Web Hosting Blog

To run a successful web hosting business one must be capable of Identifying the fraudsters who wish to order a particular web hosting package. Efficient management is essential for the smooth functioning of the web hosting business.

Here are few ways of that would help to identify the fraud orders and keep away the fraudsters spoil the business.

Verification Of The IP Address

Verification of the IP address is the first step in the order verification process. Almost every billing software shows the IP address and other information such as the host name of the IP, the country of the person placing an order with the web hosting company. Another way of checking the information is through a third party service such as the WHOIS service (www.whois.sc) or www.ip2location. Once the information is displayed, the country of the origin of the IP and the country mentioned in the order needs to be verified. The state and city details too can be cross checked. If the details matches then the order can be sent for processing. If the details does not match then its clear that the order is fraudulent. Incase you receive such an order then it should be marked as fraud and the order should be terminated.

Domain Name Verification

With the use of the third party whois service, users can get the whois details. Using these details of the person ordering the web hosting package can be cross checked for the physical address and E-mail address mentioned in the order. Genuine orders will have the details matching to the ones mentioned in the order. Yet sometimes there is a chance that the details does not match, in that case we cannot come to the conclusion that the order is fraud as the domain name might have been purchased through a company address. Hence, the domain name verification has some restrictions. In case the domain name seems senseless, then there is wide possibility that the order is a fraud order.

Disable Auto Sign-ups

If the web hosting company has enabled the facility of auto sign-ups on its web-site then a fraudster may sing-up and send spam or install Trojans or viruses for phishing purpose before you getting time to recover from the damage. So, it is recommended that the auto account creation facility should be disabled.

Usage of Third Party Fraud Detection Plugins

A web hosting company can use make the use of a third party service such as MaxMind. It is a fraud scanning software which is integrated in the billing software. It helps to identify fraud orders automatically (Note: It is not 100% fool proof).

Phone/FAX verification

Web hosting firms can give a call on the contact number provided in the order details for the purpose of identifying between fraud orders and genuine orders.

Even after every careful steps are adopted by the web hosting company, fraud orders is a never ending problem. There is no completely fool proof solution for fraud orders. But, following the above tips helps reduce the fraud order sign-ups upto a large extent.

There is a simple way of checking the owner of a particular Domain.

It is a common and more frequent question that arises in the mind while surfing the internet that who owns the web-site. While starting a online business or starting a web site then knowing the domain names is essential. This is one of the necessary information required before initiating the website/business.
Several sites provide the service of “Whois“, one can get every information that the user is searching for. The Whois service is an internet username directory service. This service provides a list of domain names already present over the internet.With the use of Whois service one can get the contact number and e-mail address of the owner of the website.
Every computer has a unique address which is known as the IP adress.With the use this IP address one can search on a certain IP on Whois.
Whois has multiple uses.There are many sites where one can search domain names example: www.domaintools.com.This site offers everything from a search directory to DNS tools and domain history. This web-site also provides a service known as the mark alert, it alerts you when someone registers a domain name with particular term or phrase.A mark alert helps you keep track of your competition and trademarks can be proactively monitored.

When any user accesses Internet may be for sending e-mails or browsing, then without even realizing that s/he are using domain name servers. DNS is are very important but are hidden parts of the Internet. The DNS network is one of the largest and most active distributed databases. Without DNS, Internet is useless. The machines only understand IP addresses to refer to one another.

Domain name servers translate domain names to IP addresses. DNS system is a database, it receives many requests in a day.

Every computer machine on the Internet has an IP (Internet Protocol) address. A server too has an IP but it is static which does not change much often.

In a day, the name servers do two basic things:

1. It accepts requests from programs to convert domain names into IP addresses and
2. Accept requests from other name servers to convert domain names into IP addresses.

When a request arrives the name servers do four things :

1. It can return an error message as the requested domain name is invalid or does not exist.
2. It can contact another name server and try to find the IP address for the name requested. It may do this multiple times.

1. It can answer the request with an IP address as it already knows the IP address for the domain.
2. It can say, “I don’t know the IP address for the domain you requested, but here’s the IP address for a name server that knows more than I do.”
3. It can return an error message as the requested domain name is invalid or does not exist.

When a user types a URL in the browser, the browser converts the domain name and host name into an IP address so that the browser can request a web page.

DHCP Short for Dynamic Host Configuration Protocol, a protocol for assigning dynamic IP addresses to devices on a network. With dynamic addressing, a device can have a different IP address every time it connects to the network. In some systems, the device’s IP address can even change while it is still connected. DHCP also supports a mix of static and dynamic IP addresses.

Dynamic addressing simplifies network administration because the software keeps track of IP addresses rather than requiring an administrator to manage the task. This means that a new computer can be added to a network without the hassle of manually assigning it a unique IP address. Many ISPs use dynamic IP addressing for dial-up users. This protocol reduces administrators workload which allows addition of devices to the network little or zero manual intervention.

DHCP is a way of managing network parameter assignment from a single DHCP server or may be a group of DHCP servers arranged in a fault tolerant style. Using DHCP any new machine can be added to the local network. DHCP can be used to assign addresses directly to the desktop machines or servers.

Technical Summary

DHCP uses two IANA assigned ports as BOOTP: 67/udp for the server side, and 68/udp for the client side.

DHCP works in four phases :

1. IP Discovery ,
2. IP Lease Offer,
3. IP Request and
4. IP lease acknowledgement.

After the client gets an IP address, he may start an address resolution (ARP) query for preventing IP conflicts caused due to address pool overlapping of DHCP servers.

Security

The basic DHCP does not have any feature of security hence is susceptible to two types of attacks.

1. Unauthorized DHCP Servers : One cannot specify the required server. Any unauthorized server may react to the clients request and send client network configuration to the hacker.
2. Unauthorized DHCP clients : An unauthorized client can gain access to the network configuration and IP address by camouflaging itself as a legitimate client.

RFC3118 introduced authentication information into DHCP messages to overcome these threats. Doing this enables the clients and servers to reject information from invalid or unknown sources.

When you enter the URL of a website you want to view the URL connects to the Domain Name Server (also called DNS). Domain Name Server is a kind of directory which has the record of the URL’s and their IP addresses. Once you enter the URL of the website you want to view the Domain Name Server find’s the IP address of the website and then you get the website you want to view. So IP addresses play a very important role in this whole process. There are two kinds of IP addresses. One is a Shared IP address and the other is a Dedicated IP address.

Shared IP address:-

Shared IP address is an IP address which is shared by more than one website. There is no specific number of websites that can have a same IP address. In fact you might come across a many websites hosted on the same IP address. If you enter the domain name of a website you want to view than the Web servers determine the IP address with the same Domain name you have entered in your browser. However, if you directly enter a Shared IP address than you will be shown some kind of a generic page instead of any of the website which has been hosted on the same IP address. If you have a shared IP address for your website than too it will not affect your website in any way. It is said that if you have a Shared IP address it affects your website ranking on the search engines (some do agree to this statement). But, for special access such as SSL or Anonymous FTP for your website you will need a Dedicated IP address. Another disadvantage of a shared IP address is you will not get direct access to your website by entering the IP address.

Example of a Shared IP address-

67.27.79.148/~youraccount

Under most conditions your website will work fine on a shared IP address if you do not have any special requirements.

Dedicated IP address:-

Dedicated IP address means that a website has an IP address which is not shared by any other website. This means that the website has a unique or in other words separate IP address. Dedicated IP address is also called as a Static IP address. If you have a Dedicated IP address for your website than your website can be displayed even if only the IP address of the website which is in numerical form is entered in the browser and you will get the same website. This is also considered as a benefit of a dedicated IP address. Another benefit of a Dedicated IP address is you can get special access to your website like Anonymous FTP access and Private SSL Certificate. If you need this kind of special access to your website then you will definitely need a Dedicated IP address as this kind of special access to your website will not be possible with a Shared IP address.

Example of a Dedicated IP address-

67.14.62.198

You must have heard people related to the Web Hosting industry saying that a website having a Dedicated IP address is more preferred by search engines in comparison to the websites having a Shared IP address. However, this is not considered as a true statement by some of them.

Are you sure that your e-mail account is only accessible to you? Is there anyone else who has sneaked into your e-mail account and using your account against you?

You are sure about you taken every necessary precaution to safeguard your PC. You have the latest Anti-virus software, firewall, anti-spyware and anti-malware, e-mail spam filters etc. But you cannot relax, there can be a loop hole from which a hacker can sneak into your network.

At the home or anywhere, you have set up a WiFi network or your broadband provider has given you a shared Internet connection with customers in the same building, this invites trouble of attacks. You are very vulnerable to ARP cache poisoning attack. ARP poisoning happens when a hacker fools you machine. ARP means Address Resolution Protocol. An ARP is used by the network to associate an IP address with a devices MAC address, in short ARP connects devices on a network.

The connection works without any authentication, so a device can easily pretend to be another. Hackers can sneak into your network and link any device using any IP and Mac address. This way the hacker can make the router think that his computer is yours and vice versa. By this what happens is, when you access your account, your device will send all the data packets to the hackers device.

NOW THE SOLUTION TO THIS :

· Assign static IP address to network devices and static ARP entries.

· For Windows, run ipconfig /all in command line, it will tell you your computers IP and Mac addresses of each device on your network.

· Run arp –s command to add static entries to those devices.

One can also use Anti-ARPSpoof . This software tool would set up a static route entry which would prevent such attacks. This is an opensource tool called as ArpON. It identifies and blocks all ARP poisoning and spoofing attacks.