To Sub or not to Sub…that is the question.

Posted on December 3, 2008 by Mitch Cohen

The other day a friend of mine asked me about setting up a blog. He’s planning to lay the foundation of an internet business and is following a blue print that lays out all the steps to be successful. Blogging is part of the process. In the course of the conversation, I mentioned one alternative to installing a blog in a folder. That alternative is using a subdomain for the blog. He asked some good questions about the pros and cons. I had a few ideas about it such as using a folder being a little simpler, but a blog would have a more distinct identity in a subdomain while still having a relationship to its parent domain. But there are other considerations as I learned after doing a little research. A lot of it depends on your goals and the size of your web site.

If you intend to do nothing but blog on your domain name, then by all means, just install your blog in the root of your web hosting account and have your visitors come directly to your blog when they enter your web address. But if you intend to have a separate website that stands on its own, it’s time to consider the pros and cons of using a subfolder or a subdomain. For those of you who are ambitious, big thinkers and you envision building out a large and complex site, subdomains can be helpful to separate distinct areas of subject matter. This is also useful to improve search engine indexing and rankings. Search engines treat sites in subdomains as unique sites. So if you provide good content with links back to your primary site in your subdomain blog, this can improve search rankings if done properly. See this tip sheet from Net Mechanic for some of the potential pitfalls. Try this search for more information on the question.

Here’s an example of an organization that’s using a subdomain for their blog. As you’ll see in the blogroll at the bottom of the left column, there’s no one-size-fits-all answer. Learn a little and take your best shot. You can always make changes if needed.

Share
Posted in Design | Tagged , , , | Leave a comment

Does Your Computer Have the Worst Virus?

Posted on November 27, 2008 by Mitch Cohen

The Culprits

If you’ve never heard of rootkits let alone what they are, now is the time to learn. I’ve heard of them before but never really knew how bad they can be. Not only can they hide from many of the most widely used antivirus programs, they can actually start running on your computer before your operating system even starts.

What’s worse is how they get into our computers. Many of the most frequently and widely used programs are the most likely targets of the criminals who spread viruses, spyware, and whatever other kind of program we don’t want, especially the programs that make use of the internet and the web. But why? Why do people make viruses? Do I really need to tell you? They do it for money. And usually their stealing it from our bank accounts and our credit cards. That’s why the bad guys find ways to take advantage of the programs we all use to inject their malware into our computers. And that’s why the responsible software companies figure out how to fix the problems and patch, or update, the software on our PCs. Some of the most common targets are:

  • web browsers such as Internet Explorer, Firefox, and Opera, among others
  • office software such as Word, Excel, Thunderbird, and many more
  • media programs such as Flash, Acrobat, Quicktime, and yes, other.

On top of that, the software that runs on the web servers that deliver the web pages we all love is also at risk of being compromised. Hackers find ways to use parts of the server operating systems (Windows and Linux), blogging software, content management systems, forums, you name it.

What To Do About It

So let me tell you about what “inspired” this post. I recently learned about the Sinowal (also known as Mebroot) trojan rootkit in a couple of articles written by Woody Leonhard on the Windows Secrets website. The first article, “Don’t be a victim of Sinowal, the super-Trojan”, was posted November 20, 2008 and gives a good description of this bugger and how it spreads, infects, and steals your private information, like your bank or credit card account user name and password. Woody’s second article gets down to the business of detecting Sinowal/Mebroot, removing it, and what you can do to minimize your risk of infection.

There are two tools Woody recommends for us to use, F-Secure Backlight and Secunia Personal Software Scanner. Use Backlight to scan your computer to find Sinowal/Mebroot and remove it. Backlight does not need to be installed like many programs. It’s completely self-contained. To run it in XP, just double click it. But in Vista, you need to run Backlight as the Administrator. To do this, righ-click the Backlight icon, and select “Run as Administrator” from the pop-up menu.

Once Backlight is done, use Secunia PSI to inspect the software on your computer to see if it is the most current and secure version available. The advantage of using PSI is that once it finds programs that are vulnurable, you can download and install the updated and secure version with just a few clicks. Without PSI you would have to open every program installed on your computer, check the version, then go to the publisher’s website to see if there’s a more recent version to download and install it. I’ve tried both these programs on my HP Pavilion dv9000 laptop running Windows Vista and was pleased with way they worked. I also ran them on my Windows XP desktop. XP users are the most at risk. Fortunately, Vista seems to be immune for the time being. Backlight and PSI ran just fine on the XP desktop and I was relieved that Backlight did not find any rootkits.

I urge you to read Woody Leonhard’s first article about the Sinowal/Mebroot rootkit for a basic understanding and then look at the second article to better understand how the tools work and how to use them.

Have you ever encountered this kind of problem? If you have, how about leaving a comment to share your experience? Everyone be safer.

Share
Posted in Online Security | Tagged , , , | Leave a comment