Congress is preparing to follow the same line of operation. House Resolution 2929–the Spy Act has been prepared to control this menace.
This is what Utah’s antispyware law, the Spyware Control Act, has to say, “… we would not consider any application that uses pop-ups, is distributed through file sharing such as Kazaa or is not removable. Beyond that, we would look for applications that provide consumers value and would be installed on their own if people knew about them. The aggressive tactics of some advertising-supported software has given the whole sector a bad name. But if the software is fully disclosed and doesn’t rely on intrusive methods such as pop-ups, the consumer should have a choice to view ads in return for software. What’s more, the developer should have a right to make money. Beyond these guidelines, the legal risks and moral problems become clear, and legitimate businesses should stay away from these practices.”
At present Microsoft can champion about its anti spyware application release and it is mandatory for the software developers to be certified by the International Charter as Spyware Free.
What Can We Do About Spam?
I receive approximately 5,000 emails containing spam each and every day. Well, maybe not that many, but it sure seems like it. Spam is spiraling out of control and shows no signs of stopping. The question is, where does spam come from, and can you do anything about it?
Most of the spam I receive in my inbox is sexually explicit, but I still like to look at it because some of this junk is actually quite entertaining. My personal favorites are offers to purchase discounted Canadian Viagra, ads for pornographic websites, and bogus work-from-home programs.
How do these people get their grimy hands on your email address? One way they can get it is through opt-in email. When you order something online, as part of the subscription or service that you signed up for, you may have inadvertently agreed to receive offers via email from that company in the future.
As a result, said company adds you to their mailing list and begins to send you email. This is perfectly legal as long as the company provides you with a way to unsubscribe from their mailing list. If they do not provide you with a means to unsubscribe, then the emails they are sending you are considered spam.
To make matters worse, a spammer will sell your email address and any other information you submitted to them to hundreds or even thousands of other companies who are looking for leads. Before you know it, your email address has been circulated everywhere. Once this happens, there is almost no way to prevent spam from reaching your inbox.
Another common way your email address can end up on a mailing list is when an internet marketer purchases a list of email addresses from someone else, and then sends a joke or an interesting cartoon to everyone on that list and asks you to forward it along to all your friends and relatives.
Once you forward the message, the email has a program attached to it that will copy the list of addresses that the message has been forwarded to and send that list back to the person who originally sent you the email. So now, that person not only has your email address, but also has the email address of everyone you forwarded the message to.
Another popular technique is known as harvesting. This is accomplished by writing a simple retrieval program that searches through every web site listed on a search engine for a certain keyword, and then grabs any any email addresses that are posted on those sites, and subsequently sends them back to the harvester. Using this technology, it is possible to acquire thousands of email addresses in an hour or less.
Harvesting has become a legal dilemma. The email marketing community feels that they should be allowed to harvest email addresses that are posted on public websites. In their opinion, if someone has posted their email address for all to see, then other people have the right to contact that person and ask them questions or send them offers.
However, web sites where email addresses are posted have threatened legal action against anyone that harvests email addresses from their site and uses them to build spam lists. Unfortunately, these web sites really have no way to prevent this, and it will only get worse in the future.
We will never stop spam completely. Both big businesses and small businesses have a strong incentive to send bulk email, because it costs nothing, and is a valuable tool for increasing their customer base. Sending regular mail or hiring a telemarketer costs a lot of money and is extremely ineffective. As a result, most companies would prefer to send massive amounts of email. So, expect your inbox to be chock full of spam for many years to come.
Scam Alert: Domain Hijacking
There’s a frightening new batch of scams going around now that can damage your reputation as domain “squatters” steal your domain name.
There are a number of ways the “game” is played. The first is entirely legal, if more than a little questionable. In this version, the name of a city or geographic area is grabbed by a domain squatter and pointed to… “sites that you wouldn’t want your children visiting. (ie: porn)”
A prominent notice is placed on the sites, offering them for sale at prices that range from $2500 to as much as $500,000!
The idea here is that city officials will feel that enough damage is being done to the reputations of their towns that they’ll pay to keep them from being associated with that type of material.
It’s obviously safe to say that it’s not appropriate to pop those kinds of images into people’s faces while they’re looking for info on a completely different topic.
That’s where the pressure on the cities comes from, and why this is such a disgusting scheme.
In essence, the domain squatter says: “Pay us, or continue to watch as your city’s reputation suffers.”
Many would call this blackmail…
The second variation on the theme is not always legal. When someone takes a trademarked name (or variation of the spelling of one) or a famous person’s name, and does the same thing.
For trademarks or close variations, there’s a specific procedure for addressing the problem. (See the resource section at the end of this issue.)
For the names of famous people, there MAY be a remedy. But, it can be tricky and expensive.
For example, if someone named John Jones registered http://WalterCronkite.com and pointed it to one of “those” sites, Walter Cronkite could probably force the domain away from him.
However, if someone named Steve Cronkite registered http://Cronkite.com and did the same thing, Walter Cronkite would have no recourse. It would be very hard to demonstrate that Steve registered the domain in bad faith. And if Steve’s son’s name is Walter, the same is true for http://WalterCronkite.com.
If you feel that your name is likely to be typed into a browser when people are looking for information on you, you should consider getting both the .com and .net versions of the domain if they’re available.
It will cost you a few bucks to prevent the problem. Fixing it, assuming you win, will cost you hundreds — if not thousands — of dollars.
And there’s no guarantee you’ll win.
A third version is a bit more benign. It’s common among members of affiliate programs. In this version, names very close to, or even including, the trademark are registered. The sites are created to drive traffic to the affiliates’ URL at the main site.
This may or may not be acceptable to the affiliate program owner. If it is, it’s a good technique for getting traffic. If not, it could get you into hot water. Check with the owner of the trademark before doing this. Less benign is an alternative version of this technique where someone grabs domain names that are close to the trademark of a competitor and uses them to grab competitor type-in traffic. This is often done by finding out the most common misspellings of the real domain name or trademark. Watch for people doing this with your domain. Here’s the worst version of this — and it can hit anyone if they have enough traffic and don’t pay close attention to when their domain registrations expire.
In this situation, someone grabs expired domain names and points them to “those” kinds of sites. This is a “no lose” for the hijacker, as they will profit from the traffic even if the previous owner doesn’t pay the requested ransom for the domain.
The more traffic the URL gets, the greater the clickthrough value to the hijacker. This means more potential damage to the original owner and a higher ransom to get it back.
In effect, your own popularity is your worst enemy in this case.The solution to this one is simple — and very important: Don’t let your domain names expire!
7 Steps to Effectively Take Control Of Your Inbox And Reduce Spam
posted by Web_University @ 8:00 AM
Wednesday, January 5, 2011
7 Steps to Effectively Take Control Of Your Inbox And Reduce Spam
Everbody hates spam! I am sure spammers hate getting spam too, but they still continue to dish it out. Why? Because it is still effective. Believe it or not, many of us still click on the links or follow-up with the spam message. As long as we continue to do this, spam will exist. If everybody understood this and paid no attention to spam, the spammers will eventually give up because it costs them realy money to send out emails. It is hard to quantify what the cost of sending out one, two or fifty emails is, but 1 million or 5 million emails certainly has a cost that is not negligible. When the payback starts to get so small that the spammers cannot make a decent living, they will find something else to do. This day will come and I cannot wait for it to arrive.
In the meantime, what can we do about it. Well, I am not going to tell you that there is a perfect solution that will stop all spam, but what I will tell you is that there is a way to reduce the problem and manage it effectively using the 7 steps outlined below.
Step #1: Get Your Own Domain Name
Fighting spam effectively starts with getting your own domain name. For example if your name is Andy Williams, you would purchase a domain name called andywilliams.com, which is of course already owned by the famous singer. This has some unique advantages over using an ISP given domain name or a webmail service such as Hotmail or Gmail. It also has some minor disadvantages. Let’s examine these.
One major advantage is that you control the entire email address. You could create emails addresses like andy@andywilliams.com, info@andywilliams.com, sales@andywilliams.com and so on. This is in stark contract to an ISP assigned name like andywilliams@comcast.net. If you wanted another one, you’d have to open up another account or pay extra for each additional ISP assigned address. If you ever decided to switch ISP’s, you would lose that email address and have to start over using a new one, and inform everyone you communicated with about it – a very messy proposition.
Many get around this problem by getting a Hotmail, Yahoo Mail or Gmail account which you can access from anywhere as long as you have internet access. These types of email accounts definitely have a place in your email toolchest, but do not suffice as your primary personal email address. One reason is that you do not have access to your email messages and address books when you are not online, like during a long flight. Anotehr drawback is that they do not allow you to export the online address books making portability very tedious.
I prefer owning my own domain name which I call my permanent email address. I will always have this email address as long as I renew this domain name every year. The cost of registering a domain name varies from $4 to $8 per year for most common ones. This is a small price to pay for the advantages it brings you.
The one minor disadvantage of owning your own domain name is that you need to manage it yourself, or have someone do it for you. This in my opinion is far outweighed by the advantages mentioned above.
Step #2: Create Private Email Adresses
A private email address is one that nobody but your inner circle knows about. Every person that you give your personal email address to is someone that you trust and want to receive email from.
Setup one private email address for every person who is going to need to receive messages. This could be you and 5 other members of your family or 12 employees that work for you. This part is quite straightforward, you simply login to your email control panel and create new accounts for each email address that is going to be used to receive email.
Step #3: Create Public Email Addresses As Aliases
A public email address is generally known to the public. It can be specific like andyw@andywilliams.com or generic like receptionist@andywilliams.com.
A public email address is created as an email alias. An email alias is not a real email address, but an address that gets redirected to a real email address. For example, you setup receptionist@andywilliams.com as an alias that redirects to mary@andywilliams.com. Whenever some sends an email to receptionist@andywilliams.com, it will end up in Mary’s inbox. If you change receptionists, you simple modify the redirect for a very elegant solution. You can then publish this public email address on a website, in a brochure, on print advertising, business cards etc. without giving away your personal email address and without having to make much changes if Mary leaves and a new receptionist is hired. This is a huge benefit and maintains your privacy as well as those of others you have created email adresses for.
How does this help with spam, you ask? By using email aliases in a smart fashion, you could very easily shut down any spam that starts coming in. Let’s examine how this can be done.
Step #4: Setup the Default or Catch-all Email Address
Your email control panel will have something called a “default address” or it is also sometimes called a “catch-all address”. This is a valid email address that all unresolved emails go to. If you set this up to be your personal email address for example, then you will receive all emails that are addressed to “anything”@andywilliams.com, this includes sales@andywilliams.com, joe@andywilliams.com, andrew@andywilliams.com etc. Herein lies the secret to combat spam.
Step #5: Create Specific Named Public Email Addresses As And When Required
When you are forced to register on a website where you want to get some information from, you are usually asked for a valid email address. Well guess what, you now have an unlimited supply of valid email adresses. I usually use a specific format when registering at websites – it is “websitename”@andywilliams.com. So if I am registering at a website called www.get-rich-quick.com, I would use the address get-rich-quick@andywilliams.com as my valid email address. When the site sends me an email, it gets redirected to my personal email or whatever the default or catch-all address is.
Step #6: Send Spam Back To Where It Came From, If Possible
Here comes the real bonus, if you subsequently start receiving spam addressed to none other than get-rich-quick@andywilliams.com, you simple create an email alias for get-rich-quick@andywilliams.com and redirect the email back to exactly where it came from, for example georg-bush@get-rick-quick.com. You will then never get another email from anyone using that email address ever again. This is cool and is my favourite part. Bear in mind that spammers usually send email from an address that is not their own, so if you see an address like noreply@get-rick-quick.com, then you would redirect it somewhere else, for example a Hotmail address that you setup just for redirection purposes. Please exercise some discretion here because spammers often use the email addresses of real people and we don’t want these innocent people getting redirected email.
Step #7: Be Diligent In The Ongoing Management Of Your Domain
If you do this diligently for each website where you register by identifying the website name, you will very quickly know which websites are selling email addresses and which ones honor their promise not to share your information. ALl this while, nobody by your personal inner circle knows your private email address.
A real-life example in my case: I use a specific email alias for my Paypal account which nobody but Paypal knows. I have never ever received spam on this address, but I have received hundreds of spam messages on other email aliases that I have created. All of these emails supposedly come from Paypal and address me as “Dear Valued Paypal Member” or something similar, warning me that my account is going to be closed or suspended unless I click on their link and update my credit card information.
I hope that I have given you some food for thought on how to manage the ever growing spam problem by protecting yourself by taking some initiative and getting your own domain name. The added benefit is that you now have a permanent email address no matter where you choose to live or which ISP you use to connect to the internet.
Effective Ways to Optimize Security in it
posted by Web_University @ 8:00 AM
Tuesday, January 4, 2011
Effective Ways to Optimize Security in it
Chances are your computer network or PC has been attacked at some point or another. Perhaps a worm caused your system to slow down severely, a virus erased your entire hard drive, or, malware plagued your registry and browser, leaving you helpless and frustrated. What you probably learned from these attacks was how or where to find a quick-fix while your overall security remained unchanged. What you may not know is that there are a few fundamental practices in relation to the hardware, software and people that can help to improve or optimize the safety level of your computer network and personal system. These practices or ways are sound, easy to implement and highly effective.
* On the Hardware/Software Side
While they may appear relatively basic at the onset, some practical measures should be taken to not just establish and maintain but also to increase ongoing security to computer hardware and software. Failure to adhere to these measures or ways of implementing security can potentially lead to disaster. Of course, you can further add to or enhance these measures depending on your particular situation–such as budget restraints, time-frame, etc.
Specifically, you will want to:
- Upgrade or replace: Older hardware can malfunction and become unstable; older software can have security holes and vulnerabilities or could fail to properly integrate with newer technologies.
- Patch up and harden: Whether it’s a domain controller or your home PC, install anti-virus software, configure a firewall, update the OS using service packs and remove unnecessary services.
- Limit access: Keep the system away from prying eyes and unauthorized users. Implement strong passwords; use encryption. Locks and biometrics are strongly recommended, too.
- Monitor regularly: Make a habit of watching network activity and reading system logs to find inconsistencies and unusual traffic patterns.
- Maintain good backups: Backup often and verify your backups always. Keep one or more copies off-site, if possible.
* On the People Side
When it comes to security, people usually are the weakest link in the chain. They can be lazy, indifferent, uninformed or represent some other security liability. Because you, too, may possibly exhibit such characteristics and behaviors yourself, here are ways to address these people problems and successfully increase and ensure IT security. For example, you should:
- Establish controls: Rules and policies can help to specify what is or isn’t acceptable use. Enforce them. Be prompt at acting on the slightest deviation.
- Train and educate: You and your staff can never be too knowledgeable about the newest technologies or the latest types of attacks–worms, viruses, Trojans, malware and others. Be prepared to learn and learn to be prepared.
- Be safety aware: Don’t expose yourself or your systems to potential attacks by linking to questionable websites. And, opening an email attachment from an unknown source could quench much more than sheer curiosity.
- Go “long” on commitment: Engage people by assigning them (or yourself) duties and responsibilities with realistic goals and rewards. Foster loyalty and support alongside accountability for non-performance.
Experiencing a malicious attack is sometimes the result of weak or ineffective security practices. And, while finding quick solutions to the attack may be reactionary and expected, it is not necessarily the only or best course of action in securing PCs and networks. There are far more sensible and fundamental ways to implement and address security in relation to the hardware, software and people involved in day to day operations. It is, in fact, by applying those ways and practices that you can effectively and successfully improve upon and optimize security in it.
Are Your Websites Secure Or Is The Back Door Wide Open?
posted by Web_University @ 8:00 AM
Sunday, January 2, 2011
Are Your Websites Secure Or Is The Back Door Wide Open?
One of the topics that all of us online business people are aware of but usually don’t feel totally on top of is website security.
Coming from a background of having spent over 20 years in the U.S. military, and having spent four years as a software tester, I have a greater awareness of the need for continuous vigilance in this area than your average marketer.
I also know that you can never make your websites or your computers completely secure. Instead, you can only do things that reduce the risk.
Given that you spend a lot of time, money, and energy, building your online business, it only makes sense that you set aside time periodically to review security related issues, and to look for problems that can be easily minimized.
Here are a few easy “fixes” that you can implement today that will increase the security of your online business:
1) Delete outdated scripts that you no longer use from your server. Many of “the bad guys” have studied the exact same scripts that you use to power your websites, and they know where the backdoors and vulnerabilities are. They know exactly which file will allow them to create all kinds of havoc.
If you have old programs on your server that you are not using, simply delete them.
2) Update older scripts that you are using. Often, the reason that updates are released for a script IS to patch a vulnerability that the developer has become aware of.
YES, upgrading can seem time consuming, and it can be tempting to skip an update, and just wait for the next one. When you wake up one day and can’t access your server, or all of your websites have been defaced or erased, you’ll see the wisdom in ALWAYS keeping the scripts powering your websites completely updated.
If you are as non-techie as I am, you simply hire a trusted programmer to perform this task.
3) Change the default setting when installing scripts on your servers. Many scripts have default passwords, and default locations for critical directories that make these scripts work flawlessly. Since everyone obtaining a copy of these script have these settings, you probably want to change them, and you also may want to rename certain directories.
4) Secure your web logs. Many web hosts have a standard location for the website’s logs and statistics on each hosting account. The files that allow you to access, read, download, and manipulate this data often aren’t secured. At a minimum, password protect that directory.
The danger in someone readily accessing your logs is that they can see the names and paths of the files on your server, including your download pages and the file names of files that may actually be for sale products 
There are not only people who search on your product name, looking for unsecured files – there are also people who enjoy posting those links on sites where this type of information is shared.
5) Put an index page in every directory on your server. If someone surfs to the domain name of one of the directories on your server, and there is no index page in that directory, they will get a directory tree… showing them all of the files in that directory, and allowing them to simply click in a given file name to access it.
Servers can be configured to prevent this, but for many people, the quickest and simplest way to protect their directories from prying eyes is to stick an index page in each directory.
6) Give your download pages hard to guess names. Don’t use urls like YourDomain.com/ProductName/download.html Instead you want to give download pages names comprised of a random sequence of letters and numbers, perhaps stick them in directories not even associated with a given product, or use a “download guard-type” script that gives each customer a unique download link and protects your files.
There are a lots of other things that you can do to easily close common holes in your website’s security. This article barely scrapes the surface, and is intended more to make you aware of the problem, and to get your thinking about it. Make regularly reading articles and reports on the topic a part of your education in how to operate a successful online business.
The Secret to a Speedy Computer
When you purchase a new computer, the speed of your computer is at its fastest. However, over time you will notice that the speed of your computer will begin to slow. The speed of your computer will continue to deplete over time the longer that you have the computer and use it.
However, just because your computer is a few years old does not mean that you need to go out and purchase a brand new computer. Over time, you install and download a good bit of information on your computer. Some of this information is removed over time but it is likely that some of this information is still lurking on your computer’s memory.
For the most part, it is probably safe to say that you do not use everything that is downloaded or installed on your computer. If you do not, then these files are simply sitting in the memory of your computer just taking up space. When these files take up space, they are slowing down your computer. If you do not need all of this information or use all of it, then what is the point of letting it stay on your computer where it takes up space and slows down your computer? If it is not needed or is not used, it is best to remove it from your computer instead of letting it alter the performance of your computer.
A great way to speed up a computer is to remove unused and unneeded information and files. This can be done by cleaning out the registry of your computer. Your registry is like the brain of your computer where all of the files and information is stored. However, if you are not using all of these pieces of information or the files, it is just taking up space in the registry. By removing the unneeded or unwanted files, you are making room in your computer’s registry.
You may not realize how much information is stored in your computer’s registry until you clean the registry out. Once you get a look at how much information is removed, you will realize why the speed of your computer was becoming slower over time. Performing regular registry clean ups on your computer is a great way to clean out your computer of unwanted or unneeded information that may be slowing your computer down. By performing a registry clean up, you are less likely to have trouble with the speed of your computer slowing down.
Find Out What Makes A Good Backup Software
posted by Web_University @ 8:00 AM
Tuesday, December 14, 2010
Find Out What Makes A Good Backup Software
If you store valuable information on your computer, it is wise to use backup software. System backup software stores information you have on your computer. It is like having another copy of everything that you keep on your computer.
Performing data backup software is especially useful when your work is done on a laptop, whether at the office or at home. So, in case something bad happens to your hard disk, the information on that drive can be restored, once the drive is fixed or replaced, with your back up files.
The concept of retrieving the data you saved on your laptop is the primary benefit you can get from pc backup software. This is very important particularly in corporations and business enterprises that view information as revenues. Losing data can cost millions of dollars.
Having backup software enables you to save time. Imagine the amount of time you can save if you use software to backup all files, programs, and special applications on your computer and then the next day your hard drive crashes. There is even an automatic backup software that immediately performs backup whenever new data is saved on the hard drive or whenever you have set a backup schedule.
The backup software is compatible with different media and devices. However, if you choose a built-in software, the capability of doing backup is limited. External software allows you to conveniently do backup on your data to any device, optical media and storage systems. You can even initiate partitioning tasks with backup applications. Thus, you can zip your data into smaller bits and store them in many media.
Almost all backup software is capable of encryption. Many of the best backup software available in the market can automatically encrypt your data during transfer and backup operations. Hence, you can have the confidence to transfer files onto another disk drive without worrying about data leakage. Encryption is essential, if you are transferring data to a web server.
Backup software comes in many types to meet the varying needs of the persons and enterprises. For example, there is specifically designed enterprise backup software. Depending on the operating system you are using, there is software that is compatible for your computer.
So, if you are using windows, you can enjoy the benefits of backup using windows xp backup software, vista backup software, windows server backup software and Microsoft backup software. There is also linux backup software for linux operating systems.
For remote operations, choose the appropriate remote backup software or offsite backup software. If you are transferring files to a web, it is good to have the online backup software. Data recovery is a feature of backup software that is very convenient.
In case of disasters, your data is not lost. It can be retrieved and restored back into your systems as if nothing happened. The best software does not even require special hardware or complicated software to make things happen the way you should want them to be.
For more information about the backup software that best suits your need, check out the web for resources. You can also read reviews on products , forum discussions and articles.
How To Eliminate The Lag In Your Computer?
posted by Web_University @ 8:00 AM
Sunday, December 12, 2010
How To Eliminate The Lag In Your Computer?
Technology has definitely came a long way. With all of the advancements in technology, it seems really ridiculous to experience computer problems. But, that is the problem with technology, it is not perfect. Since technology is not perfect and we do experience troubles with it from time to time, we should look for ways to fix it rather than hope for perfect pieces of technology. Fortunately, this is a much more logical expectation. If you are experiencing a lag in your computer, do not get frustrated with technology. You do not need to shrug it off to the age of the computer. Purchasing a new computer is not the only solution. There are ways to fix the issues with technology.
A lag in your computer can be the result of multiple different things. However, you do not need to assume that you will need to get out a check list and spend hours going through the possibilities. The most common thing to do is assume that it is one of the common reasons and solve that first.
The most common reasons for a lag in a computer is due to the following things:
- The computer has little to no storage space left.
- The computer has a slow speed that is likely continuing to decrease over time.
- Or it could be a mixture of both options.
Regardless of which option it is, neither of them are good for your computer and if it is both possibilities, then that definitely is not good for the computer. However, they are both quite fixable. The easiest way and quickest way to deal with these two possibilities is to perform a clean up scan on the computer’s registry.
The clean up scan is a scan that will be conducted on the computer’s registry. Just like the name of the scan, it will “clean up” the computer’s registry. This means that any information located in the registry of the computer that is no longer used or needed will be removed in order to make more space in the registry. With more space being freed up in the registry, it also means that the speed of the computer will increase. If any information stored in the registry is found to be broken, the scan will also notify the user and allow repairs to be made to the broken files. The clean up scan should be done once a month.
How to Resolve a Corrupt File?
Have you ever went to open a file on your computer only to receive an error message instead of the folder and its contents? Corrupted files can happen to anyone, but that sure does not make them any less annoying. A lot of times, when an individual receives an error message regarding a corrupt file they give it up for lint. Instead of trying to solve the problem with the file, they just chalk it up as a lost cause. However, you no longer have to do that. It is possible to get passed the annoying error message regarding the file.
Fixing a corrupt file can be done by just about anyone thanks to registry clean up scans. A registry clean up scan is a scanning procedure of your computer’s entire registry.
- The scan will go through the entire registry until it locates the file that is corrupted.
- When the file is located, the registry clean up scan will prompt the computer user of the find.
- The prompt provided by the computer will provide crucial details regarding the file and the problem with the file.
- You can choose to resolve the problem with the corrupt file through various different ways. How you choose to fix the problem is entirely up to you.
- Most registry clean up programs will provide you with a brief understanding of what each choice means and how it will effect the computer. This will allow you to choose the choice that is best for you and your computer.
You do not need to worry about manually going through the registry since the scan of the registry is an automated scan. There is an option to manually scan the computer’s registry but that option is reserved for individuals who have an extensive knowledge of computers.
There is no need to panic about knowing whether or not you are making the right choice since the vast majority of registry clean up scanning programs will provide you with a brief bit of information regarding your solution options. You can read over your options and determine what each option will mean for your computer and that particular file and base your decision off of that. There is no need to be a computer expert with this program. It is easy enough that a person with a limited knowledge of computers can operate the program. All you have to do is take some action !
Working Of An Email Security Solution
You are taking a big risk when you are connecting your system to internet nowadays because of the ever-increasing flow of viruses and spam mails. Even the personal information stored in the system and the passwords will be taken out of the network without authorization through the malware and spyware attacks.
You will have to keep in mind that internet is not a secure place any longer. The basic nature of internet is being insecure these days. Even browsing through the websites can prove to be fatal. You will not even realize that your system is infected until something turns out to be wrong. This is the main reason why more and more people are getting concerned about the internet security. One among the major problems related with using emails and internet is the constant flow of spam mails. Email spam protection is of great importance because of this phenomenon.
You must take immediate and drastic steps to get rid of these issues so that you will not have to regret later. Carefully selecting the passwords was one among the techniques to ensure the safety while using internet. However, things have changed and thus data backups and file permissions have gained a lot of importance in the recent times. Cyber crimes are increasing tremendously. This is the main reason why hiring a firm that offer secure email service is of utmost importance irrespective of the nature of internet usage. Even though some security tasks will be conducted by the operating system automatically, other tasks should be managed as well as monitored by the users so that the protection is effective. Firewall can be called as the primary level of defense. The firewalls will allow the computer to connect to secure and trusted sources. There are two main types of firewalls namely, software and hardware firewalls. Even though the techniques used by these firewalls differ from one another, the function remains the same. They check for the trustworthiness of the ports and even the IP addresses.
Getting a email security solution must help you to get ample protection against viruses, spyware, malware and all other programs that may harm the working of the network and the system. You should keep all the requirements in mind when you are selecting a solution so that you will not be disappointed with the results obtained. Normal anti-virus programs will scan the disc and check for the viruses. The program will either quarantine or delete the viruses if any.
Even if you are making use of a good and reliable email security solution, you should also pay attention to the security threats. If you are receiving an email from an unknown source, you should directly open the attachment. Clicking on the active links can also be a bad idea, as it will redirect the page to websites that are full of spyware and malware. You will have to make use of your common sense when you are using internet. The aforementioned information will explain the working of an email security solution.
.htaccess is a file that you can create using Notepad in Windows (or any text editor) to add some additional functionality to your website and server. It is usually supported by all Unix/Linux web hosts which use the Apache server. This tutorial will help you create the file and use it on your site.
Note 1: .htaccess is the full name of this file, to create it using Notepad load it up, add text to the file, then go to File > Save As. Then click the drop down menu saying Save As Type and select All files. Then in the filename, type in .htaccess and it will save it.
Note 2: You may not be able to view it in your FTP program after uploading so investigate how to switch on the -a command with the filters in your FTP client, or SSH to the server and use the ls -a command to view all the files.
.htaccess files affect the directory they are placed in and all sub-directories. That is, an .htaccess file located in your root directory (yoursite.com) would affect yoursite.com/content, yoursite.com/content/contents, etc.
The .htaccess file will allow you to include the following features in your site:
* Error Documents
* Password protection
* Enabling SSI via htaccess
* Deny users by IP
* Change your default directory page
* Redirects
* Prevent viewing of .htaccess
* Adding MIME types
* Preventing hot linking of your images
* Preventing directory listing
I am going to go through each of these and tell you how to do them!
Error Documents
These are very useful and allow you to specify a page that the user goes to if there is an error. The most useful way you could use this is with the “404 Page Not Found” error. You can provide the user a list of common links, a link to your homepage, an e-mail address or whatever you feel like!
You create this in the .htaccess file by including the following command, replacing the value in [square brackets]:
ErrorDocument [number] [path to document location]
So, for example, the Olate 404 page is done like this:
ErrorDocument 404 /errors/404.php
Instead of directing users to a page, you can display some HTML instead:
ErrorDocument 404 “Page Not Found
Return to the homepageHowever, it is better to use the page as you have more control. You can find a list of error codes here.
Password Protection
You can protect a specific directory with the .htaccess file by doing the following:
1. Create a new file called .htpasswd in the same way as we created the .htaccess file above.
2. The .htpasswd file uses the following format for storing username and passwords:
username:password
There must be no spaces on the line before username, either side of the colon or after the password text. If you want several people to have access to the protected space, with each having a different login, you can add as many username/password lines as you wish making sure each one is on a separate line.
username can be any text or name but should not contain any spaces.
password should not be entered as plain text because this file could be viewed. Use the following link to get an encrypted version of your password: http://www.euronet.nl/~arnow/htpasswd , then use the encrypted version as the password for the username.
To simplify the process, a tool now exists that can create your .htpasswd file entries for you which you can then cut/paste into your own .htpasswd file: http://users.plus.net/htpasswd/
3. Now you need to add this to the .htaccess file. Note: the example given is for the www server, it is different for the CGI server which is explained later:
AuthUserFile /share/isp/plusnet/www/uu/username/htdocs/directory/.htpasswd
AuthGroupFile /dev/null
AuthName EnterPassword
AuthType Basic
require valid-user
The first line is the full server path to your .htpasswd file and will be different for each webspace (note: the path should be entered on the same line as AuthUserFile). To get your correct path for AuthUserFile just replace uu with the first 2 chars of your username, username with your username and directory with the name of the folder/directory you want to password protect. The .htaccess and .htpasswd files should then be put in directory. Note: if you put the .htaccess and .htpasswd files in the root of your site (htdocs on www server), it will password protect the entire site and ask for a username/password each time someone visits so it is not recommended to protect that one. Just place it in the sub directory you want to protect.
You can replace the EnterPassword text of AuthName with whatever you like, this is what is displayed in the login box when you acces the protected area. If you wish the message to have spaces in it, enter it within quote marks, such as “Enter The Password”.
The above example shows the path to use for your www webspace. To find the path to use for your CGI server webspace do the following:
* use telnet (or similar app) to connect to your cgi server shell e.g. telnet plus.net
* Enter your cgi username & password to the login and password prompts
* At the shell prompt ($) enter pwd followed by the return key. This will show your current working directory which is the root of your cgi webspace.
* Use that information + the name of the directory/folder you want to protect as the path for the AuthUserFile line.
E.g.: /files/homeX/username/secret/.htpasswd where X could be 1, 2 or 3.
Once you have created your .htaccess and .htpasswd files and copied them to the directory/folder you want to protect you should test the folder protection via a browser. Enter the URL to the protected webspace (e.g. for www webspace if you put the files into a directory called protected, it may be something like http://www.username.plus.com/protected ). You should then be presented with a login screen where you must enter your username and password. If it works, entering a valid username/password will give you access to the folder, invalid username/password should not allow access to the folder.
If the above fails, check you have created the .htaccess and .htpasswd files correctly and that you have copied them to the correct place. If you used FTP to copy the files to your webspace (www or cgi) make sure you transfered them as text and they have gone into the correct folder. Or ftp them as htaccess.txt and htpasswd.txt and rename them to .htaccess and .htpasswd.
Enabling SSI Via .htaccess
If you cannot use SSI (Server Side Includes) with your host, you can try and enable it via the following command in the .htaccess file:
AddType text/html .shtml
AddHandler server-parsed .shtml
Options Indexes FollowSymLinks Includes
The first line tells the server which files it should parse as having SSI. The second line adds the handler that actually parses the SSI files.
SSI is already enabled on the PlusNet homepages server so you do not need to use the above code. However, to allow SSI in your .htm pages then use the following lines in your .htaccess file to avoid problems:
AddType text/html .htm
AddHandler server-parsed .htm
Deny users by IP Address
If you want to stop a specific user from accessing your site, then include the following:
order allow,deny
deny from 123.45.6.7
deny from 12.34.5.
allow from all
Replace the IP addresses with the addresses you want to block. Or, as on the second “deny from” line, you can specify a section of the IP address, which will block all hosts whose IP addresses begin with a matching address.
Note: This features does not work on PlusNet servers.
Change your default directory page
This is a command which allows you to specify a file that is to be loaded as your default page whenever a directory or url request comes in, that does not specify a particular page.
DirectoryIndex filename.html
This would cause filename.html to be the default page of your site, so www.yourdomain.com would not go to index.html, but to filename.html.
Note: This features is disabled on all PlusNet servers except the HTML server (www.username.plus.com).
Redirects
If you change a section of your site structure, why leave people with a 404 when you can just redirect them?
Redirect /olddirectory/oldfile.html http://yoursite.com/newdirectory/newfile.html
If the user tries to access the old file, they will be redirected to the new file.
Prevent viewing of .htaccess file
To stop people from viewing the .htacess file in your site, include this line in the file:
order allow,deny
deny from all
Adding MIME Types
If the server is not setup correctly to serve certain file types, then you can change that with this line:
AddType application/x-shockwave-flash swf
Preventing hot linking of images
To stop people from using your images on their site while the image is still on your site (stealing valuable bandwidth), add the following to the .htaccess file:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ – [F]
Replace mydomain.com with your domain name and the gif|jpg with any other file extension, such as gif|jpg|swf
Preventing Directory Listing
Sometimes, if you have a directory containing files, but not an index file, then the server will display the entire contents of that directory. To prevent this from happening, include this:
IndexIgnore *
The * is known as a wildcard and means all files. You could just block the gif and jpg files for example:
IndexIgnore *.gif *.jpg
That basically sums up the major functions you can use with .htaccess! I hope you have fun with it!
Recent Comments