Despite the fact that the Internet is home to some really bad people, bloggers and website owners worldwide have shown once again that blogging is all about being inspired by other people’s success. Unless you live on the moon, you would have heard about David Airey’s demise about his .com blog being “cracked” by a devious individual supposedly from Iran.
It happened in the week before Christmas and has resulted in a tremendous wave of support from bloggers all around the world. David has now finally gotten his domain back and his story is one of despair, frustration, resolve and happiness. Hearing about David really made me think in terms of how safe our domains really are?
Since I’m not technically savvy (except for self taught stuff) it would be hard to know whether I’m currently exposed to hackers and crackers or whether there is nothing to worry about. David’s demise was initiated by a security issue in GMail, but how do we know whether we don’t have the same issues with other things instead?
The thought is scary and therefore I went and dug up some information from the net to help me understand on what can be done to help protect our domains and our computers.
Email:
Clients such as GMail, Microsoft Outlook, Outlook Express and other email programs do contain security loopholes that can be accessed by hackers or crackers through a backdoor. They can infest our computers and access private data without our knowledge and often this kind of infection can be happening under our nose and through our contact email folder too.
To prevent this we need to make sure we run security updates and also have an updated firewall and virus protection at all times. Norton, CA, Zone Alarm are amongst some of the more widely used protection suites.
In the worst case scenario hackers will steal our private data and damage our computer beyond usability. That is why it is so important to backup our files every day/week or month.
FTP:
We use FTP to upload files to the servers and this can easily be exposed just like email programs. Hackers will send a Trojan style backdoor program that accesses your computer and send private data through the Internet without your consent.
An option to stop this from happening is to never open any attachments from emails we don’t know, expect or find rather strange. Also, you could un-tick your firewalls FTP access and only allow when you are in the process of uploading files.
WordPress:
This is a biggie since most of us are on running WordPress these days and all though the bloggers who run the free WordPress blogs can’t really help themselves except use a rather complicated password and update it often, those with self hosted WordPress blogs can.
I found an excellent white paper that will give you certain peace of mind and lets you configure your WordPress security to protect against unjustly intrusion.
Conclusion:
I think it is suffice to say that we can do simple things to protect ourselves against hackers and crackers. One would be to use different and complicated passwords and chance them frequently.
The other would be to use common sense when using online applications. Plugins, Widgets, Share Ware and Software in general have the potential to do us harm and often we use them on recommendation and trust bases from other bloggers.
If you rather want to exert caution, then it might help to test them on an offline server first. Xamplite is a good way to test all your WordPress related themes, Plugins and more offline.
The threat of being hacked certainly exists for all of us, but with a little information and tweaking we can help ourselves. Another great way to stay in touch with what hackers and crackers are up to is to search for online forums and websites where these people congregate.
Monika
Technorati Tags: domain safety,protect your domain,protect my computer,how to protect
If you're new here, you may want to subscribe to my RSS Feed. Thanks for visiting! And please feel free to comment. Top commenter's will go into my weekly Link Love Pot
Thanks for such a great post Monika! I’m not good at this type of thing either, so this was a big help. It would be absolutely devastating if anything ever happened. Thank you.
Tay: hey, it was a pleasure. I actually like researching stuff I know nothing about since it helps me learn too. Also, what I forgot to mention is that browsing with IE7 is not as safe as with Firefox.
Wow, thanks so much for this information! I’m actually considering moving my blogspot blog over to my own domain at WordPress.org, so this is exceptional help.
I feel so bad for David; I can’t imagine what he went through!
I’m feeling bad for David too. Thank god he got his asset back. If you fight for it properly you will win. patient, don’t panic and stay cool make things all work smoothly. i hope the authority could bring the man to justice. i believe the ‘crakers’ use some identified origin to mislead people. i have seen it a lot on the net. man pose as woman to get attention stuff like that. internet is full of lies, scam and spam. so we have to prepare our self be cautious always. Thanks Monika for the post.
Hi Monika,
Thanks for the kind mention here, and I enjoyed reading your post.
I hope you have a fantastic 2008!
WTCH: you are welcome. You will undoubtedly love WordPress.
moneytalks: yes, being cautious does help.
David: Hey, it was a pleasure. Hearing about your ordeal really was very sad and annoying and I’m happy your got it all sorted now.
Take care and I also wish you the best of success.
[…] How Safe is Our Domain by The Writers Manifesto Blog. […]
I’d have to agree with that comment. Even though it’s a reality that many domain registrants aren’t tech-savvy, it’ll surely surprise many to know it only takes a few steps to ensure your domain names are safe.
Two things I’ll add are never to take this thing for granted, and to try to form a “relationship” with your domain registrar. The latter is especially needed because only they can try to correct it if it’s reported promptly.
A thousand pardons, BTW, that my blog’s rather empty for now. I’m trying to rebuild it ASAP.
Dave: that relationship thing with the domain registrar sounds great in theory, but how does it work in practice if they have millions of domains? I’m sure they wouldn’t be interested in hearing from me just checking in to say hello.
Maybe you could explain a little more what you meant with this?
Good question. It’s especially harder to even remotely achieve that when you only have one domain name with the registrar and you’re considered a “number”.
One reality is the big registrars like Go Daddy, eNom and Network Solutions give priority service to those who have numerous domain names with them, especially if they’re very long-time customers. It gets harder to manage the “smaller” customers like you and me.
You’ll definitely have an advantage, though, if you happen to know someone from the registrar and can almost contact that person anytime. That’s one way to establish a relationship, albeit it’s easier said than done if you don’t know who exactly to form that with.
Fortunately there are lesser-known registrars who are more capable of offering personalized service, yet do everything they can to help keep your domain name safe. Just gotta find that “one”, though.
On the side, I finally got my blog fully restored! Whew!
Dave: good points you touched there. The one thing though with the smaller registrars is that some are outright cheats and I rather go with a reputable company.
I can see though that being with a more personalized service and being looked after could be a bit like hitting the jackpot.
Your blog is interesting, I had a little peekaboo.
One (recently accredited) registrar you can look at is none other than NameCheap itself. Another is Moniker (who I currently promote for a variety of reasons).
Hope these help somehow.
It is quite scary how people we call “hackers” can rob us of our identity on the Internet. One thing that people should be careful of is filling out online application forms. Like many, I like to use the same password for many things, this is stupid I know, and it is something I have been in the process of cleaning up.
A common way someone can get your username and password information is to gain your interest in a bogus service that requires registration. Many people without putting much thought to it will register for the bogus service using a username and password that is commonly used on many other services that require username/password entry.
From there the information is collected and the hacker can visit many of the most common sites that require access and attempt to log in. GoDaddy.com would be a great example. I own over 1000 domain names now and you would not believe the password I use for my account now.
I would suggest that people totally be careful with with sites that register to. Awesome post and thanks for sharing the story.
Garry: thank you for sharing this valuable tip. You know, you are right, I would never question a site that asks for registration in regards of trying to be like a phishing site.
I suppose we sometimes take things for granted in that regard and once we are ready to sign up, we simply assume that the site is legitimate.
Your point just proved that we need to be more careful and the best way we can do this is with having different passwords that are complicated to crack.
Thank you for mentioning this.