We have recently had this complain from our various Shared hosting as well as Dedicated Server hosting clients that MSSQL Webadmin ASP .NET Enterprise Manager is having a virus / trojan on it. When the first complain arrived we too thought that there seems to be a problem with the server and might be MSSQL Webadmin ASP .NET Enterprise Manager has got an injection in it. But after receiving too many complains from most of our dedicated server clients we started investigating the problem and now we knew that this is something that has happen globally. After viewing MSSQL Webadmin ASP .NET Enterprise Manager on Plesk server it looked as the picture below:

We understood that the problem was not with the mssql.domain_name link but the virus alert only happened after click on ASP .NET Enterprise Manager, Recomended this site. And the link was:

www.referralplanet.com/referral/windows/referralWindow.asp?id=17

Since the site was not hosted with us we had a sigh of relief that the problem is not with the server however we thought we still have a security problem if the link has been injected into ASP .NET Manager site in IIS, may be due to a security issue with Plesk control panel. And after checking several servers we came to know that the problem has happened to the site that is recommended on MSSQL Webadmin site and not the server.

If you want to remove this link from your server as well as from the MSSQL WebAdmin site then follow the steps below:

1. Login into the server through RDP with Administrator user.
2. Go to D:\inetpub\vhosts\sqladmin\mssql\app
3. Open the navbar.aspx page in notepad
4. Go to line number 119 and remove the code below:

<!-- Begin ReferralPlanet.com Referral Script -->
<a onclick="refWindow=window.open('http:// www.referralplanet.com/referral/windows/referralwindow.asp?id=18','referralWindow' ,'width=350,height=520,scrollbars=yes,menubar=no,resizable=yes'); refWindow.focus(); return false;" target=_blank href="http:// www.referralplanet.com/referral/windows/referralWindow.asp?id=17">
<IMG alt="Click Here To Tell A Friend" src="images/tellafriend.gif" border=0></A>
<!-- Begin ReferralPlanet.com Referral Script -->

5. Save the file and exit.

This problem must have infected millions of computer in the world. Let see when chinese hacker stop putting their shit on other’s website and get mature.

What is ASP.NET?

ASP.NET, a higher version of ASP, is a programming framework used to create enterprise-class Web Applications. These applications are available to the entire world providing efficient information to their end users. ASP .NET has far more advantages than just a next version of ASP. And it is easily available to configure and use no matter if you have a Dedicated server or a Shared hosting account.

Why to use ASP.NET?

Microsoft has worked well to shift their focus on Internet world from a Windows based platform since 1995 and finally Microsoft introduced Active Server Pages (ASP) in 1996 that was much easy to understand than the orthodox languages like Java, C++ and Perl as it offered the efficiency of ISAPI applications. However ASP scripts were difficult to debug and main, since it consisted unstructured code and interpreted script. ASP also made it difficult for developer to ingrate the web development software as it required to understand many different technologies. If the web application grew more complex and bigger it became harder to maintain as the number of line in source code increased dramatically, specially when you host your application on a Shared hosting server. Therefore, a need of an architecture was required that would allow development of Web application in a consistent way.

more…

Some times Configuring MSDTC and their error can ruin your Windows Cluster service and your time as well. You may get one of the following error when you failover the MSDTC service from one Dedicated node to another.

This would only happen if the Cluster services has been installed before installing and configuring MSDTC Service. Hence it is highly recommended that you first install and configure MSDTC and then configure the Windows Cluster Service.

Event ID: 4097
Description:
MS DTC started with the following settings: Security Configuration (OFF = 0 and ON = 1): Network Administration of Transactions = 1, Network Clients = 0, Distributed Transactions using Native MSDTC Protocol = 1, Transaction Internet Protocol (TIP) = 0, XA Transactions = 1.

OR

Event ID: 4395
Description:
MSDTC detected that MSDTC related information in the local registry is different from that in the shared cluster registry. Error Specifics: d:ntcomcom1xdtcsharedmtxclumtxclusetuphelper.cpp:541, CmdLine: C:WINNTSystem32msdtc.exe, Pid: 796
Data:
0000: 05 40 00 80 .@.?

OR

Event ID: 4384
Description:
MS DTC was unable to start because the installation was not configured to run on a cluster. Please run comclust.exe and restart MS DTC. Error Specifics: d:ntcomcom1xdtcsharedmtxclumtxclusetuphelper.cpp:668, CmdLine: C:WINNTSystem32msdtc.exe, Pid: 796

OR

Event ID : 7024
Source : Service Control Manager
Description: The MSDTC service terminated with service specific error 3221229584.

Initially you should try and run the command below and check if it solves the problem:

msdtc -resetlog

If that does not help then follow the fix below:

more…

This has been a regular problem with most of our Windows dedicated Server Clients as well as Windows Shared hosting client that has Plesk 8.4 installed on them, specially for those who need write permissions on web user for the ASP .NET/MSSQL and PHP/MySQL application, that the write permissions on the folder get removed own its own without any changes being made by us or the client. After allot of scratching and investigation we were finally able to reveal the secrete about the permissions issue. The problem was not with Plesk but the way we use to set permissions on the folder.

While I was searching for the solution I found the KB articel on Parallels sites below:

http://kb.parallels.com/en/1147

Where they (Plesk adminstrators) have clearly mentioned that custom permissions set on top level folder like httpdocs, statistics, cgi-bin etc will get reset by Plesk. So I decided to make a test, I manually gave write permissions to httpdocs folder and ran webservmng.exe on it and yes it was removed. Then after allot digging I would that there us a file .Security which is saved under the folder with the domain name (parallel to httpdocs folder), that stores all permissions for that domain.
more…

One can point your site to any designated IP address you want without changing the Name server of your Domain. Yes, you will be able to view/test your site on new server without changing the name servers as well as having trouble of using site Preview options in Control panel like Plesk. This option is also helpful in the case of some site that use .js script in their codes since those scripts don’t work in Plesk site preview option. Specially in case of sites that work on DotNetNuke [DNN].

So here we go:

On your local machine, [AND NOT THE SERVER]:
Goto START >> Run >> and Type:
notepad "C:WINDOWSsystem32driversetchosts"
And hit Enter

If you get file does not exist error then create hosts file in notepad “C:WINDOWSsystem32driversetc” folder.

At the end of the file you will have:

127.0.0.1 localhost

Just add your domain with the IP you want to point to, and it will look like, this will be also applicable if you have create a new hosts file:

127.0.0.1 localhost
192.168.1.52 mywebhostingblog.net
192.168.1.52 www.mywebhostingblog.net

Save the file and exit.

Now ping the domain on the computer you have made changes on and it will point to the IP address defined. You can now browse your site without the site preview and you will have to the content of the server you are moving to. Just remove the entries from the hosts file to point your domain back it was.

Wasn’t that Simple..!!!

It is very easy to block a single IP address on a Linux server but Windows Default firewall doesn’t allow us to block a single IP address on the server or for particular ports. However Microsoft released this and introduced IP Security Polices in their Local Security Polices option in the release of their SP2. But most of us are not aware of this option and we mostly adopted third party firewall and pay for their heavy license. However Firewall onl Windows 2008 Server is far more advanced than that on Windows 2003.

It would not be the case now as I have listed detailed steps along with the images on how to block IP using the IP security policy in Windows. This option is also available in XP as well as Windows 2003 Server edition.

How to BLock IP Using Windows:

You can either open MMC from START >> RUN >> MMC and add a new Snapin for IP Security policy with steps below:

Click ‘Start’ > ‘Run’ >type ‘MMC’ press ok.
In the console click > ‘File’ > ‘Add/Remove Snap in’
In the ‘Standalone Tab’ click The ‘add’ button
Seclect ‘IP Security Policy Managment’ > ‘ADD’ > ‘Local Computer’ > ‘finish’ > ‘close’ > ‘ok’
You should now be back to the Management console.

OR

Just goto START >> PROGRAMS >> ADMINISTRATIVE TOOLS >> LOCAL SECURITY POLICIES ON LOCAL COMPUTER to open the IP Security Management Console.

1. Select IP Security Policy and Right Click on the right pane to select new Policy. The screen will like an image below:

Figure 1

more…

Using Certificates to Encrypt Data

Certificates are parallel with asymmetric keys in the SQL Server 2005 encryption hierarchy. A certificate is simply a method of using asymmetric encryption. Certificates bind public keys to individuals who hold the associated private key. Certificates use the same RSA algorithm as asymmetric keys; therefore, they are resource-intensive and their use is normally restricted to encrypting other keys. SQL Server contains an integrated certificate authority, which it uses to issue its own selfsigned, and industry standard X.509 certificates. Alternatively, you can import certificates from an external certificate authority.The use of external certificates allows you to use a wider range of key lengths, which can provide enhanced security. Certificates are the most secure way in which to encrypt data natively within SQL Server 2005.You can use the CREATE CERTIFICATE statement to create a certificate within SQL Server 2005.

The common syntax of the CREATE CERTIFICATE statement is as follows:

CREATE CERTIFICATE CERTIFICATE_NAME [AUTHORIZATION USER_NAME]
{FROM FILE = ‘PATH_TO_PRIVATE_KEY’
WITH PRIVATEKEY [, ENCRYPTION BY PASSWORD = 'PASSWORD' |
, DECRYPTION BY PASSWORD = 'PASSWORD']}
WITH SUBJECT = CERTIFICATE_SUBJECT_NAME, |
[START_DATE = MM/DD/YYYY
END_DATE = MM/DD/YYYY]

Here are definitions of the arguments in this syntax:

more…

EFS Encryption

EFS can be used to encrypt SQL Server 2005 data files and folders. EFS is supported on Windows 2000 and later operating systems with New Technology File Systems (NTFS) formatted drives. EFS uses a combination of symmetric and asymmetric methods to provide transparent SQL Server 2005 data encryption. On Windows 2003 Server and newer operating systems, EFS by default creates a random File Encryption Key, which is a 256-bit AES key to perform data encryption.The File Encryption Key is then itself encrypted with the user’s public key and stored within the encrypted file or folder.

To encrypt SQL Server 2005 data files and folders using EFS, follow these steps:

1. Stop the SQL Server service.
2. Log out and log in using the SQL Server service account credentials.
3. Right-click on the file or folder to be encrypted and select Properties | General Tab | Advanced.

more…

Why Secure Data in your Windows MSSQL database?

Databases often contain sensitive financial, healthcare, and corporate data. As mentioned earlier, data security breaches are occurring at an alarming rate and international legislations have been passed, which set regulations on how organizations must protect this sensitive data. The Payment Card Industry (PCI), Health Insurance Portability and Accountability Act (HIPAA), Personal Information Protection and Electronic Documents Act (PIPEDA), Gramm-Leach-Bliley Act (GLBA), and the UK Data Protection Act are just a few of these regulations. Several regulations require that sensitive data be encrypted and that organization’s must identify and report data disclosure or misuse. If these regulations are not followed, organizations can face serious repercussions, ranging from financial penalties to imprisonment of responsible parties. Depending on the nature of your business, the above regulations may not apply, but before you discount the need to encrypt data consider that sensitive information can also include corporate information including confidential HR data, trade secrets, patents, designs, or client listings, which, if disclosed to unauthorized individuals, could have a grave impact on your organization. At this point you may be wondering,“why not just encrypt all data using a secure algorithm?” instead of determining specifically what data elements require encryption.The answer is that there is a  significant performance impact when encrypting data, as SQL Server must perform authentication, encryption, and decryption functions seamlessly to encrypt and decrypt the data. In addition, there are several other side effects associated with data encryption, which we will touch on later in this chapter. For these reasons, you should use data encryption only when required and only on the required data elements.

Ways to encrypt data in MSSQL 2005:

EFS Encryption
Native SQL Server 2005 Encryption
Using Keys to Encrypt Data
Using Certificates to Encrypt Data
Using Pass Phrases to Encrypt Data
Working with Data Encrypted
Indexing Encrypted Data
Replicating Encrypted Data
Symmetric Key Usage Tracking
Replicating Encrypted Stored
Using Endpoint Encryption

Smooth working of Mail server totally depends upon Mail Enable Mail Transfer Agent , as the name suggest, Mail Enable MTA is a program running on Mail Server responsible for transferring email messages between computers over the Internet.

Mail Server works with other programs in collaboration  to make up what we know as Messaging System. Messaging system must work without any flaws to keep smooth movement of Inbound and Outbound emails. Mail System uses following protocols to send and receive email messages.

SMTP (Simple Mail Transfer Protocol) - For Sending emails

POP3 (Post Office Protocol 3) or         -  For Receiving emails.

IMAP (Internet Message Access Protocol)

At any point you found out that emails are not reaching their destination, there are high chances of these emails would get stuck in Mail Queue. Only way to release emails from mail queue is to restart mail services. Restarting mail services is done from Mail Server. Make sure before restarting mail service you ask anyone who has good knowledge of doing it.