|17 Nov 2009||#1|
Improve Web User Experience with IIS SEO Toolkit RTW an
Remember the scene in Diehard when he shoots the glass? That was cool. What’s even cooler is now you can fine tune your Web site for the search engine, thus improving the experience for your Web users.
Today, Microsoft announced the releases of IIS Search Engine Optimization (SEO) Toolkit RTW and IIS URL Rewriter 2.0 RC – both extensions for IIS.
Don’t take it personally – I know it can be hard when your significant other tells you how to make improvements on something you worked hard on, let alone a faceless piece of software. But really, they are both just trying to help. Think of the customers.
The IIS SEO Toolkit helps Web developers, hosting providers, and Web server administrators to improve their Web site’s relevance in search results by recommending how to make the site content more search engine-friendly. The IIS SEO Toolkit helps to improve the volume and quality of traffic to your Web site from search engines, control how search engines access and display Web content, and inform search engines about locations that are available for indexing.
We’ve all been to a cocktail party when you’re trying to impress that certain person, and they ask for the URL of the latest project you are working on. It’s embarrassing when you have to rattle off a long-winded URL with question marks, equal signs, random ID numbers, and ampersands. But with URL Rewriter, you don’t have to anymore.
IIS URL Rewriter 2.0 adds support for outbound response rewriting and enables Web administrators to create powerful rules to implement URLs that are easier for users to remember and easier for search engines to find. IIS URL Rewriter 2.0 can now replace the URLs generated by a Web application in the response HTML with a more user friendly and search engine friendly equivalent, modify the links in the HTML markup generated by a Web application behind a reverse proxy, and fix up the content of any HTTP response by using regular expression pattern matching. IIS URL Rewriter 2.0 helps to easily define rules that match URLs or HTTP headers to generate more friendly and consistent URLs, protect content and assets from unauthorized linking and scanning, and integrate with existing IIS features to improve management, performance, and troubleshooting.
Did I mention it’s free? And it’s available to download and install today with the Microsoft Web Platform Installer 2.0, your one-stop shop to get everything for the Microsoft Web Platform – including IIS SEO Toolkit RTW and IIS URL Rewriter 2.0 RC. From IIS Extensions to the Windows Web App Gallery and beyond, there is sure to be something useful for your Web site endeavors.
Oh, if you run PHP, be sure to check out our learning section on Running PHP Applications on IIS. We have a ton of brand new and updated content to help provide PHP on Windows users a single source of end-to-end guidance. Pretty sweet!
For more information or to download, please visit the IIS SEO Toolkit RTW page and the IIS URL Rewriter 2.0 RC page.
Senior Product Manager
|My System Specs|
|19 Nov 2009||#5|
November 17th, 2009
Thousands of web sites compromised, redirect to scareware
Posted by Dancho Danchev @ 12:12 pm
Categories: Anti Virus, Botnets, Browsers, Hackers, Malware...
Tags: Search Engine Optimization, Web Application, Web Site, Attack Vector, Google Search...
Updated: Thursday, November 19 - According to eSoft who contacted me, they’ve beenmonitoring the campaign since September, with another 720,000 affected sites back then.
There are now over a million affected sites serving scareware, with only a small percentage of them currently marked as harmful. Google has been notified. As always, NoScript and your decent situational awareness are your best friends.
Security researchers have detected a massive blackhat SEO (search engine optimization) campaign consisting of over 200,000 compromised web sites, all redirecting to fake security software (Inst_58s6.exe), commonly referred to as scareware.
More details on the campaign:
The compromised sites are hosting legitimately looking templates, using automatically generated bogus content, with a tiny css.js (Trojan-Downloader.JS.FraudLoad) uploaded on each of them which triggers the scareware campaign only if the visitor is coming a search engine listed as known http referrer by the gang - in this case Google, Yahoo, Live, Altavista, and Baidu :
“Cyveillance has discovered a complex attack vector that uses Google search results to distribute malicious software (malware) to unsuspecting Internet users. Using this attack vector, users click on links within Google search results and are routed to sites that attempt to download malware to their computers. The attack method also relies on inattentive webmasters who do not update the software on their sites and often unknowingly provide the material that appears in the search results.At first, it would appear that the campaign is an isolated one and is maintained by a cybercrime enterprise yet to be analyzed. However, analyzing it reveals a rather anticipated connection - the massive blackat SEO campaign has been launched by the same people who operate/or manage the campaigns for the Koobface botnet. For instance, the domains mentioned by Cyveillance, as well as the newly introduced ones over the past couple of hours, are the very same domains currently embedded on Koobface infected hosts.
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popularsecurity blog. See his full profile and disclosure of his industry affiliations.
Email Dancho Danchev
Sorry mate, I meant to post the link itself only...
|My System Specs|
|Thread Tools||Search this Thread|
|Similar help and support threads|
Enhanced Mitigation Experience Toolkit (EMET)
The Enhanced Mitigation Experience Toolkit(EMET) is a utility that helps prevent vulnerabilities in software from being successfully exploited. EMET achieves this goal by using security mitigation technologies. These technologies function as special protections and obstacles that an exploit author...
Enhanced Mitigation Experience Toolkit 2.0 advice sought
I would be interested in hearing any suggestions/experiences using the Enhanced Mitigation Experience Toolkit. Which apps should be added to the app list? I have Win 7 Ultimate and am not running any "legacy" programs of which I am aware, I'm just getting started using EMET. The...
© Designer Media Ltd
All times are GMT -5. The time now is 04:39.