Security | Internet Marketing Questions

Jul 18

Do you back up your data?

General, on your PC, security No Comments »

A couple of weeks ago I had a phone call from a friend of mine saying his computer had crashed and he was unable to access any of his files.

I popped round to see him, checked out his computer and found there had been a hard disk failure.

My next question was do you have a backup of your data, the answer was NO!

I had told him before how important is was to have backup copies of his files so that in the event of this type of situation he could easily get up and running again, but like so many people he thought it would never happen to him, BUT IT DID!

I took away his computer and after a weeks work using some extremely expensive specialist software I managed to recover most of his files, if he hadn’t been a friend this would have cost him a lot of money.

A computer hard disk is a mechanical device and WILL, like any mechanical device, eventually fail, most will outlast the life of the computer but not always.

Most people in the network marketing industry are convince it will never happen to them but occasionally it does, if there are backups of the files stored on your computer, all you need to do is buy a new hard disk, load all of the programs onto it, then restore your personal files from backup and you are back up and running in a few hours.

If you don’t have a backup it is quite possible that you may lose your files altogether. Your programs are easily reloaded but your files are exclusive to you.

It is not difficult to backup all your files either to a data stick, external hard disk or to an online storage facility, one online storage facility that I use is DropBox, ( I dont receive any payment if you sign up through my link) this offers you the opportunity to connect several computers to your account and when you update files on one it automatically updates the same file on all of the others while still giving you 2Gb of space for free, if you need more you have to pay for it.

Share and Enjoy:

Nov 17

How Secure are your online payments?

Marketing, on the internet, security No Comments »

We all buy things over the internet occasionally, whether it is the odd item now and again, or a regular payment for your business.

Giving your details over the internet is always a bit of a worry, will my details be stolen and cloned onto another card to steal my money.

There are 2 things you need to look for before you put your details into a web page:

The address at the top of the page needs to be “https:” not “http:” and
In the border in the bottom right hand corner of the page there is an icon showing an image of a locked padlock.

If either of those 2 are missing or the padlock icon is unlocked, then refuse to enter your details.

Quite frequently you will also see a badge on the web page itself relating to the company that they have their secure service from, there are several companies that provide secure services. Such as: Thawte, Verisign and Geo Trust. These and several others give you the guarantee that your payments are securely encrypted and the details cannot be stolen easily.

There have been articles in the news recently saying that where otherwise reliable companies have moved their call centres to third world countries to save money. They have had employees taking details that customers have given them and selling them to make extra money. Unfortunately this does happen, but the companies concerned and the local governments in these countries are clamping down extremely hard on these practices. So they are quite rare.

These practices are not only carried out over the internet, when a worker in a restaurant or shop takes your card away to be processed, they can easily run them through a scanner that takes the details off them. Or they put false fronts onto ATM machines that record transactions and then use that information to clone cards. As long as you follow the guidelines in this article you will be as safe as you can be giving your details over the internet.

Share and Enjoy:

Nov 14

Warning! your ftp client could harm your website!

Marketing, on the internet, security 6 Comments »

A few months ago I tried to log into my blog and there was an error message on the screen saying that there was an error in my blog files so I was unable to log on.

I opened my cpanel and found that a list of ‘iframe’ commands had been added to the end of my index file overwriting part of what should be there, I cleared those and tried to log in again, I then found similar commands in default-filters and default-widgets.
I cleaned these and logged in successfully, I then did what I was planning to do in the first place.

I then tried to log into another blog on the same site, exactly the same problems occured. I cleaned those and carried on.

The following day I tried to log in again, the problem was back again. I contacted my host support, they said mine was the only site affected on that server.
They suggested clearing the site, changing the passwords, scanning all files and rebuilding it, making sure I used all the latest updates for plugins etc.

I did this and all was fine for a few weeks, then the problem happened again, hitting all my different sites hosted on the server, I cleaned them all several times, but it kept coming back.
I changed all the passwords again, but that made no difference, after a few hours it was back.

I was certain it had to be something infecting through the hosting account as it was hitting all the sites at once, even though the blogs all had different admin passwords.

I was not saving my passwords when I logged into these sites and it was only affecting my hosting account, then I thought the only place set to log in automatically was my ftp client, this was Filezilla, one of the most popular ftp clients on the market, because it is freeware and easy to use.

Following investigations I found that Filezilla creates an xml file on the system that is written in plain language, including the password.

I then created a dummy record, “dennis.com” with the username “dennis” and the password “brooks”, here is the resulting site manager window

site manager

This is a section of the xml file created on my computer relating to the dummy account I had just created.

xml file

If you read through the text in the xml file you can clearly see the host name, user name and password. If you inadvertantly download a scanning robot onto your computer they can then see your Cpanel password on your hosting account and infect your site.

You are probably thinking that you will start using the quick connect where you put in the details on the front screen of Filezilla, that wont help you, the information you put in there is stored in another xml file on your computer.

The only way I have found to do it with Filezilla is in the site manager, change the “Logon Type” from ‘Normal’ to ‘Ask for password’ by using the drop down arrow on the side, then the logon type in the xml file changes from1 to 2 and the password is not shown.
OK so you have to put the password in every time you want to use the program, but surely that is better than having your site hacked and possibly months of work ruined

Since doing that I have not been hacked again.
You may think that I am not security minded to allow something to invade my computer to do that, but I have an active personal firewall and up to date anti-virus on my computer, and it still got in.

In some respects I was lucky, if they had not just wanted to add these commands to every index file on my host, but had taken it one stage further they could easily have gone into my Cpanel account, changed all of my administrator credentilas and used my site for all sorts of destructive purposes, and I would not have been able to do anything about it, other than getting my host to totally wipe my site and have to start all over again.

I have not checked any other ftp clients to see if they use similar methods, so beware, they may cause similar issues.

BE WARNED, YOUR FTP CLIENT COULD BE A SECURITY RISK ON YOUR COMPUTER.

Share and Enjoy: