RVSkin Master Account (hosting) removed by accident also How do you ReInstall RVSKIN March 21, 2007
Posted by paragonhost in Linux, ParagonHost, cPanel.add a comment
| Category | cPanel WHM | |
 |
Question | RVSkin Master Account (hosting) removed by accident also How do you ReInstall RVSKIN |
|
Answer | If you delete the master account (Hosting account that ends with a .zz) you will need to run the following commands as root:
rm -f /usr/local/cpanel/Cpanel/rvversion This will ReInstall RVSkin and rebuild the master hosting account. You will need a “active” support account at RVSkin in order to install using the above commands. May need to update your support subscription. |
|
Supporting File | |
|
Keywords | rvskin cpanel whm reinstall master hosting account command line script perl script install rvadmin rvskin reinstallation |
Attach any filetype with GMail: Google Mail Hack March 13, 2007
Posted by paragonhost in Collaboration, Internet, Security Focus, Technology News.1 comment so far
Cheat the GMail Antivirus Scanner: Attach any filetype with GMail
When you send and receive attachments with GMail, they’re auto scanned for viruses. If Gmail thinks your mail has viruses, it will attempt to clean the file or remove it. But if it detects a virus and can’t remove it, then you won’t be able to download it.
Thanks to the new GMail Anti Virus Scanner, you cannot send or receive emails with exe, dll, ocx, com or bat attachments even if they are sent in a zipped (.zip, .tar, .tgz, .taz, .z, .gz) format (The .rar format is still allowed)
GMail has some the best spam filtering and phishing detection capabilities but the GMail virus scanning is a bit disappointing. When I tried to email a Firefox 1.5 installer to a colleague, GMail uploaded the entire file (Firefox Setup 1.5.exe 4.98 MB) and then threw this alert:
This is an executable file. For security reasons, Gmail does not allow you to send this type of file.
This is such a poor solution. GMail Virus Scanner didn’t scan the attachment, it just blocked it since it was an exe file. Why is Google calling it an AntiVirus scanner when it is merely blocking attachments of certain types like .exe? Yahoo! webmail too have an anti-virus but they accept .exe files since the yahoo anti-virus would scan even exe files and clean them if found infected.
Secondly, why did GMail upload the entire exe file to its server for scanning but didn’t scan since it was an exe.? The GMail file uploader should be smart enough to disallow users from uploading files with extensions like exe, com, ocx, etc.
Google has no plans to make the “limited” antivirus feature optional, nor does it plan to stop blocking executables. Yahoo! Mail uses Symantec software to scan for viruses. Hotmail licenses its technology from Trend Micro. Google isn’t saying which vendor is providing the antivirus technology.
Since you cannot Turn Off GMail Anti Virus Scanning, you can use these GMail hacks to send program file (exe), virus samples and other blocked formats with GMail:
Technique 1. Use a free file hosing online service like Rapidshare, Megaupload or Yousendit to upload your file and send the link of the uploaded file in your GMail message.
2. Rename the file: Change the file extension to fool the GMail scanner. The new attachment could contain instructions making it easier for the recepient to derive the actuall attachment type. For instance,
Rename Adobe-Reader.exe to Adobe-Reader.exe.removeme
3. If you have lot of exe files to send, put them in a zip file and change the extension of the zip file as mentioned in the previous step. Remember that GMail denies zip attachments that contain exe files. Pass-Protection won’t work either since GMail can examine exe filenames even in password protected zipped files as the archived filename listings are not encrypted by the Zip program.
4. Use a different compression software like WinRAR which compresses files in .rar format. GMail is currently not scanning or blocking .rar filetypes. But there is a high probability that GMail might support rar formats in future. In that case, you can consider splitting the rar files and attaching them separately (like .r1, .r2..)
Important: I would recommend only the first technique since all others violate Google policies and Google could even terminate your GMail account.
Sending Virus infected files with GMail: Yes, it is against the GMail TOS to send viruses in email but ocassionally, we need to mail an infected file for reporting purposes to an antivirus vendor. Like the Symantec Security Response center encourages users to submit virus samples for analysis. You can use any of the above techniques to bypass the virus scanner and attach infected files in your emails.
Now that limited virus scanning is in, we can expect GMail to move quickly out of the beta once the GCal (Google Calendar) application is available. The Google Calendar domain is already live.
Remote MySQL Connection to a cPanel server:: How To March 10, 2007
Posted by paragonhost in Linux, ParagonHost.2 comments
Remote MySQL Connection :: How To
Can I remotely connect to mysql? YES!Follow these simple instructions to remotely connect to mysql.
Before you can connect to MySQL, You must enable your computer as an access host. It may sound confusing, but CPanel makes this ver simpe. First, login to cpanel using yourdomain.com/cpanel. Then, on the main menu of CPanel, click [MySQL]. Now, scroll down to about mid way through the page until you see “Access Hosts:”. Under that, you will see a list of all the IPs that are permitted to connect to your mysql databases. As default, only “localhost” will be listed. Directly under that, you will see “Host (% wildcard is allowed):” with a text field next to it. In that text field you can enter your computers IP address. After you enter your IP address, click [Add Host] and your done. Your computer can now remotely connect to your mysql database(s).
How can I find out my computers IP address?
- Simple, just go to http://www.ViewIP.info Wait a minute, my IP constantly changes!
Okay, you have a dynamic IP address. Therefore, everytime you go online, or every once in awhile, your IP changes. You have a few options here. The most secure, would be to update your IP in “Allowed Hosts” in CPanel (under MySQL) everytime your IP changes. However, you do have other options available. However, you could simply enter “%” (a percentage sign) in the “access hosts” text filed in CPanel (under mysql). This would allow any IP to remotely connect via mysql. Another option: Lets say the first three parts of your IP never change. Then, you could enter 93.138.%.% , where the first two parts are your actual IP address numbers.
After your IP is added to the Access Hosts list:
First, you will have to create a mysql database and assign a user to it. Please see documentation on how to do this, as this article will assume you already have a database setup. Your username and password will be the username and password of the user assigned to the database.
Database name = cpanelusername_databasename
Database username = cpanelusername_databaseusername
MySQL Connection Port = 3306
* The database name and username is clearly displayed in CPanel, in the MySQL area.
Aggregation: ParagonHost, LLC http://www.paragonhost.com“World Class Internet Services”
MORE FREQUENT AND MORE DAMAGING ATTACKS ON DNS March 4, 2007
Posted by paragonhost in Hosting News, Security Focus.add a comment
For Immediate Release
Press Contact:
Michael Azzano
Cosmo PR
415/596-1978
michael@cosmo-pr.com
DNS EXPERT CALLS FOR PREPAREDNESS IN FACE OF POTENTIALLY
MORE FREQUENT AND MORE DAMAGING ATTACKS ON DNS
DNSstuff.com unveils one of the first public root server time maps to track performance
and minimize business risk; Recent survey data reveals that 70% of all DNS servers have
one or more improperly configured settings
Newburyport, MA – February 8, 2007 – DNSstuff.com, a global leader in DNS issues
and tools with one of the largest communities of IT professionals on the Web, today
issued a warning and called for greater preparedness as a result of the recent attack
targeting root servers. This attack is the latest in a series of distributed denial-of-service
attacks targeting DNS servers that began late last year. DNSstuff.com today also
introduced a new root server time map tool designed to help IT professionals track the
performance of and possible attacks on these servers.
“It is likely that this latest apparent probing effort was testing the resiliency of DNS,”
explained Paul D. Parisi, CTO of DNSstuff.com. “This could be a harbinger of more
targeted attacks against .com parent servers or even individual enterprise servers, neither
of which may have the resiliency or redundancy of the systems attacked earlier this week.
Either of these scenarios could have catastrophic consequences for the Internet-at-large or
specific organizations.”
New Tool to Spot Attacks
The new DNSstuff.com root server time map allows IT professionals to monitor the state
of root and .com servers supporting DNS. Now anyone can check real-time performance
of these servers to spot long latency times or unusual behavior in response times. The
root server time map can be found at http://www.dnsstuff.com/info/roottimes.htm.
Even without an increase in targeted or malicious attacks on DNS servers, many of those
same servers remain vulnerable or are performing poorly because of simple human error.
There are over 85 million domains on the Web, and a survey by DNSstuff.com of its
users revealed that there are significant, fixable configuration issues with DNS settings
for nearly 70% of those active domains. These incorrect settings can lead to site outages
or improperly routed email, and a targeted attack exploiting these settings could lead to
even more widespread network and Internet outages.
Simple Prevention Settings
“We are a robust web application and the Web’s acknowledged leader in helping IT
professionals better manage their networks and DNS through expert advice, best practices
and relevant resources,” continued Parisi. “Unfortunately, many people are relying on
improperly configured DNS and are unintentionally leaving themselves, and therefore the
web, vulnerable to attack. ”
There are some simple steps that can be taken to improve DNS security at an enterprise
level. These include maintaining a minimum of two physically and geographically
separate servers to help thwart a denial-of-service attack, and proper configuration of
your Primary and Secondary name servers to utilize the natural resiliency of DNS. More
tips and information for DNS configuration can be found at DNSstuff.com or by signing
up for the company’s monthly IQ Mail by emailing DNSIQ@dnsstuff.com.
About DNSstuff.com
DNSstuff.com is the Web’s premiere destination for DNS professionals, offering free
online tools to monitor and maintain one of the most vital, yet vulnerable, lynchpins in
the infrastructure supporting the Web – the Domain Name System. DNSstuff.com is a
web application providing expertise and all the tools necessary to ensure that your DNS
operates smoothly, efficiently and safely. It is one of the largest and most trusted
communities of IT professionals on the Web, and can be found at www.dnsstuff.com.
###
