Categories
Online Marketing

DNS Filtering Followup: DNSFilter Blog Post & Quad9

This is a follow up to the DNS filtering article that I did where I compared Quad. Nine DNS filter, Cisco umbrella, open DNS, which I was actually you have a follow up article on that, because Cisco reshot makes I was in the wrong control panel. So I’ll leave links to the first article, the second article and, of course this is kind of the third article, but it’s also a bit more discussion on this topic to discuss, especially the conversation with DNS filter, so before we dive into that.

Let’s first, if you like to learn more about me and my company head over to lawrence systems comm, if you’d like to hire short project, there’s a higher spun right at the top. If you want to support this blog in other ways, there’s affiliate links down below to get you deals and discounts on products and services. We talked about on this blog, including a link to our patreon. If you like become a patreon supporter, we also have a swag store where you can get shirts and other items that are for sale and that changes from time to time what’s available and what’s not so go ahead and check that out frequently and finally, our forums.

If you’d like to have a more in-depth discussion about this article, suggestions for new articles or just reach out, say hi and talk tech, our forums are a great place for that all right. Now, back to the content, we’ll start here with a response to Tom Lawrence’s, DNS mail, we’re filtering comparison, and then you’ve talked about the article what’s right, with the test, what’s wrong with the test and about how they reach higher threat feeds.

This is really important because you don’t want a bunch of false positives, especially when you’re paying for the service. So finding a good feeds is honestly harder. They are a lot out there, both paid free feeds and a lot of them are not updated anymore, as evidenced by the feat. So they went through and started digging around in the feets, which is also they reached out to sands, and this is the posts right from that sands.

This is the website what it looks like now. This is the one I used in my article, and here is the response they have about Peter, sending them a message and saying yeah. This feeds really old and long and retained. Now this is a bigger issue, because actually a lot of these lists are no longer maintained on even the ones that things like pie, hole and PF blocker. I was digging around and realizing some of these lists haven’t up and updated in a long time and when, in the context of the testing I was doing, we’ve specifically are talking about malware.

That is a huge challenge, because malware is not like blocking some type of sync hold ads where the ad sites may not. Change is often the mail where your sites are changing extremely dynamically, which is one of the reasons I chose as a test, because it’s ultimately, what we want is blocking malware and blocking malware is just not an easy task, so they break down some of the discussion. How they look at things, how they looking get rid of false positives? I think this is worth your time to go through and read this up, so I’ll leave a link to this down below I tweeted it out earlier today and, like I said they have everything on here.

So absolutely this is a good read now related to. That is people that keep looking for some absolute decisiveness on this and in terms of all the paid services out there, because we’re not a user, we’re not directly paying DNS filter and I’m not paying Cisco umbrella for services. I can’t give you a really solid overall use case, I’m still researching and still digging into other methodologies. Well, those methodologies was, I signed up for the free feeds from alienvault and they referred to them as their pulse and they have like active malware threats and indicators are compromised, and this is also a discussion ongoing in my forum and I had spot-checked a few of These with DNS filter with Cisco umbrella – and I have my comments in there short answer – is certain number of threat feeds, and I think I have one of them.

I posted I didn’t want to just fill my forms up a lot of these links, but one of my posted some sites – sinkhole them some didn’t dns filter – did sinkhole it. Quad 19 called it at that time. When I was doing the test, the Cisco umbrella and the CloudFlare filtered, neither one of those actually filtered that address that was then it’s one of those things it’s about who’s, ingesting what feeds went.

So I will say overall, though, when you’re looking at the free side, not the paid services but the free side which in narrow scope when you’re trance that those up quad 9 clearly for all the free ones out there really ahead of it. I know everyone else is going to clamor on and asked me to test their filtering system, all the codes public. I don’t have time to run all these tests, but this is why I make all the code and everything’s public it’s in the write up and you can find that in the forum link down below so take the time to read that response from DNS filter is Good, it’s concise, take your time to look at quad 9.

If you’re going, I just want a free service to drop in and set up at my mom’s house, my dad’s house or whatever friends you want just for some basic filtering for home. I’r going to save you that quad nines are probably one of the best ones out there in terms of free services, but let’s take that word free and look at it. Real quick – and I want to mention that I said free service, but they do have a donate button because they literally run a nonprofit organization that cares about privacy, which means, without selling your data.

You can’t get that free service where you’re the product. This is a run by donations, type of free service, so, as we all know, nothing’s really free. If you can take the time and I’ll throw a little money at them myself that you have a donate button up at the top for quad 9. I also want to thank them greatly for constantly posting. The forum’s they’ve been really helpful, as well as DNS filter. Both of those companies have engaged with the community, which also that shows me they care about their product a lot both the free service, quad, nine and DNS filter like DNS filter.

Having the you know, chief tech guy reach out to me and have a good conversation, while they’re cofounders great conversation, taking the time to write a nice, well-written, blog post with links and thoughts on it. That’s what I like to see this is the type of community engagement that well makes me happy and shows if you care about your product, you, you know care about your users of that product, not just from a marketing standpoint, but they actually want to make the Internet better, which is also a pretty awesome goal, so go ahead and follow.

If you want to read back up on there and the last thing I’m going to comment on, because this is both in the comments on YouTube. People who reached out to me for messages and people who posted this in my forums know you just don’t use all of them. That seems to come up where people go. Can I just use some of all of them? You get the best of all the worlds. That’s exactly the opposite, you’re only as good as your worst resolver, and let me explain why and it kind of depends on your DNS system.

But if you have more than one DNS, if one resolver fails as in let’s say, we have a website, that’s blocked and that resolver fails because it was malware and quad nine blocked it, and you have the next one down in there and it does resolve it. You didn’t block an email where, so you want to pick one that works and, like I said undecided of free services, quad nine, just a simple easy drop for nine s in there and way you go.

They’ve got easy write-ups on how to set up in a lot of different situations for the paid services, Cisco umbrella. It seems to work. I do like the interface better if you just want me to offer, at my opinion, on DNS filter and, of course you know them and having the chief tech guy. That says something reach out, and maybe we’ll have a conversation later that we’ll do a YouTube article about about their product, their products, pretty cool.

We talked about some of the technologies they use. I not at liberty to discuss all of it, not that it’s you know real secret sauce here, but it’s just you know some of the stuff they doing is pretty cool um. I would roulette. I don’t want to try to put any words in your mouth and maybe they can talk about it because most of all, you can just learn from their website I’ll talk about what they do, but as they reel some more products, I may have some more conversations Ongoing with them, because they seem to be pretty slick and very reached out there, I mean companies that take the time to write these blog posts, there’s other companies.

I’ve talked about before that. I appreciate that take the time. These are often products we end up using. So you take the time to really do some community engagement and generally get out there. So go ahead and take time to read their write-up over a Dinah’s filter, great people over there and the forums are still open with more discussion on there, and I think a lot of people are getting. It is actually what makes me really happy.

I’r kind of understanding that one it’s very challenging and two there are some solutions out there that definitely we’re checking out and if you’re, just looking for that free service that you put to all your friends and you have a few extra dollars, throw some money at Those quad nine folks because doing some good work there and without a way to monetize your existence like a lot of other companies, do or an actual chart for charge business model.

They do rely on donations, so shout out to them too thanks and thank you for making it to the end of the article. If you like this article, please give it a thumbs up. If you like, to see more content for the blog hit the subscribe button and hit the bell icon, if you like youtube to notify you, when new articles come out, if you’d like to hire us head over to lawrence systems, comm fill out our contact page and Let us know what we can help you with and what projects you like us to work together on.

If you want to carry on the discussion, hetero to forum style or insistence calm or we can carry on the discussion about this article, other articles or other tech topics and general, even suggestions for new articles, they’re accepted right there on our forums, which are free. Also, if you’d like to help the blog on other ways head over to our affiliate page, we have a lot of great tech offers for you and once again, thanks for reading and see you next time,


Don't have time to do the blogging thing?

Maybe Copywriting services are for you.

 

 

Categories
Online Marketing

I Think My Website Is Hacked! How to Know and How to Fix It

On your website and force a bitcoin ransom, or something like that SEO spam, which infects your Website with spam keywords and pages, not a good look And then there’s also things Like Crypto-Miners adware, that kind of stuff, Nobody Wants that on their website, Nobody want’s that right. No, So it’s not just something! That affects computers. It affects websites too. Yes, websites are definitely At risk – and you want to make sure that you are taking steps – To monitor your environment and protect it and having A plan for response is also very important.

How big of an issue really is this? Well, there’s a stat out. There that says, there’s about 75 % chance that a business Is going to be attacked And right now they say there: Is about 40 % of traffic to your website? Is actually Bots and about half of that is malicious, bots Ugh. That is gross Yeah, it’s not good. No, so how do we go about? Identifying, if our site is infected with malware Well, what you can do, Is you can run a scan on your website? We have a tool called Sucuri site check.

You can also just monitor Your activity logs, if you have somebody who can do that, Maybe a developer – You also wan na make sure That you’re practicing good password management, making sure that you’re users are set with the permissions. That they should have So obviously the least Privileged principle, you wan na make sure that They only have admin for as long as they need it. And then you put them back down to the role level that they need Right on, So that site check is great.

Are there anything that Like super obvious that we should be checking Is it like on Google? Is there on our website? What does that? Look like Yeah? Definitely Well, One of the biggest things is to make sure you’ve updated your site, A lot of the problems. That we see are because of websites that are out of date and have security, vulnerabilities Updates, don’t always mean new features. Sometimes they mean that You’re, actually, you know patching a security flaw that Would let a hacker get in and then do whatever they Want with your website Right, So I was actually Talking to when I was just a customer service, rep at Godaddy I had a customer on the line.

She basically had an interactive book site for little children And she was using WordPress She hasn’t really touched in a while And little kids go on there to read books with their parents. She was unfortunately hacked And the thing that they did was redirect them to a not so great site for little kids. So little Timmy was seeing Some very very adult things So super scary. Is there anything else There was something About Google, you said Like the SCO: What is that Yeah SCO spam is another Really bad one where they inject pages and Keywords into your site, It can show up in your Google search when people are looking for your brand and you’ll see pharmaceuticals, gambling stuff Like discount fashion spam, it’s pretty nasty The malicious redirects That you’re talking about are also terrible cause.

They’re taking your traffic and sending them to like another website, that’s maybe unsavory And you know that’s not A good look for your brand: It causes a loss of trust, So it’s definitely not ideal. Having a website firewall in Place is a really great step to mitigate that It forces All traffic to go through the firewall first Before The visitors hit your website and it also has the Benefit of speeding it up by cashing and using our CDN network, So the firewall is kinda.

Like digging a moat around your house and keeping All the bad neighbors out The in-laws, Anyone that you Don’t want to come in Right, Yeah there you go. That’s One way to look at it: (, laughs, ), All right, Alycia, So website is hacked I’m running around. I’m Screaming that the world is on fire to me right, How do I get this out of here? Yeah? That’s a really Important point, and not a lot of people, have a Response plan in place, Obviously, if you have Somebody you can trust who can remove the malware And has those technical skills that’s a great way to go? There are some tools that can Remove things automatically, but that doesn’t always catch a lot of the hidden back doors.

An attacker will always Try to leave some way to get back in If you just You know go in and clean up the spam pages and keywords the next day, they’re back in And your sites reinfected and a lot of that is Automated on the hackers part, So if you wan na take steps, There are some guides out there. We have one on sucuri.Net on how to clean your hacked website scan for malicious files in the database, and then you can just remove The pieces of malware manually, But generally you probably Want to contact a professional and have them help you Out, It’s usually going to be a bit faster and, like I said they’ll make sure those back doors are gone and that you’ve been removed.

From any blacklists as well, That’s another really important. Point is you don’t want to get blacklisted by Google, Nobody likes that, Then you’re rankings are gone And an important thing to Remember is these hackers they don’t care who you Are They don’t care what your site is about? They just care about hacking. Your site and making money off of you, So it’s not Personal, They just send out their bots to anything that they can find They get in They’re in Automation is super scary, They’ll just write a little script go, get a coffee and Come back and they’ll have a list of like thousands of WordPress websites that they might wan na attack, It’s not ideal and then They can further automate the attacks from there And again small websites.

Are fine because they can use your server resources? They Can use it for SEO spam to try to get other sites To rank that they want They’ll, just use your Resources They can even use your site to attack bigger sites Wow Like what does that look like So like? Let’s say you Are a hacker and you have a bot net of like a Thousand infected websites: You can use the power of all Those servers to launch attacks on like a larger company, So a DDos attack right Yeah, A DDos attack, So, essentially with that you can think of it as like a highway And there’s you know: cars Getting into your website and the hacker is flooding That highway with a bunch of fake cars and now no Real people can actually get into your website And that’s no good And Then all that traffic’s down and it looks like you’re doing it – ( laughs, ), Yeah yeah, nobody Wants to come to a website and see that blank white Loading page, like you know, most visitors, will leave a Website, after like three seconds of waiting for it, To load and it can cause you know a lot of of Disruption for conversion rates and that kind of stuff, So Not ideal for your business, No, and I mean, if you think, About a hacked site right, If your website ever gets Hacked like, if you have a visitor that comes there, they’re likely never coming back.

They’ve lost the trust with your business, Because, if you can’t Protect your own site, how can you protect their information Totally, It’s doubly important if you’re an eCommerce site, Even if you have gateways for Payment that are not hosted on your site, Like through Paypal or Authorize.Net or anything You still have to be PCI Compliant and make sure that you’re protecting the details, Of the people on your site Now with the website and Security we’ve talked about like the malware removal.

And things like that, Should our customers and Our audience really have an SSL on the site, too. Is that important? Yes, absolutely SSL is Awesome and a lot of people equate SSL with security. What SSL does is it makes Sure that any communication between the visitors Browser and your website is encrypted, So it’s data in transit, that’s being protected. Ssl doesn’t actually help Your website from not getting attacked by a hacker But Ssl is still very important.

It’s a ranking signal for Google, So it can help your website get to the top Of Google, if you have SSL And it’s just rapidly Becoming kind of defacto that you have to have SSL On your website as a way to establish trust with your visitors, I love it And that Trust thing is important Cause if you don’t have An SSL on your site, top left of the browser, says “ Not Secure”, To an everyday person. They See “ Not Secure” they’re out, So after we’ve cleaned up the malware.

What should we do going? Forward to make sure that this doesn’t happen again, Or that we’re just protected For sure yeah, You don’t Wan na deal with reinfections Those really suck So number One most important thing is to change all of your passwords, So passwords for your server, your FTP, your hosting account any of Your user accounts, because any of those could have been Compromised during the attack And don’t use password1, Yes Make sure you’re Using good long, complex, unique passwords for everything, Because if they get one password and you’re reusing It everywhere, that’s just They’re in your Facebook Account now your bank account now they’re everywhere and It’s hard to get them out.

Password managers make it a Lot easier, I can’t recommend them enough. I think that’s Probably one of the top security tips that we hear at Sucuri. What’s a password manager, A password manager is a Tool in your browser that will allow you to store And even generate really good passwords, So when You go to a site as long as you’re logged into your Password manager, with your one master, password that by the Way has to be super strong cause, it stores all of your passwords, One password to rule them all Yeah, Which is awesome As Long as you’re logged into your password manager, it’ll Even auto fill the passwords for you, So it makes your Life a little easier And it takes the guess: Work of it out of having to create a password that You’re going to remember, but that’s also very strong, And difficult to hack Awesome What else should We look at to really prevent this from happening again.

Or just protecting ourselves, There’s a lot of different Post-Hack actions and we could go into security forever. It’s A never ending kind of thing, There’s no such thing as Zero risk You’re always some element of risk, But obviously you know making sure that you’re Changing default settings Like don’t use the username admin. You know you can do a lot. Of things through plug-ins and that kind of thing, If you’re using a CMS But there’s also a lot of Steps to take on the server Like changing file permissions And things like that Definitely recommend.

Looking For some guides out there for website security, We Have a couple on sucuri.Net that are freely available: But yeah Definitely taking just extra steps to Make sure that you’re thinking about security and setting those options Awesome Now backups I hear this all the time: Backups backups backups What’s your emergency plan, How often should should We be making backups and what does that look like? Well, it really depends on your site If you’re updating your site, Very frequently, you know it’s very important for You to be able to restore all of that recent content.

Then you wan na be making you know daily or even More frequent backups, You know for some sites, That are only updated, weekly or monthly. Maybe those are How frequent you want them! One important thing to think: About with getting hacked and using a backup is Sometimes the attackers will attack your site and wait. For months to actually launch the attacks, So They’ll, get in and they’ll sit there for a while And then your backups are actually infected, That’s scary! So if you restore a Backup, that’s still has a backdoor in it that Could be troublesome, But still nonetheless, it’s Great to have that safety net, Especially if you have Custom files on your site, If those get overwritten By a hacker – and you don’t have any way to restore the Custom files – it’s not like you, can just pull down The WordPress plugin files or the core files You wan na, make sure for sure That those are backed up All right.

Thank you. So much For coming on the show today and helping us out with How to find malware and what to do with it? It’s been a pleasure, Thank you so much for having me And hey make sure you, like This article and comment below on something that you Learned that you’re going to do with your website to Make sure you’re secure While you’re there Subscribe to this blog Ring that bell, so you Know when these episodes are coming out first, This is “ The Journey” We’ll see you next time,


Who is helping with your digital business footprint?