The post Server Upgrade appeared first on CAS Netlink - Ballarat Web Hosting.

The post Hosting Price Increase appeared first on CAS Netlink - Ballarat Web Hosting.

Most hosting providers who use the WHM/CPanel platform (as we do), provide their customers with a legitimate SSL certificate free of charge by way of the AutoSSL certificate service that has been integrated with WHM for some time now. Here is the scam email our customer received:

From: SSL Security <noreply@esslcerts.com>

Subject: [Expiration Notice] ############.com.au
Certificate Purpose: Blah Blah
Message Body: This message is to alert you that the Free 1-Year subscription of the SSL certificate (HTTPS) on your website is no longer valid. This means that hackers can now snoop in on your website easily. Online viruses, bad actors or competitors can steal your sensitive personal information as well as your customers’ registration data for malicious purposes.

Further, an invalid or expired SSL also infringes GDPR (General Data Protection Regulation; effective May 25, 2018). Article 32 of GDPR requires that regulated information must be protected with appropriate technical and organizational measures, including encryption of personal data and the ability to ensure the ongoing confidentiality of systems and services.

As a result of this, Google has also started to mark all connections to your website as “insecure”. You can check this by looking at the security status (to the left of the web address) of your website in any web browser. You will see that there is no Green PADLOCK visible next to your web address.

To fix this problem, you are required to re-deploy an SSL certificate on your website now:

This will encrypt data and secure all connections on your website. The digital certificate will be emailed to you within minutes after verification.

WARNING: Your website may stop functioning securely within 72 hours if it is reported as a malicious website, as a result of hosting insecure content. For more information see part 7.2P of our service agreement. We can not be held liable for any financial or technical losses resulting from this.

The email is quite well written and I’m sure many people have been caught by this scam.

The post ESSLCerts Scam appeared first on CAS Netlink - Ballarat Web Hosting.

From: William | DNS Australia
Subject: Your domain name has been claimed

Dear Sir/Madam,

We have received a request for the registration of the website www.cbl.info Our system shows that you are the owner of www.cbl.com.au. This can have far-reaching consequences for you in the future. We are therefore under the statutory obligation to contact you, in order to offer you the first right of registration. This means that we will reject the application of the third party and the website:

     www.cbl.info

After agreement we will link this website to:

     www.cbl.com.au

This means that you will have the first option on the domain name, in order to avoid possible future problems.

We are usually under the obligation to register the domain name and to protect it for a period of 10 years. The annual price for the .INFO extension is AU$29.75 per year. This means a one-off payment of AU$297.50. When the link has been completed, all the Internet traffic that goes to the .INFO extension, will be automatically linked to your current extension and website. This process will take a maximum of 24 hours. This domain name will then have a worldwide reach. The third party will be rejected and can no longer use your domain name.

Important information:

–       You will receive a one-off invoice of AU$297.50, exclusive of GST, for a term of 10 years.

–       This contract can be cancelled at all times after the first term of one year. The paid amount for the remaining number of years will be refunded to your account.

If you agree to our offer, please send an agreement by email within 48 hours after receipt of this email, stating your name, address and ABN number in a reply to this e-mail address.

The third party will subsequently be rejected by us, and we will then complete the link. You will receive a confirmation and all the information you need by email on the same day.

With kind regards,

William Miller

They provide a bogus address in Canberra – 15 Moore Street – which is the address of an ANZ bank branch. So if you receive one of these it is safe to ignore it.

william@dnsaustralia.org  

The post DNS Australia Scam appeared first on CAS Netlink - Ballarat Web Hosting.

A popular scam in recent times is where the scammer sends you an email saying that your domain registration will expire soon. At least that’s what they hope you will believe. Your domain name and the payment links are very prominent. The language used is carefully crafted. For example, if you quickly scan over this sentence you may miss the real point:

This important expiration notification proposal notifies you about the expiration notice of your domain registration for yourdomain.com search engine optimization submission.

Many people see the part that says ‘This important expiration notification proposal notifies you about the expiration notice of your domain registration for yourdomain.com‘ and click the ‘SECURE ONLINE PAYMENT‘ link before realising that it’s just another scam. After all, it DID come from ‘Domain Registration Service SEO Company’.  The important info (including the fact that they say you can opt out by written request but don’t actually provide street addresses) is in the wording – search engine optimization’ and the small print in the footer.

Here’s another one that has been doing the rounds recently.

How To Avoid Domain Scams

It’s always best to err on the safe side, so if you do receive a renewal notice and you are unsure of whether it is genuine or not, you can usually forward it to one of the following people and simply ask them whether it is real or a scam:

• Your IT department – if you are working for a medium-large company then they should be taking care of this anyway!
• Your web designer – quite often the person who designed your website also registered your domain.
• Your web host – if you know the company that hosts your website then forward the email or give them a call. If they don’t know they will still be able to very quickly spot the scam.
• Your ISP – if you have bought a ‘bundle’ that included your domain.

If you don’t have anyone you can contact then turn to Google and search for the company it came from or some text on the notice and add the word ‘scam’ on the end. Something like this:

Domain registration company seo service scam

final reminder: domain cancellation notice scam

The post Domain Expiry Scams appeared first on CAS Netlink - Ballarat Web Hosting.

1. Large corporation that does all sorts of things for all sorts of businesses (ADSL, NBN, telephone, web hosting etc) and is mostly interested in more ‘customers = more $$$’

2. Smaller specialist web host (possibly local) which is also interested in $$$ but is also interested in knowing, and providing the best service for, each and every customer.

That might seem a bit general and perhaps even slightly harsh, but it’s the reality of the online world we live in. Huge corporations all over the world can pitch to people anywhere and, due to the sheer volume, offer prices that are sometimes ridiculously cheap. As it turns out, support is also often ridiculously poor but it’s the price many businesses pay for a cheaper service.

At CAS Netlink we’re interested in knowing who our clients are and what they do, so we know how we can best serve them. That’s one of the reasons we don’t have a ‘self serve give us your credit card number and we’ll give you a hosting account’ type of system. Besides the fact that most business owners aren’t hosting gurus who know exactly what they want/need, we also have fond memories of the ‘good old days’ when you could do things like pull into a petrol station and have someone look after you rather than doing it yourself. Or call a telephone number and speak to someone who knew who you were.

We used to all be people with names, rather than customer or account numbers. Customer support people were interested in helping rather than being more concerned about whether they hit their daily call quota.

Some would argue that providing better customer service and going the extra mile puts a hole in your profits, but we believe that good customer service creates loyalty – which is probably why many of our web hosting clients have been with us for over 10 years!

The post What Sort Of Web Hosting Provider Do You Want? appeared first on CAS Netlink - Ballarat Web Hosting.

There are also some very reliable spam filtering services which, whilst none could say they are perfect, do for the most part keep the viagra, big boobs and make-a-million-bucks-tomorrow out of your inbox. Services such as Barracuda, Senderscore, Senderbase, Spamcop, Spamhaus and Spamassassin (all of which I have used for some years)  provide a valuable service and tools to help the responsible mail admin ensure that they are seen as good netizens.

Then there’s Proofpoint.

Proofpoint is the company that Apple uses to provide spam filtering services (via IP blocking) for their me.com and other free email services they provide. Over the past couple of years I’ve had to request de-listing of false positives several times. The IPs in question were/are managed by me and all had the following characteristics.

• These were business IPs used for communication with customers
• List subscriptions were all via direct customer approval or double opt-in
• I’m on the FBL’s for all of the largest telcos and email providers and react quickly to spam complaints (Apple don’t have a FBL btw).
• The IPs in question all had scores between 95-100 at senderscore.org
• The IPs in question were all ranked ‘Good’ at senderbase.org
• None of the IPs in question had been on any other RBL/blacklist (not even false positives) over the previous 2 years

In short, the emails sent and subsequently flagged by Proofpoint were all legitimate emails with the required consent from the receivers.

If your IP is listed, you will need to visit the Proofpoint IP lookup page. Don’t be surprised if your IP is listed – Proofpoint don’t automatically remove IPs and in one case I found that an IP was listed due to 1 spam email being ‘seen’ by Proofpoint in 2012. That was before my customer had even been assigned that particular IP. You can see similar cases if you scroll through the posts on Proofpoint’s Facebook page.

Out of 4 or 5 submissions I had just one reply from Proofpoint. It seems that generally they won’t email the person who submits the false positive report (though ’email address’ is a mandatory field on their submission form). I’ve also found that the best way to ensure a fairly quick response (i.e. within a day or two) is to follow up the false positive submission with a post to their Facebook page and/or a direct message to them from their Facebook page.

So, back to the original topic of this post. It seems just a little mind boggling to me that an organisation as big as Apple would continue to use, what seems to be, a somewhat overly aggressive spam prevention service. All spam prevention services get false positives from time to time but Proofpoint seem to do it more regularly than similar service providers. This leads to legitimate emails being blocked.

All of the above raises the question (at least in my mind)… is Proofpoint bad? Well, probably not, but just not as good as some of their competitors. Partly because of the false positives and partly because they don’t communicate very well.

The most important take aways from this are:

1. DON’T ever trust your business (or other important) emails to a free email service such as me.com (or Hotmail, Livemail, GMail etc).

2. DO have someone (or at the very least, a service such as MXToolbox.com) monitoring your mail server IP.

3. You get what you pay for…

The post Proofpoint – Why Apple and Me.com email Are Not Viable For Business appeared first on CAS Netlink - Ballarat Web Hosting.

It looks like the real deal. And when you click on the link…

…it again looks genuine (click on the images to enlarge them). Check out the address in the address bar though – the domain is tpwitter.com. If you didn’t look or only gave it a cursory glance it would be easy to give away your Twitter login details.

According to the WHOIS info the domain tpwitter.com is registered to someone in China – though that is most likely false info:

Domain Name………. tpwitter.com

Creation Date…….. 2013-03-21 09:39:01
Registration Date…. 2013-03-21 09:39:01
Expiry Date………. 2014-03-21 09:39:01
Organisation Name…. zheng shi
Organisation Address. Shang hai City
Organisation Address.
Organisation Address. Shang Hai
Organisation Address. 200000
Organisation Address. SH
Organisation Address. CN

Admin Name……….. zheng shi
Admin Address…….. Shang hai City
Admin Address……..
Admin Address…….. Shang Hai
Admin Address…….. 200000
Admin Address…….. SH
Admin Address…….. CN
Admin Email………. zhengshi112@hotmail.com
Admin Phone………. +86.2164667486
Admin Fax………… +86.2164667486

Tech Name………… tao li
Tech Address……… Zhengzhou
Tech Address………
Tech Address……… Zhengzhou
Tech Address……… 450008
Tech Address……… HA
Tech Address……… CN
Tech Email……….. ym@enkj.com
Tech Phone……….. +86.37160135955
Tech Fax…………. +86.37160123888

Always be very careful when you are asked to log in anywhere – some of the crooks out there spend a lot of time carefully crafting websites to trick you into giving up your login details.

The post Clever Twitter Phish – Don’t Get Caught! appeared first on CAS Netlink - Ballarat Web Hosting.

The How Fast Is The NBN website is an accurate simulation of the difference in speed between 25Mbps and 1000Mbps. It’s worth mentioning though that it is a ‘perfect world’ simulation which assumes unlimited bandwidth in the general network infrastructure. Right now we simply don’t have the national infrastructure to support such high speed connections.

That raises the question of why we would spend all this money on something we can’t fully utilise.

The reality is that technology has been a fast moving beast for the past 30 years or so and it doesn’t show any signs of slowing down. So to create a national broadband network that for the most part only leverages the technology that is already available today is, at the very least, incredibly short sighted.

The suggestion that ’25 megs is going to be more than enough for the average household’ is right up there with Bill Gates suggestion in the 80’s that ‘630k RAM ought to be enough for anyone’. Obviously Bill didn’t foresee that in 30 years time the average computer would need 6,350 times that amount of RAM (4GB)!

As I mentioned yesterday, the two most basic issues I see with fibre to the node are that some nodes will have 20 houses attached and some may have 200 houses attached. Unless there is some sort of dynamic bandwidth wizardry, people in larger neighbourhoods may find that their speed is considerably lower than 25Mbps during peak times. Then there’s the copper wire. The further you get from the node, the slower it is going to be. Copper is also susceptible to degradation, moisture and line noise. Back in the dialup days we often had things like electric fences causing issues because they put a ‘tick’ sound through the wire.

The other problem of course is that, if we go with FTTN now, then in ten or twenty years time we’re going to be complaining about how crappy our broadband speeds are and the government of the day is going to have to replace all of the old copper lines anyway.

As an ISP business, we made the decision back in the early 00’s to ditch the 50 or so copper lines we had and replace them with a single fibre cable. We had some lines that would have issues from time to time due to things like moisture, so fibre made a lot of sense as it completely removed that variable. It also guaranteed our clients the top dialup speed if their own line was good – something we simply couldn’t do on copper. During those dialup years we had quite a few customers who had issues with their own copper lines for the same reasons – degradation and moisture.

You can read more about why fibre to the node (FTTN) is a bad thing HERE.

The post How Fast Is The NBN? appeared first on CAS Netlink - Ballarat Web Hosting.

This latest one is quite well formatted – has good english and the Telstra logo. The link leads to a page on ‘cephtex.com’ though so don’t get tricked into giving your information away!

The post Phishing In The Big Pond appeared first on CAS Netlink - Ballarat Web Hosting.