DDos Attack Protection

About once a year, usually around Black Friday, and coinciding with the flu season, mobile security takes center stage. Maybe more so this year, given the ascendency of the smartphone coupled with browsers finally good enough to make the mobile Web a worthwhile experience.

A week or so ago, RIM’s security chief spoke about smartphone viruses and their potential usurpation of the phone as a platform for DDoS attacks. This coupled with a critical mass of open operating system devices now make the mobile phone a tempting target. We’ve been talking about mobile viruses for half a decade. This time, the threat is real.

In the same way, these virtual petri dishes are black holes into which corporate IT has no visibility. Sybase (News – Alert) recently commissioned a study of European IT executives to evaluate the magnitude of this potential exposure. The findings are downright scary, and make one wonder about the level of attention IT departments have devoted to addressing the security requirements of their mobile workers. 66 percent stated that they have no visibility into the sensitivity of data stored on mobile devices, 38 percent have no visibility into applications, and only 15 percent are confident in their ability to contain exposure if the phone is lost or stolen. In my book, considering the magnitude of exposure, this lack of security should have these IT managers camped out at the corner unemployment office (or in a more draconian mood, at the local lockup).

These metrics align with the percentage of employee-liable phones used in the enterprise, now approaching 50 percent as reported by Yankee Group (News – Alert). I won’t go into the not unexpected conclusion from the presentation about the iPhone’s readiness (or lack thereof) for enterprise use.

So what’s an operator, an enterprise, or a smartphone subscriber to do?

Needless to say, once the phone is lost or infected, it is too late. An effective over-the-air security solution, deployed as part of an overall care architecture by the operator, for employee liable devices, or by the enterprise for corporate liable devices, is the foundation. This solution will be responsible for pushing firmware or software updates to the phone, ensuring that discovered vulnerabilities are quickly patched. Extensions to widely deployed FOTA architectures meet this requirement. In some cases, the operator may mandate anti-virus software, pushed to the device (or pre-loaded at time of manufacture) by the same update conduit. If the phone is lost or stolen, the management client of the device should be capable of locking the phone and/or wiping all data.

In parallel to the operator’s care platform, user education is essential. Password protection is a given, as well as the need for backup. However, it is almost criminal that employees using their smartphone for work purposes ignore this first line of defense. And, if the user wants that which happened in Vegas to stay in Vegas, he or she can’t wait a week to report a lost phone, hoping that it will miraculously re-appear. A phone locked after compromising photos or a corporate roadmap have made it to the Internet is not nearly as good as a phone locked before. Unlocking is as easy as making a call, nothing is lost if/when the “lost” device is once again found, as an over-the-air unlock is just as fast and easy as a lock.

The real area for improvement is in the area of IT control over employee liable devices. At Interop (News – Alert) in NYC, I participated in a panel addressing just this concern. We exchanged best practices, painting a picture of what should be, though not what necessarily currently exists. Our joint observation was that IT departments need to understand that mobile devices fall into a continuum. On one extreme, there are corporate liable Blackberries or mission-specific platforms upon which you can enforce restrictive, but safe, policies (on device encryption, strong passwords etc.). There will always be a place for this. On the other are the unwashed masses with a variety of personal devices with no policy or control enforced or deployed.

But the middle? Devices with reasonable VPN or ActiveSync support with on device encryption like Windows Mobile or the iPhone (News – Alert) 3GS? Good call, it is reasonable to expect encryption on the device, something that is supported by ActiveSync policies. However, some handsets, like earlier iPhones, will report back to the server that they support on-device encryption, when they don’t.

Convenient, but dangerous because you think that you are more secure than you are. Then there are devices which will fetch your mail off the Exchange server (if the server is configured to allow low security devices), but make no claim of any sort of ActiveSync on device encryption, such as recent Android devices like the Motorola (News – Alert) Droid or the Palm Pre. Even this is not cut and dried. For example, Touchdown, an ActiveSync corporate email app, runs on Android devices but reports support of on device encryption (at least as of late November 2009) even if that capability does not yet exist. The situation is complex.

The level of visibility into these devices, and IT’s willingness (and/or ability) to lock down an employee owned device , will inform what corporate resources are made available. This in effect addresses the concerns raised by the Sybase study. No visibility. No access to ERP or Exchange.

And if the enterprise does deploy security along the lines of Credant or Good, they’ve got to make doubly sure that there is no leakage of content (i.e., contacts or photos) from the ‘public’ to the ‘enterprise’ side of the device, certifying conformance on each and every OS platform and hardware family introduced. Here, the onus is on the IT department.

As I got onto the plane in JFK, I looked around at a rather unhealthy cross-section of the traveling population (compared to SFO), wondering if it was just my phone that I needed to protect…

Tags: attacks, DDoS, DDOS attack, DDoS Attacks, Internet, Security, vulnerabilities
Posted in Mobile Security | No Comments »

If you have been trying to deliver many email messages or support your own email domain, you know how hard and costly it can become.

Sending emails in large quantities is not easy. In addition to managing your subscribers lists correctly, you need to make sure that most of your emails reach their destination.

If you are working with a shared email server, you can easily be banned for somebody else’s mistake, because an entire IP or an IP range is banned taking everybody who uses this IP with it.

If you have your own email server to send your email, it is private to you and nobody else. Our SMTP server has tons of built in features to deliver email and protect you from spammers.

We support multiple RBL servers to filter out those spammers and we can white list or black list entire IP ranges with sophisticated checking, so that only those who are authorized to relay messages will be able to do so.

Email Delivery Server is an easy-to-use yet pwoerful utility that integrates everything you need for mass miling. It featuresparametrized mailing lists, where you can import very large list of your subscribers, even with all their additional fields such as Name, address and so on and then write one email message with parameters.

Our server substitutes all parameters with correct values on the fly. That is not all, our server is a complete sending and receiving solution, so in addition to being able to relay messages, it is also able to receive them for any number of domains and any number of users that you manage.

We have built in POP3 protocol and allow all our users to get their email from our server directly. Each user’s settings are configurable and you can even set each user’s mailbox size and other parameters individually.

Here are some key features of “Email Delivery Server”:

independence from email service providers (ESP);
support of SMTP and POP3 protocols;
message queue and mailbox encryption;
incoming SPAM filtering and sender blocking;
SSL/TLS encryption for SMTP and POP3;
DDoS attack prevention and firewall features;
email message box limiting on a per-user basis;
e-campaign testing mode and final message preview;
large volume handling by using scalability features;
parametrized distribution and mailing list support.

What’s New in This Release: [ read full changelog ]

Activation bug is now fixed.

Tags: DDoS, DDOS attack, Firewall, NAT, Spam, spammer
Posted in Email Delivery | No Comments »

Network brings us a convenient, but also brings a series of problems. Viruses and malware attacks is very troublesome. Unless you pull string, otherwise will suffer from the aspects of the network, especially the threat of distributed denial of service attack, people can retreat DDos refund. We cannot prevent the attack, we can do is how to reduce losses, utmost ground protects the interests of individual and enterprise network.
A DDoS attack typically divided into three stages. First is the target confirmed: hackers will lock an IP address on the Internet. The IP address of the enterprise may represent a Web server, DNS server, Internet gateway, etc. Select the target of the attack, or for money purposes is pure pastime. Then is preparation: in this stage, the hacker intrusion Internet will have good protection system of the computer. In these computers after implantation target the necessary tools. Finally is launched actual attack stages: hackers will be sent to all orders against invasion by the computer, using the computer and ordered in advance of the implant to attack tool sends a packet that attack target unable to handle large amounts of data or bandwidth occupied. Serious word will affect the DNS, cause the whole network have paralyzed.
Of course not, facing DDoS unchecked. We can take corresponding measures to minimize the effects of such attacks.
Intrusion filter is a simple network should be implemented and all the security strategy. In your network, should establish a routing statement, all data to source IP address for this marked the packet. Although this way doesn’t prevent DDoS attack, but it can prevent DDoS attack reflex.
But many large ISP seem because all sorts of reasons refused to realize invasion of filter, so we need other ways to reduce the impact of DDoS. At present the most effective method is one of the track. By this way, the first should be determined by current is external DDoS attack, not from the connection or routing problem. Then all the edge router as soon as possible in the external interface configuration, reject all the data flow DDoS attack target. In addition, even in these edge router port configuration, will all invalid or unable to locate data source IP packets.
Such doing can decrease the impact DDos, early recovery network operation. DDoS attack, but we can prevent hard by the corresponding measures to reduce the attack in the network. We can’t predict how fierce flooding, all we can do is to build high dam, We couldn’t psych out hackers mood, so we must make full preparations.

Tags: DDoS, DDOS attack, DDoS Attacks, DNS, Internet, Security
Posted in DDoS Attacks | No Comments »

CYBERJAYA: The International Multilateral Partnership Against Cyber Threats (Impact) believes that what the world needs now is more cybersecurity experts.

Although it may sound less whimsical than the famous song, in reality, Impact said cyberspace is ever changing and the number of threats is growing everyday.

Threats are also getting more sophisticated and targeted compared to 10 years ago, said Philip Victor, Impact centre for policy and international cooperation, head of communications and outreach.

Aside from attackers being driven by financial gains from attacking global systems, Philip said that terrorists are also turning to the Internet to launch their attacks or execute their plans.

One of the more popular example of the realities of a cyberattack is the 2007 cyberwar in Estonia where attackers launched distributed denial of service (DDoS) attacks on Estonian websites including the Estonian parliament, banks, ministries and newspapers, he said.

Although the attacks may seem low-tech, a DDoS attack can disrupt everyday activities that require Internet connectivity.

“Unfortunately, there’s a lack of global cooperation to fight this due to the shortage of information security professionals,” Philip said.

In Malaysia, he said the information security professional to population ratio is 1:20,000.

“We believe the number of security professionals is growing but as the Internet population increases, we will need more,” he said.

Working towards this effort, Impact has alligned with information security certification company ISC2 to provide information security training to Impact partner countries.

“This is in line with our mandate of operationalising the Global Cybersecurity Agenda (GCA)in escalating cybersecurity capabilities to better defend againts cyberthreats,” said Datuk Mohd Noor Amin, chairman of the Impact management board.

The GCA is the United Nation’s International Telecommunication Union’s framework to enhance confidence and cybersecurity in the information society.

Through this agreement, ISC2’s certification courses such as the Certified Information Systems Security Professional, Systems Security Certified Practitioner and the Certified Secure Software Lifecycle professional will be offered in Impact’s partner countries to enhance the organisation’s position in providing a holistic approach to public sector cybersecurity.

Impact will kick off the first course, the Systems Security Certified course, in Africa in the first quarter of next year.

“Africa is a continent with growing Internet users so its logical to train security profesionals there to ensure its cyberspace is safe,” Philip said.

Impact and ISC2 are expecting 100,000 security professionals to be trained through this partnership.

“We will be working with governments to realise this goal in order to provide enough security professionals for the world,” Philip said.

W. Hord Tipton, executive director for ISC2 said the organisation is happy to work with Impact.

“We jointly believe that only by professional development can we enable the community to protect against cyberthreats and we look forward to educating more individuals,” he said.

Tags: attacks, DDoS, DDOS attack, Internet, NAT, Security
Posted in security experts | No Comments »

I’ve just attended a one day “seminar” with folks at Arbor Networks and it has been insightful.

It seems people are still pretty ignorant about DDoS attacks. Unlike the 1999 CIH virus that was programmed to take out a computer by corrupting it’s BIOS EEPROM, most of the viruses, worms, malwares and whatnots on the Internet today are around for one simple reason – money. Obviously if you’re good enough to write worms, you’d think “why write a worm for fun, when I can make money?” These worms infect computers to build Botnets, and Botnets are sold for real money on the black market to take down sites (via a DDoS), send spam, and all sorts of other things.

There was one point in particular though that caught my attention, and it was that firewalls (or in fact any type of inline device such as load balancers) are potentially targets for DDoS attacks. To make matters worse, the higher the OSI layer the firewall capability goes, the worse it gets in terms of performance and reliability.

Believe it or not, firewalls are vulnerable to serious security issues like buffer overflows just like any other server or appliance with an IP address. So it turns out that firewalls are the biggest marketing scam in the history of IT security because companies have spent millions and millions of dollars on these stuff that don’t offer much protection than say, iptables.

Just about a month ago, I spoke to one of our customers who experienced a DDoS attack launched towards their co-location in the USA. The DDoS traffic was approximately 500Mbps and it completely took out the firewall. This site provided online payment services to customers and was up and down for days. Their firewall was tiny in comparison to the DDoS they got – on paper specs states performance capabilities of 90Mbps or 30Kpps at 2.8K sessions/sec with a max of 8K sessions at any time. Of course, these are lab specifications and real world traffic wouldn’t be as forgiving.

A simple DDoS attack that’s merely 10Mbps in traffic volume would have generated millions of packets per second with a 1-byte  UDP or ICMP packet. Taking down such a firewall would be a breeze. In fact, a single modern day computer on a broadband connection could probably do the job.

If it was a TCP SYN flood, it would have been way easier. Sending 2K TCP SYN packets per second is child’s play, so filling the firewall’s state table really takes no more than 10 seconds.

I had a chat with my wife who audits financial institutions (FIs) based on the PCI-DSS standard. Most FIs providing payment card services will have to conform to this standard. This standard, however, mandates that a firewall is required to comply. Unfortunately, most FIs have a pretty average Internet connectivity pipe – somewhat in the range of 20Mbps to 100Mbps. They scale their firewalls to their connectivity, so what they have, well, closely resembles the one I described earlier.

So why were firewalls invented?

Early operating systems didn’t provide packet filtering capabilities, so the early firewalls were really just stateless packet filters that basically routed (not NAT’ed) traffic and dropped unwanted requests based on simple IP, protocol and port numbers to services that weren’t supposed to be public. Then the idea of NAT came about (remember the days of WinRoute) to allow multiple computers on a LAN to share a single IP address on a WAN link. Some smart guy then figured, “oh well, let’s put servers on a private subnet and use the NAT technology to map public and private address spaces. This way, we’re safer!” Agreeably, that was the dumbest idea ever and is a PITA to manage, but millions of servers are configured this way today. Over time, these features were slowly incorporated into the all-in-one junkbox we now call the Firewall. Sweet.

Personally, I don’t have a firewall sitting in front of my servers. All my servers are individually configured to run iptables (or ipfilter on Solaris, etc.). I am going to test the Linux TCP stack with Apache from a default CentOS install to see how much SYN flood it can hold up before giving up and maybe post some results here, including what I tweaked in the kernel.

Tags: Arbor Networks, Botnet, CIH, DDoS, Firewall, iptables, NAT, PCI-DSS, Spam
Posted in Firewalls Suck | No Comments »

Park Dong-hoon, the president of the Korea Information Security Industry Association, made a keynote speech at the 2009 Korea Information Telecommunication Facilities Engineering fall seminar on Nov 19. The presentation covered the current status and problems of knowledge information security regarding to recent DDoS crisis.

With the development of IT technology, people are now living in a ubiquitous environment where everything is connected such as cellphones, computers, and mobile devices. However, more information through various networks created more demand for security. As the network became bigger and more complex, the trend in security is also changing from technical network protection to service security. Most people have some type of information stored in more than one network and many businesses have crucial information to protect. Due to the increase of cyber crimes, the knowledge information security industry has risen and it will continue to grow to be a convergence security industry. The information security industry is defined as the industry providing services to prevent crimes and disasters through security technology like passwords, encoding, surveillance, and recognition. The industry consists of information security, physical security and convergence security.

The potential for knowledge information security is tremendous. The estimated global market for 2013 is expected to be US$368 billion. Currently, the market is dominated by the US and EU at 88%. Korea has only 1.7% of global market share. The Korean knowledge information security market is estimated at W3.1 trillion in 2007, but it is expected to reach W18.4 trillion by 2013. For information security, most high-end security hardware is imported, but Korean software is exported to Japan, the US and other countries. For physical security, the market has expanded with 32% of annual growth. The 2009 market analysis showed that law enforcement has been strengthened due to several major information theft cases. Also, the public and finance sectors plan to establish the convergence security business against DDoS attacks and the industry will get bigger through M&A.

There have been several major security breaches since 2008 – the Blue House hacking, auction.com with over 10 million id thefts, Hanaro Telecom with 6 million id thefts, GS Caltex with 1.1 mil id thefts, and the 7/7 DDoS attack crisis. These types of cases show how vulnerable sites are with low security levels. The government does not have enough human resources in the security department. Many companies do not recognize security as investment but an expense. Also, most computer users do not use anti-virus programs, and their computers are exposed to hackers and are sometimes used as zombie PCs. The level of security systems does not meet the demand for increased internet use. The R&D investment is about 1,000 times less compared to the US, based on a 2007 survey. The solution for increasing cyber attacks is to establish a cyber crisis management system and produce more security professionals with more investment. The collaboration efforts between public and private sectors will help the security industry to grow.

Tags: attacks, DDOS attack, DDoS Attacks, Hackers, Internet, Security
Posted in DDoS Attacks | No Comments »

RioRey has appointed leading IT security specialist Network Defence as its UK partner to help deliver its security solutions to the UK. RioRey will use Network Defence’s strong position in the IT security and vertical markets to deliver a new level of Internet protection to customers.

Network Defence will distribute the complete range of RioRey products, offering SMEs through to major enterprises protection against Distributed Denial of Service (DDoS) attacks. The Internet security solutions detect attacks and nullify their effects on the network; ensuring e-commerce and web hosting services remain uninterrupted in order to maintain smooth business operations.

Director of sales and education (EMEA) for RioRey, Duncan Hume, said: “As sophisticated security technology requires focus RioRey looks for top quality partners across Europe. We have worked with Network Defence for several years and the team has always impressed me, and with their combination of technical ability plus sales and marketing skills they show clear focus in a rapidly growing market sector.

“Network Defence has a strong client base in a number of vertical sectors and are clearly trusted advisors to their customers. RioRey provides DDoS protection that no other supplier can offer, by working with a dedicated partner who fully understands our needs and the needs of their customers we can ensure the clear messaging required around DDoS mitigation is delivered; they are the perfect partner for our technology.”

Dave Beesley, managing director for Network Defence, said: “DDoS threats are very real and impact the market sectors we work in everyday. RioRey’s easy-to-install and intelligent range of products complement the solutions and services Network Defence has to offer, adding great value to our portfolio. Working together we can benefit our customers by providing an additional layer of protection to those who rely on their website.”

RioRey are currently developing new products around DDoS mitigation and plan to use Network Defence as a key partner in their UK market strategy.

Tags: attacks, Dave Beesley, DDOS Protection, Duncan Hume, Internet, Security
Posted in DDoS protection solution | No Comments »

On previous post we shared the way to prepare our system to DDoS attack and the way to mitigate the risk. Now it is important to react in the good moment and make an effective action during the attack. Monitoring routers connection can help victim to detect the beginning of the attack.

First we should monitor the open Syn connections:

# Netstat-na | grep “: 80 \” | grep SYN_RCVD

At the normal situation the number should not pass the three connections. If there is more open connection than you are under attack and you should start by dropping these connections.
This is for the SYN-Flood case but for the HTTP-flood it is more complicated to detect, First you need to count number of Apache processes and number of port 80 connections:

# Ps aux | grep httpd | wc-l

# Netstat-na | grep “: 80 \” | wc-l

Next you need to check the IP-addresses list:

# Netstat-na | grep “: 80 \” | sort | uniq-c | sort-nr | less

To be sure that there is HTTP-flood attack is impossible but you can assume that you are under attack if one address in the list is repeated too many times. Additional evidence can be made using tcpdump:

# tcpdump -n -i < interface > -c 100

the Tcpdump will help you in tracking the source of the attack if a big number of packets targeting a single port / service (cgi-script or web directory).

Finally we have to start to work around the situation by dropping malicious IP-addresses. You can block IP’s directly from the router.

On the FreeBSD we can take some steps to avoid DDoS:

1 – Reduce the packet request time (protection against SYN-flood):

# Sysctl net.inet.tcp.msl = 7500

If an ACK is not received in this time, the segment can be considered “lost” and the network connection is freed.

Move your server in a blackhole when a TCP packet is received on a closed port. When set to ‘1′, SYN packets arriving on a closed port will be dropped without a RST packet being sent back

# Sysctl net.inet.tcp.blackhole = 2
# Sysctl net.inet.udp.blackhole = 1

Limits ICMP replies to 50 per second (protection against ICMP-flood):

# Sysctl net.inet.icmp.icmplim = 50

Increase the maximum number of sockets to the server that can be open (protection against all types of DDoS):

# Sysctl kern.ipc.somaxconn = 32768

Finally enable a kernel feature called DEVICE_POLLING (significantly reduces the load on the system during DDoS Attack):

1. Compiling the kernel with option “options DEVICE_POLLING”;
2. Activate the mechanism of polling: “sysctl kern.polling.enable = 1″;
3. Add the entry “kern.polling.enable = 1″ in / etc / sysctl.conf.

These are a well balanced steps to mitigate getting exposed for Distributed Denial of Service Attack

Tags: DDOS attack, freeBSD, Security
Posted in DDoS Attacks | No Comments »

Cloud computing users face problems including loss of control over data, difficulties proving compliance, and additional legal risks as data moves from one legal jurisdiction to another, according to a assessement of cloud computing risks from the European Network and Information Security Agency (ENISA).

The agency highlighted those problems as having the most serious consequences and being among the most likely for companies using cloud computing services, according to ENISA.

ENISA examined the assets that companies put at risk when they turn to cloud computing, including customer data and their own reputation; the vulnerabilities that exist in cloud computing systems; the risks to which those vulnerabilities expose businesses, and the probabilities that those risks will occur.

When moving to cloud-based computing services, companies have to hand over control to the cloud provider on a number of issues, which may affect security negatively. For example, the provider’s terms of use may not allow port scans, vulnerability assessment and penetration testing. At the same time, service level agreements (SLAs) may not include those services. The result is a gap in defenses, ENISA said in the report.

Compliance could also prove to be a big problem if the provider can’t offer the right levels of certification or the certification scheme hasn’t been adapted for cloud services, the report said.

One of the advantages of cloud services is that data can be stored in multiple locations, which could save the day in the event of an incident in one of the data centers. However, it could also be a big risk if the data centers are located in countries with a shaky legal system, according to the report.

Other areas of concern are vendor lock-in, failure of mechanisms separating different companies, management interfaces that get accessed by hackers, data not deleted properly and malicious insiders.

To minimize these risks the report proposes a list of questions that a company needs to ask potential cloud providers. For example, what guarantees does the provider offer that customer resources are fully isolated, what security education program does it run for staff, what measures are taken to ensure third-party service levels are met, and so on.

In the end a good contract can lessen the risks, according to the report. Companies should especially pay attention to their rights and obligations related to data transfers, access to data by law enforcement and notifications of breaches in security, it said.

ENISA’s report isn’t all doom and gloom, though. Using cloud computing services can result in more robust, scalable and cost-effective defenses against certain kinds of attack, according to the report. For example, the ability to dynamically allocate resources could provide better protection against DDoS (distributed denial-of-service) attacks, ENISA said.

Tags: attacks, customer data, face problems, Hackers, probabilities, security agency, vulnerabilities
Posted in Computing Risks, Uncategorized | No Comments »

A WHOIS domain search is an online utility that everyone can use to conduct a domain name search. When a search is conducted, private information about the domain name can be found. Such information can be useful for several parties.

The webmaster.

As the webmaster of the website, you can do a WHOIS search to find out if the domain name servers have been updated. Usually, a DNS change takes just several hours. In rare cases, it can take up to 48 hours. When the update is completed, the primary and secondary DNS will show up in the search results. This is a clear indication that the update has been completed.

The domain name buyer.

An individual may be interested in a domain name, but the name is already registered. By conducting a WHOIS search, the interested buyer can find out when the domain is expiring. He may then try to buy the domain if it’s not renewed. Alternatively, he may try to contact the domain owner directly by writing an email to the owner. Contact information is available with the search.

The spammer.

Spammers like to conduct WHOIS search to harvest email addresses. They then send unsolicited emails to these addresses in an attempt to market some product or service. The act of sending a spam email is illegal. Still, thousands of spam emails go out everyday because it is very hard for the authorities to catch up with the spammers.

The hackers.

This malicious group of individuals make a WHOIS search to find out where a website is hosted (based on the DNS). They then try to attack the servers. One popular method include a DDOS attack. Hackers send data packets to the servers until the servers slow down to a crawl. If protection software is not installed, the server can be crippled for hours.

As you can see, some people use the information for commercial purposes, while others use it for malicious purposes. You want to avoid attracting attention from the spammers and hackers. The only way you can do that, is to protect your domain name information. You can do so by signing up for domain privacy. This requires you to pay a small fee, but if you don’t want to reveal your personal details, it’s a useful little feature.

After you have signed up for the feature, your information will not be revealed in a WHOIS search. All the server info, personal emails and addresses will be kept private and confidential. This is one measure you can take to ensure that your website stays secure. For someone who intends to do mischief on your site, they will have problems acquiring the necessary information.

Protecting personal information is important and it entails the safety of you and your family members. So paying a small fee for the domain privacy may be worth it.

Domain registration details can be revealed via WHOIS search. Protect your personal details with domain privacy feature. Ipage hosting and ipage domain info are posted in thisipage coupon and review website.

Tags: buyer, Hackers, spammer, webmaster
Posted in Whois Protection | 4 Comments »