Tag Archives: place

Web Hosting Review – Hostmonster

Great Hosting at a Small Price

This is my favorite host. I have tried a few of them and it is the best solution for a start up or for a small business. You have a great support that helps with your website, and if it’s your code points you to the right place to fix it. They have free backup, if your website has a reasonable amount of files and data. And the load is fine, they have a way to throttle the CPU down for accounts that eat up too much processor.

Web Hosting Review

Hostmonster
Price: $5.95
Plan Reviewed: Standard
Free Domain: with hosting: Yes
Number of hosted Domains: Unlimited
Disk Space: Unlimited
Bandwidth: Unlimited
Money Back: Anytime
Software: – Simple Scripts
Backup: – Yes
Scripting: PHP, Perl, Ruby
Database: MySql, Postgressql
Log Analizer: Awstats, Webalizer
Control Panel: cPanel
Support: 24-7
Up-time: 99.90%
HostMonster rating [five-star-rating]
Affiliate Disclosure

Email address Spoofing ā€“ Someone is Using My address to Send Spam

Someone is Using Your Address to Send SPAM

You just got a bounce-back email saying that your email didn’t reach the destination because the recipient doesn’t exist. Nothing unusual, this is something that happens to anybody who is using email regularly; except you didn’t send that email. How could this happen? If you are an email server administrator and many of your users get this kind of bounce-back they all start to complain at once, thinking that your server has been hijacked. What can you do to stop this, and how to reassure your users that you haven’t been hijacked?

Sender Address Forgery known as email address spoofing is not a new technique. It is used for many things from spamming organizations to sending viruses and supporting scamming schemes where the sender fakes his identity.

Effective ways to stop Spammers to Use Your Domain Name

Publish SPF Data
SPF (Sender Policy Framework) is a method that allows you to publish which mail servers are authorized to send email for your domain. SPF uses a DNS record that tells email servers which servers are the servers that are trusted sources of email for the specific domain and how much to trust other sources of email originating from that domain. Destination servers might have the SPF checking implemented or not. Many of the today’s servers are SPF checking enabled.
Destination servers check this record and act in consequence. Anti-spam software on servers receiving emails, score an email based on SPF record and other criteria and accept or reject the email based on the total score. For instance if the SPF record tells that any emails originating from non authorized servers should not be trusted the email gets the necessary points to be treated as SPAM and it gets rejected. If the SPF record treats the non authorized servers neutral the message could pass or could be rejected if other it contains other SPAM characteristics.
Do not publish any email addresses on Web pages. This is the most common place for spammers to get valid email addresses and use them to forge email messages

If your company runs its own mail server configure it to ignore email sent to non-existent addresses in your domain. If your server sends a non-delivery report you reveal to a spammer valid addresses in your domain (the ones that don’t send NDRs). This attracts spam to those addresses. You waste bandwidth. The most common reason to send NDR’s for non-existent addresses is to let people know that they misspelled the address. Miss-addressed email can get lost easier.

If your domain gets blacklisted because of spoofing you have to contact the list which blacklisted you and show the Administrator what you did to correct the problem. This is very unlikely since the sender usually spoofs only the email sender and not the server’s address. A blacklist Admin should be able to figure out this.

Browser Auto-config and Wpad deployment

Using a Proxy Server in your Company’s Network is one of the best decisions you have made.
But this decision can bring you some administration overhead if you don’t have an automatic way to provision the browser settings.
Fortunately, for Microsoft Operating Systems there is a way to accomplish this.
The procedure involves a configuration file that tells browsers how to connect to Internet.
This file is published via the existing Infrastructure using DNS, DHCP and a WEB Server.

Create the configuration file

Create the wpad.dat file inserting the following text:
function FindProxyForURL(url, host) {
return "PROXY 192.168.100.10:3128; DIRECT";
}

IIS

Create a new website and link it to a folder of your choice, (for instance c:\wpad). Place the wpad.dat file inside the folder.
Create a mime type for the .dat  file type with the mime type  “application/x-ns-proxy-autoconfig”.
Restart IIS. If you already have an IIS just place the file in the root directory.

Apache:

Create the wpad.dat file on the www directory depending on your distribution (on a Debian is /var/www/).
For instance:
#nano /var/www/wpad.dat
would open the nano editor. If nano is not install use vi or mcedit or any other text editor.
Edit httpd.conf:
#nano /etc/apache/httpd.conf
and insert the following line:  
AddType application/x-ns-proxy-autoconfig .dat

Make sure apache daemon is starting at boot time, (update-rc.d  apache2 defaults)
Restart apache #/etc/init.d/apache2 restart.

DHCP – Configuration for Proxy Auto discovery

(on a Microsoft DHCP server)

  1. Click Start, point to All Programs, point to Administrative Tools, and then click DHCP.
  2. In the console tree, right-click the applicable DHCP server, click Set Predefined Options, and then click Add.
  3. In Name, type WPAD.
  4. In Code, type 252.
  5. In Data type, select String, and then click OK.
  6. In String, type http://internalserver/wpad.dat where:
    • internalserver is the domain name of the Server that hosts the wpad.dat file. (Alternatively you can use fully qualified domain name, (eg. http://internalserver.domain.local:3129/wpad.dat)
    • Port is the port number on which automatic discovery information is published. You can specify any port number. I put 3129.
  7. Right-click Server options, and then click Configure options.
  8. Confirm that Option 252 is selected.

If you configure this on a Unix DHCP server you might need to add an extra blank character at the end of the DNS Configuration
Create an alias (CNAME) with the name wpad pointing at the webserver that hosts your wpad.dat file. For instance the alias is wpad and the fully qualified domain name is internalserver.domain.local

Troubleshooting

WPAD alias DNS entry not responding
After creating your alias when you ping wpad you get host not found this could be related to a security improvement on Microsoft’s DNS servers.
To fix this you need to edit the following registry value: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters\GlobalQueryBlockList
Edit this on all of your Microsoft DNS servers and remove wpad from the list of values. See the image below:

Registry Fix for Implementation of WPAD

Note that this configuration requires you or your user to configure your browser to “Automatically Detect Settings”.
For Internet Explorer this can be automatically configured for all the users in an Active Directory domain via a Group Policy.
The same policy will be used by Google Chrome, which uses the Windows Internet Connection configuration.
Other browsers such as Opera, and Mozilla will have to be manually configured. Alternatively, for an automatic configuration they can be tweaked via registry hacks or configured via third party software.
The disadvantage with manual configuration is of course the cost of deployment and the fact that this can be changed by the user. If you want to enforce the use of the proxy you have to restrict the gateway access and allow only the proxy machine to access it. Another way would be to configure your proxy to be your router and set up a transparent proxy.