- March 2, 2004: Norman Data Defense Systems, specialists in the field of data security, have issued an alert against two new worms NetSky.D and E. These are the latest in a series of worm incidents that are currently spreading at an alarming speed worldwide.
The following is a list of the most dangerous worms detected during the past seven days,
In addition to these worms, the fast spreading worms MyDoom.F (2/21) and Netsky.B (2/18) have emerged. Of these, Mydoom.F is very destructive with a high payload using backdoor techniques, providing denial of service attacks, and deletion of files. Please be extra cautious when opening email attachments. Make sure they are from a reliable source before opening.
- January 28, 2004:
There seems to be an increase in SPAM activity again. Please be careful of which emails you open. There are once again viruses being emailed as attachments. The emails look similiar to this:
From: (spoofed name)
Body: (Varies, such as) The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment. (OR) The message contains Unicode characters and has been sent as a binary attachment. (OR) Mail transaction failed. Partial message is available. Attachment: (varies [.exe, .pif, .cmd, .scr] - often arrives in a ZIP archive) (22,528 bytes) examples (common names, but can be random) [*]doc.bat [*]document.zip [*]message.zip [*]readme.zip [*]text.pif [*]hello.cmd [*]body.scr [*]test.htm.pif [*]data.txt.exe [*]file.scr
The icon used by the file tries to make it appear as if the attachment is a text file Remote Access Component. The worm opens a connection on TCP port 3127 suggesting remote access capabilities.
If you have only opened emails like this but have not opened any attachments then you will not have the virus. If you open or have opened an attachment of one of these please go to the website of the virus protection software you have and download the latest update or follow any directions they offer. The name of the virus is W32/Mydoom@MM or W32.Novarg.A@mm
Some additional information from http://email@example.com: When a computer is infected, the worm will set up a backdoor into the system by opening TCP ports 3127 through 3198, which can potentially allow an attacker to connect to the computer and use it as a proxy to gain access to its network resources. In addition, the backdoor can download and execute arbitrary files. The worm will perform a Denial of Service (DoS) starting on February 1, 2004. It also has a trigger date to stop spreading on February 12, 2004. These two events will only occur if the worm is run between or after those dates. While the worm will stop spreading on February 12, 2004, the backdoor component will continue to function after this date.
- January 22, 2004: A few of our sites were attacked by a 'hacker'. There was a security hole in VBB that allowed a 'hacker' to delete the index.htm pages via a 'root' command. This was found and fixed. They did not gain access to individual accounts.
- December 6, 2003: We have increased the amount of bandwidth available in each package.
- November 20, 2003: One of our servers had a large DDOS (Denial of Dervice) attack today. Only a couple of our sites were affected for very short periods of time periodically throughout the day while we banned the attacking IP's. This attack did not affect email.
- November 14, 2003: The Control Panel has been updated.
- PERL updated to 5.6.1
- PHP updated to 4.3.3
- MySQL Database updated to 4.0.15-standard
- August 19, 2003: Around the same time the msblast worm started to affect computers that have the Windows operating system of 2000 or XP, a new wave of SPAM that contains viruses started coming in. If you are receiving email with attachments and don't know who it is from it is strongly recommended you delete these emails. The viruses can only be launched if you open the attachments (not the emails themselves). Most of the viruses are in the form of attachments with extension .exe, .pif, or .src .
- August 4, 2003: A few of our sites were attacked by a 'hacker'. There was a security hole in phpBB that allowed a 'hacker' to upload a new index.html page. This was found and fixed. They did not gain access to individual accounts.
- June 6, 2003: The Control Panel has been updated.
- PERL updated to 5.006001
- PHP updated to 4.3.1
- MySQL Database updated to 4.0.12
- June 5, 2003: Our rates for certain domain names have changed. We now register .info, .biz, and .us for $15 per year. There is no longer a requirement for 2 year registration. This is now retroactive to June 1, 2003.
- April 24, 2003: Our servers had a very large DOS (Denial of Dervice) attack today. It took a number of hours to fix and did take our servers down. All sites are back up and fully functioning. This attack did not affect email. When we fixed the servers we added an anti-hacking software program to hopefully minimize against large attacks and eliminate the smaller attacks from affecting the servers.
- March 24, 2003: The Control Panel has been upgraded and new fixes are in place.
- You can now choose to keep or delete the stats log and the logging level. You can also choose to disable disk quota display caching.
(6.2.0 build 12 or later only)
- cPanel has been heavily optimized to load almost twice as fast on most pages, and up to 50 times as fast on pages that listed subdomains, addon domains etc. Severity: (6.2.0 build 12 or later only)
- Fixed a bug in the add package script.
- Fixed a problem with subdomain bandwidth not being displayed.
- PHP BB Updated to 2.0.4
- Fixed a problem with cpanel not listing all subdomains.
- Username Change support. You can now change username user the 'Modify an Account' function. (6.2.0 build 12 or later only)
- March 19, 2003: Please take note: We have already had one cyber terrorism attack today. The attacks seem to be targeting security holes in forum software to remove index files (your home page) and replace them for their own political agenda. If you have a critical forum it is highly advisable to back them up often during these current times in addition to backing up your site. Navona Designs currently has a backup of each site hosted so if you notice any problems please contact us immediately so we can get your site fixed and ban the IP's of the attackers. The industry also expects an increase in US targeted DOS attacks which we will be monitoring closely. IMPORTANT: Some of the attacks are asking people to email personal information to them. For you own safety DO NOT under any circumstances do this. Please don't hesitate to contact us via email or Instant Messenger.
- March 12, 2003: Our Sales and Service Department has now added Instant Messenger Service to assist all account holders with any questions. Any technical questions should still be emailed to tech support, but our Sales and Service staff may be able to assist. They are available M-F 11a.m. - 1p.m., and 3p.m. - 5p.m. and at various hours throughout the day. All times USA Pacific time.
- February 28, 2003: Upgraded to new servers. We are now using P4's 2.0 0 GHz, 3 main pipe providers with 8 OC48's connections.
- February 18, 2003: The Control Panel for all sites has been updated on the backend to speed it up, and keep it up to date. Very minor changes:
- Mailbox Quota Warnings: Users will now recieve a warning when one of their mailboxes are about to exceed their quota. This can be disabled in 'Tweak Settings'.
- Disk Space Warnings: Users will now recieve a warning when their account is about to exceed its quota. This can be disabled in 'Tweak Settings'.
- Detailed Bandwidth Reporting: The type of traffic (http,pop3,ftp), and the day that the traffic happened is now displayed in cPanel's bandwidth page.
- Fixed a problem with Internet Explorer and Addon Scripts.
- Phpmyadmin no longer gives improper warnings.
- January 31, 2003: Last weekend a major worm attacked many servers worldwide. Our servers were slowed for a few hours so if you experienced any problems this is why. The worm does not affect home computers. For more information you can find it here: http://news.bbc.co.uk/1/hi/technology/2693925.stm.
- January 22, 2003: Are you getting SPAM mail? We have SPAM protection on all email accounts; however, occasionally they can get through. We recommend you do not respond to them. Just delete them. If you open them up and there is an attachment don't open the attachment it could be a virus. Also we advise against clicking on the remove link because that just verifies this is a valid email address and you may get more SPAM. Please contact us if you are getting a lot of SPAM in your emails hosted by Navona Designs.
- January 15, 2003: Navona Designs is now offering your own private secure certificates. Currently you are using our standard secure certificate from Thawte at 128bit encryption SSL at https://www.securesite10.com/~yourusername. This is available to you at no extra charge. However if you want your own private secure certificate with 128bit encryption SSL at https://www.yourdomainname.com we can set this up for you. There is no setup fee. The price for 1 year is $107.44. Just contact our Sales Department if you have any questions or want to set it up.
- January 13, 2003: There is a free virus protection program available at this address:
http://www.grisoft.com/html/us_downl.htm?session=45a8073926b1d0b0f99de2266ab95763 Anti-Virus system to reliably protect your computer and data free of charge.
- January 11, 2003: Are you receiving a lot of Spam or unwanted mail? If you don't want it all we suggest a free program: http://www.mailwasher.net. This program allows you to check your emails while they are still on the server, and only download those you want. You can delete the unwanted email directly off the server. If you see a common spam address or IP then you can blacklist that spam automatically. The software will also Bounce back unwanted e-mails so it looks as if your email address is not valid. This will make the sender think your address is no longer active or valid so your name can be removed from their list. You may also want to check out: http://www.eprompter.com.
Contact our Tech Support with any questions you have.