Security researchers have developed a new type of malicious rootkit software that hides itself in an obscure part of a computer's microprocessor, hidden from current antivirus products.

Called a System Management Mode (SMM) rootkit, the software runs in a protected part of a computer's memory that can be locked and rendered invisible to the operating system, but which can give attackers a picture of what's happening in a computer's memory.

The proof-of-concept software will be demonstrated publicly for the first time at the Black Hat security conference in Las Vegas this August. The rootkits used by cyber crooks today are sneaky programs designed to cover up their tracks while they run in order to avoid detection. Rootkits hit the mainstream in late 2005 when Sony BMG Music used rootkit techniques to hide its copy protection software. The music company was ultimately forced to recall millions of CDs amid the ensuing scandal.

In recent years, however, researchers have been looking at ways to run rootkits outside of the operating system, where they are much harder to detect. For example, two years ago researcher Joanna Rutkowska introduced a rootkit called Blue Pill, which used AMD's chip-level virtualization technology to hide itself. She said the technology could eventually be used to create "100 percent undetectable malware." Full Article

---

ActiveServers SupportActiveServers.

After a long period of resistance to Linux in general we have offered Linux specifically CentOS to clients. The response to our offering of CentOS and Virtual-Min has almost been alarming. We have given enough demos to our clients that we have seen the number of machine builds grow by over 300%. Being a exclusive windows host for over 10 years made us wonder if we would be overwhelmed by support.

We have to give alot of credit to the guys at Virtualmin for this lack of support we originally expected. We have many comments from clients who have been exclusive windows people for years. Quotes like; "You have made the web developer enviroment exciting again"! We stumbled on this install tutuorial on the web and thought we woud share it with people looking to setup their own local boxes. "Learn More"

We have also been exploring Ubuntu for desktops with everyone complaining about windows vista. It is clear some of the free alternatives these days are just as good as going out and blowing your wad on a OS. We personally love this article from a MAC user who decided to give Ubuntu a spin. It was a nice read without all the typical lame input. It seemed the writer learned, there are other OS options available that acutally run better than MAC. Go Figure! Full Article.

---

ActiveServers SupportActiveServers.

How it works: The USPTO (US Patent & Trademark Office) gets the initial patent application from the inventor or patent agent. But it can take a while to grant or deny a patent application. They have a heavy workload, examining and publishing thousands of patents each week! However, during the period of waiting for a USPTO grant decision, the USPTO publishes the patent application at some point (usually after 18 months) and the general public may view the full contents and it is in the public domain. (note: FreshPatents.com does not have access to and does not publish confidential and/or non-USPTO-published Patent Applications!)

Next, FreshPatents.com (no affiliation with the USPTO) empowers users with FREE tools to better find and track published patent applications. FreshPatents.com features the latest published US patent applications...which is certainly useful for your business and technology intelligence needs.

---

ActiveServers SupportActiveServers.

In case you're having a hard time keeping track, here's a brief history of events as they've unfurled in the ongoing Microsoft-Yahoo drama:

May 2006: Some of the earliest rumors that Microsoft is considering an offer to buy Yahoo appear in the New York Post and The Wall Street Journal; at the time such a deal is considered far-fetched, so the rumors are dismissed fairly quickly.

October 2006: Rumors begin to swirl that Yahoo has approached Time Warner about purchasing AOL, a notion that is somewhat more believable than a Microsoft-Yahoo deal.

2007: Microsoft-Yahoo rumors surface from time to time but disappear soon after as there is nothing to substantiate them.

Feb. 1, 2008: In the shot heard 'round the Internet, Microsoft makes a formal purchase offer of $44.6 billion based on Yahoo's stock price of $19.18; Yahoo's stock price starts rising.

Feb. 11: Yahoo rejects Microsoft's offer as too low; Yahoo stock price closes at $29.87. According to the rumor mill, Yahoo is now looking for closer to $40 a share because the value of the company has risen since the offer.

Feb. 12: Microsoft for the first time publicly hints in a letter to Yahoo that it is willing to get hostile in its takeover, saying it "reserves the right to pursue all necessary steps to ensure that Yahoo's shareholders are provided with the opportunity to realize the value inherent in our proposal."

March 5: Reports emerge that Yahoo is stepping up negotiations with Time Warner for some kind of tie-up with AOL. Meanwhile, reports make the rounds that Microsoft will mount a proxy fight if Yahoo won't play ball.

March 11: News Corp.'s Murdoch says publicly that he won't "get into a fight" with Microsoft over Yahoo, because the software giant has "a lot more money" than his company.

April 5: Microsoft sends Yahoo a join-us-or-die letter, claiming that if the two companies can't make a deal in three weeks, Microsoft will take its offer directly to shareholders in a proxy battle. In the letter, signed by Microsoft CEO Steve Ballmer, Microsoft basically tells Yahoo board members they've run out of better options, and it would be foolish not to accept an offer immediately. Microsoft also hints that it would consider Yahoo less valuable if it is forced to mount a proxy fight, thus threatening to lower its offer.

April 7: Yahoo again rejects Microsoft's offer on the basis that it is too low. In a letter signed by Chairman Roy Bostock and CEO Jerry Yang, the company calls Microsoft's threat of a proxy battle "unproductive," and says it would consider a deal if Microsoft was willing to pony up more dough.

April 9: Yahoo says it is testing the display of Google search ads in a small number of its search-engine queries, a move seen as a way to stave off Microsoft's advances. Microsoft immediately attacks that notion as anticompetitive and says it would never pass regulatory approval.

April 10: News Corp. is said to be in talks with Microsoft to join forces to buy Yahoo, seen by many as a way that Microsoft can raise its offer without spending any more money. At the same time, the old Yahoo-AOL union talk again makes the rounds.

---

ActiveServers SupportActiveServers.

Dear Rob,

Why does PC Pitstop keep bashing Vista? Isn't it like biting the hand that feeds you?

Your Pal,

While I found many of the issues simply quarks I can say that there are some valid points. Though there is one which no one mentioned which personally I find quite annoying. I know how to shut it off but that is not the point. If I have to approve an execute then don't throw the machine in a tail spin to display a dialog asking my approval.

Honestly the truth is that none of this is necessary in a MAC as there is no need to protect system32 or the OS to this degree from the operator. While a .dll and cab files gain speed the trade off is questionable more every year. It does take a bit longer to execute a process in NIX, but with machines running faster all the time the trade off becomes less important.

I do not care for an operating system wants me to change my behavior, rather than being flexible to mine. Honestly I cannot believe the people inside are ignoring the same things everyone else sees they see. It is simply a case of denial on many fronts, while XP is near its end of life, people are faced with a couple of good choices. This should have MS being aggressive and this is clearly not the case. This too should indicate to those on top there is a problem.

---

ActiveServers SupportActiveServers.

Linksys RV016 16-Port VPN Router The Linksys 10/100 16-Port VPN Router is an advanced Internet-sharing network solution for your small business needs. Like any router, it lets multiple computers in your office share an Internet connection, but the 16 ports on this Router feature unprecedented versatility. Two are dedicated Internet ports that let you connect a second Internet line as a backup to ensure that you're never disconnected. Or, you can use both Internet ports at the same time, and let the router balance your office's requirements between them for maximum bandwidth efficiency.

The Virtual Private Network (VPN) capability creates encrypted "tunnels" through the Internet, allowing up to 50 remote office or traveling users to securely connect into your office network from off-site. Users connecting through a VPN tunnel are attached to your company's network -- with secure access to files, e-mail, and your intranet -- just as if they were in the building. You can also use the VPN capability to allow users on your small office network to securely connect out to a corporate network. Not enough? Up to five of the thirteen full-duplex switched 10/100 Ethernet ports can be reconfigured as Internet ports, for an up to seven-port failover or load balanced redundancy! Finally, a dedicated DMZ port gives you a publicly accessible channel so you can set up a web or FTP server, unimpeded by the powerful security features of the Router. You can find this router as low as $419.99.

---

ActiveServers SupportActiveServers.

Warner Music Group is reportedly considering a plan to have Internet service providers add $5 a month to subscribers' bills for unlimited access to music on the Web. Full Article here.

Now here is a cure to the problem. Have everyone pay, and a totally strapped ISP industry collect and pay for something the media industry cannot control on their own. Lets see with the names like TimeWarner Cable, Comcast, Roadrunner, Cox and Charter holding the lions share of cable networks.

In america the adsl based ISP find it nearly impossible to compete with cable. This due to the amount of bandwidth cable companies provide, this is primarily due to the fact that ADSL simply will not support this type of bandwidth. Now it seems they really want to collect a tax from each of their clients to pay for those who listen to music on the web.

The handful of small ISP's left would simply be driven again by telling the small number of users left they will have to tax them $5.00 so the Music Industry gets their part of the pie. Of course this means nothing to the Cable Companies who already dominate the industry. Seems to me they already make enough money off their user base, without taxing their client base to some 20 billion dollars more.

I currently pay $180 per month for cable TV and internet. If this is typical and 5.00 relates to 20 billion. It does not take a math major to see how big this pie really is.

Does anyone even remember cable TV that was not loaded with commericals? When it is the only game in town, I am sorry but this is nothing more than a monopoly. One which is now seeking to add another $5.00 to the bill.

---

ActiveServers SupportActiveServers.

A blossoming Web attack, first reported by security researcher Dancho Danchev earlier this month, has expanded to hit more than a million Web pages, including many well-known sites.

The number and importance of the sites has increased," wrote Danchev in a where he reported that trusted Web sites such as USAToday.com, Target.com, and Walmart.com have been hit with the attack.

The criminals behind this have not actually hacked into servers, but they are taking advantage of Web programming errors to inject malicious code into search results pages created by the Web sites' internal search engines.

Malicious parties are actively poisoning these sites' search query caching feature to position the keywords among the top ten search results, thereby infecting anyone coming across them," said Danchev, in an instant-message interview.

He believes that more than 1 million Web pages have been infected using this technique.

"The more keywords they submit with [malicious] script, the more pages with popular keywords the high page ranked sites would cache," he said. This increases the chance that someone will see the search results hosted on the reputable site and click on the malicious page.

The Web sites that have been hit with this attack could fix the problem by doing a better job of checking the search queries on their internal search engines to make sure that there is no malicious code in them, Danchev said.

Hackers are increasingly looking for ways to install their code on trusted Web sites. In recent weeks, security vendors have found hundreds of thousands of Web pages affected by this and other similar attacks.

---

ActiveServers SupportActiveServers.

Things to know before you download Windows Vista SP1

• Windows Vista SP1 is available in English, French, German, Spanish, and Japanese. Other languages will be made available soon.
• Microsoft strongly recommends using Windows Update to download and install Windows Vista SP1 on single PCs:
  • The download size from Windows Update of Windows Vista SP1 for x86 is 65 MB (compared to 450 MB from the Microsoft Download Center).
  • The download size from Windows Update of Windows Vista SP1 for x64 is 125 MB (compared to 745 MB from the Microsoft Download Center).
  • Windows Update will recognize PCs with known problematic drivers and postpone downloading Windows Vista SP1 until the PC has updated drivers or other applicable updates. Using Windows Update will help ensure you have the most trouble-free update experience possible.
  • Some Windows Vista users may encounter an issue with a small set of hardware devices that may not function properly after updating a Windows Vista PC to Windows Vista SP1.   This is an issue with the way the device drivers were re-installed during the Windows Vista SP1 update process, not with the drivers themselves—these drivers worked on Windows Vista RTM and they work on Windows Vista SP1.  This problem is typically corrected by simply uninstalling and reinstalling the driver. We are working with the manufacturers of these devices to get the known problematic drivers and their install programs updated, and also on other solutions we can use to ensure a smooth customer experience when updating to Windows Vista SP1 using Windows Update. For new PCs provisioned with Windows Vista SP1, this is not an issue.
• If you choose to install Windows Vista SP1 via the standalone installer available on the Microsoft Download Center, Microsoft advises that you first visit Windows Update and install all optional drivers. Read Knowledge Base Articles 948187 and 948343 for more information.
• If you have a prior version of the Windows Vista SP1 beta installed, you must uninstall it prior to installing the final version. Use the Control Panel applet "Programs and Features" and select "View installed updates" from the top left of the task pane. Under Windows, look for "Service Pack for Windows (KB936330).

---

ActiveServers SupportActiveServers.

Starting at $75,000, the Nexus 7000 will ship in the second quarter with a new advanced operating system, the Nexus Operating System (NX-OS), said Jayshree Ullal, senior vice president of Cisco's data center, switching and services unit. Cisco also announced a new Trusted Security architecture and an expansion to the Catalyst family of switches, which have helped the company corral 70% of the global switching market. More than 1,500 patents were used in creating the Nexus platform, which cost Cisco more than $1 billion in research and development, Ullal said in an interview. The Nexus 7000 will deliver up to 15Tbit/sec. of switching capacity in a single chassis, with 512 ports for 10Gbit/sec. Ethernet, she said. In the future, Cisco will deliver 40Gbit/sec. and 100Gbit/sec. ports.

Nexus 7000 also incorporates Cisco Trusted Security for the first time to integrate identity- and role-based security across data centers. Also, a new Data Center Network Manager is designed to give administrators visual information that will improve efficiency and awareness. Cisco also unveiled a 16-port 10 Gigabit Ethernet module for the Catalyst 6500 Series Switch, which can help reduce power consumption by up to 50% per port, Cisco said. Pricing was not disclosed; the new module ships in the second quarter. "Learn More"

---

ActiveServers SupportActiveServers.

I liked this article so much I felt compelled to acknowledge once again just how ignorant people actually are about spam. Let's first divide the posts into groups. For the referenced article "Click Here"

1. The Questioned:  The person who thinks they should have a free email address and filtering should be Enterprise level and they should behave any way they want. Love the post from the person who said I get 1000’s of emails a day.  Personally if this is true your activity on the web is certainly questionable.

2. The Silly: “Is it legal, if I write an anti spam eraser that goes back to the source and simply removes the spam from their hard drive(s)?”

3. The Lost: “I have gone so far as to chase down the owners of blocks of addresses and emailed them about spammers and the email was returned.” Ever hear of spoofing? One can spoof a email address, IP address and even a MAC address. Ever hear of a zombie?

4. The Confused:  “I use a bounce program. Every spam email gets sent back ten times. It’s reduced my spam by at least 50% which is a real relief. The big problem now is bogus addresses. About 20% of my spam now comes from non-existent addresses.” You are as much the problem as the solution. You have assumed you have the target in the first place. You only aggravate the situation by thinking you are fighting back. If it were a real source on the bounce then they are now certain they have a good email address. After all you have made sure they know. Also a good read of the RFC’s concerning backscatter specifically will point out the error in your ways.

5. The Knowledgeable: “I’m an IT Director at a small hospital with a mature domain name (12 years old). SPAM accounts for over 99% of all e-mail handled by my system - and that’s a calculation, NOT an estimate. I spend about $12,000 per year managing SPAM.”  What can you say the person who wrote this has a firm grip of the magnitude of the problem, and the costs associated to good spam filtering.

6. The Diluted: People who believe something on their desktop is the solution. Please it is over! The best this can do is decide whether to keep it or trash it. The transaction is over when it reached the server. The point where you want to stop it is deciding whether to accept or delete it on the server. 

Any install of MailScanner on a server configured correctly can get the top 90% of spam. It is that number between 90% and 99.9% which is hard to reach. What is so amazing is some novice on a desktop seems to think they have the solution to a problem which is so complex there is simply no single answer to. There are millions of professionals fighting this problem every single day, yet they have the solution. Also they do not seem to understand that the person they are defending against are as good at their job.

Has anyone complained once to your postman that it should be their job to filter your mail? Have you stopped those stupid phone sales calls when you are at home trying to relax? With everything on the web even things that are free, people think it is a right to be protected in a world that is honestly quite dangerous. Your protection ended when you connected that cable directly to the web really. If you want to be really secure just unplug it.

---

ActiveServers SupportActiveServers.

Websense Security Labs has discovered that Google’s popular web mail service Gmail is being targeted in recent spammer tactics. Spammers in these attacks managed to created bots that are capable of signing up and creating random Gmail accounts for spamming purposes.

Websense believes that from the spammers’ perspective, there are four main advantages to this approach. First, signing up for an account with Google allows access to its wide portfolio of services. Second, Google’s domains are unlikely to be blacklisted. Third, they are free to sign up. And fourth, it may be hard to keep track of them as millions of users worldwide are using various Google services on a regular basis. Learn More

---

ActiveServers SupportActiveServers.

Do you have  multiple domain names that all lead to the same web site? Valid reasons for doing this include helping visitors who may type a domain name with spelling mistakes, hyphens, no hyphens or confuse different names, as well as preventing competitors and name squatters from using a similar domain name. For a few dollars per year per domain name, it often makes sense to buy all the obvious mistakes and permutations of your valuable domains.

With Apache servers use mod_rewrite

When you attach multiple domain names to a site, search engines can become confused and your rankings may suffer. If they find the same page at two or more different URLs, the search engines will sometimes filter out the extra listings, but there's no guarantee of which ones they filter. You also don't want people linking to your site with non-standard domain names because that will tend to divide your inbound link strength. Google themselves say,

With Microsoft Windows Internet Information Services (IIS) servers use ISAPI_rewrite

"If your site is appearing as two different listings in our search results, we suggest consolidating these listings so we can more accurately determine your site's PageRank."¹

Why leave it to chance? With a few lines of code you can make sure all your URLs use consistent domain names. When we have multiple domain names on one site, we set up a permanent 301 redirect for any extra domains, as well as the www subdomain or the non-www domain. If you have an Apache web server, add the following code to a .htaccess file in the top level directory, replacing the test domain name with yours:

          Options
   +FollowSymlinks RewriteEngine on RewriteCond %{HTTP_HOST} !^www\.test\.com RewriteRule
   ^(.*) http://www.test.com/$1 [L,R=301]
        

If you are using a Microsoft IIS web server, we recommend using ISAPI_rewrite to simulate Apache's .htaccess feature. To begin, you or your hosting provider needs to install ISAPI_rewrite on the server. Then you would create a httpd.ini file in the top level directory as follows, replacing the test domain name with yours.

          RewriteCond
   Host: (?!^www\.test\.com$).* RewriteRule (.+) http\://www.test.com$1 [RP,I]
        

These solutions assume you prefer to use the www subdomain for your website. If you would rather have a non-www URL, simply remove each instance of "www\." and "www." from the rewrite conditions and rules. As with all code, please test thoroughly before deploying to your live server.

If your host does not offer ISAPI rewrite you could create a second IIS entry and redirect all the similar names to the primary (i.e.) www.domain.com. This method does take two IIS entries but will certainly achieve the same thing without the need for ISAPI rewrite if your host does not offer it.

---

ActiveServers SupportActiveServers.

The Cost-effective Alternative to Microsoft Exchange™

SmarterMail 5.x is a feature-rich Windows mail server that brings the power of enterprise-level functionality to small businesses and hosting environments. SmarterMail 5.x builds upon a solid reputation of stability, performance, and value to bring industry-leading features and security to customers at a competitive price. SmarterMail is designed to be effective in small businesses with a handful of email accounts and within large ISP/hosting environments managing thousands of domains and tens of thousands of users per server.

Learn more.

---

ActiveServers SupportActiveServers.

How do I move my dns server from one machine to another?

If you transfer all the files from the default path C:\windows\system32\dns specifally all the zone files.

Then export the key values below to .reg files then move them and add them to the new machine you should be up and running in a flash.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DNS Server

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Parameters

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Zones

---

ActiveServers SupportActiveServers.