Preventing Attacks

You don't need a new website. You need to make your current website more effective! How can you do that? There is no single answer -- websites are part of a larger system, and you need to consider many different aspects to make your site effective. We've been making websites since the start of the web, and know what makes them work -- as well as not work. Take what we have learned to make your site better!

Spam, Spam, and Dspam


We were in Sheridan, Wyoming, half way across the country to Jill's grandmother's house. I logged into my email to find something I hadn't seen in a long time: more spam than real messages. There were a couple dozen spams in my Inbox, and only half a dozen real messages. What happened to my spam filter?

I originally thought it was just a new type of spam not yet recognized by the filter. But then I looked closer and realized that the little signature my spam filter adds to each message was missing-these messages had not even been checked. No wonder they were getting through in such large quantities!

It's only when the tools fail that you come to recognize how valuable they are. In the 5 hours the server spam filter was out, I received more than 50 spams, and many of my customers also noticed immediately. The cause of the outage was a power flicker in the nasty weather Seattle was getting that weekend, which made that server shut down. Fortunately, we had this contingency (and many others) covered for our vacation, and were able to get everything back up and running.

Read More

Why Linux is more secure


Windows flaws keep causing trouble for most Internet users. Earlier this week I was at a meeting of a group of tech professionals in the Seattle area, all of whom work with small businesses.

Read More

Security Bulletins, computers, and cars


It's been a bad week for computer security. Basically, if you use the Internet and have a computer, it needs updating. Even Mac and Linux users are affected.

First off, Windows. For those of you trying to limp along with Windows 98, ME, or NT, I'm sorry to say we've reached the end of the line. Microsoft has announced that they do not plan to release a fix for these operating systems, for the critical vulnerability revealed earlier this week. If you use any Windows 98 or ME machines to browse the Internet, you're vulnerable, and the only thing you can do is update to a newer operating system.

Read More

Who's behind that web site? SSL, Certificates, and detecting phishers


Let's talk about phishing. Phishing is just like fishing, only your identity is the fish and the bait is an email that looks like it came from your bank, or eBay, or Paypal, or any other legitimate place. The goal is to get you to follow a link to a site owned by the phisher, and trick you into divulging some private information, such as your bank account number, pin, passwords, or social security number.

Some phishing emails look completely legitimate, using logos, links, and text from the real business. Many try to warn you about fraud being committed with your account--the truth is, the senders of the email are the ones trying to commit fraud with your account, if they can trick you into divulging it. These types of emails are almost always fake. When you follow the link in such an email, you'll usually get taken to a web site that looks exactly like the real web site. But it's not.

Read More