Blogs

How to use SPAM filter in Directadmin

Besides Spamassassin, Directadmin provides another solution for Spam filtering purposes, whereby its far more easy to understand and to setup. To set up a simple yet powerful spam filter in Directadmin, kindly follow steps below: 1. Login to Directadmin, click on “SPAM Filter” under the “Email management” tab.   2. A simple and clear interface will be shown to assist you to block the SPAM with a specific keyword. For example, you can set up a block a specific email address, or a mail with the blocked keyword in the mail subject, or even block based on mail size. For a more advance version of the spam filter, please use Spamassassin whereby it provides more advance settings to be tuned with.  
Read more

How to Enable a 32-bit Application Pool in IIS 7 (Dedicated/VPS)

1.  Once logged into your server, open IIS Manager.  You can do this by clicking your Windows Start button and entering “inetmgr” into the search box.  Then press enter. 2.  On the Connections pane, expand the server node and click “Application Pools.” 3.  Right click on your application pool and select “Advanced Settings…” 4.  Change “Enable 32-bit Application to True.” 5.  Click “OK” to finish.
Read more

What is Social Engineering?

Social engineering is the psychological manipulation of people in the hopes of gaining access to confidential information or systems. It is a form of confidence trick for the purpose of information gathering, fraud, or system access. The attacks used in social engineering can be used to steal employees’ confidential information or data, and the most common type of social engineering happens over either phone or email. Other examples of social engineering attacks include criminals posing as service workers or technicians, so they go unnoticed when access the physical site of a business. Social Engineering Principles The main methods that cyber criminals use to perpetrate social engineering have existed for a long time. They are based on fundamental psychological principles about human behavior – attackers use these principles to gain access to sensitive data or information. Reciprocity: People tend to return a favor. For example, if an attacker is in some way generous or thoughtful, the victim may feel compelled to provide special access or otherwise bend critical rules. Commitment: When someone commits, either orally or in writing, to do something, they become more willing to honor their commitment because they then take it as a personal responsibility to fulfill. For example, on auction sites, people will get trapped into bidding higher than they may have initially intended because they wish to ‘win’ the item in question, regardless of how much the item is actually worth. Social proof: People will do things that they see other people are doing. For example, a software product endorsed by a celebrity will have a greater sense of value to people, regardless of its quality, because of the endorsement. Authority: People will tend to obey authority figures, even if they are asked to perform objectionable acts. In a social engineering attack, this may lead an employee of a targeted organization to provide information to a caller pretending to be a law enforcement official. Liking: People are easily persuaded by other people that they like. Simply being pleasant and friendly is often enough to allow special access to an attacker. Main Forms of Social Engineering Cybercriminals use social engineering to effectively administer a number of cyber attacks: Phishing: A technique of obtaining private information through manipulative means. Typically, the phisher will send an email that appears to come from a legitimate business requesting authentication of information and warning the victim of complications should it not be provided. That threat leads the victim to reveal sensitive information. Water holing: A targeted social engineering strategy that capitalizes on the trust users have in websites they regularly visit. The victim feels safe doing things they would not do in a different situation. The attacker then readies a trap for the victim at the trusted location. Quid pro quo: An attacker contacts random people at a company, claiming to be calling for a legitimate reason. This person will eventually find someone with a real problem, who is grateful for the proactive help. They will then attempt to get sensitive information from the victim while assisting with their problem. Social Engineering Defenses There are a number of defenses available to companies that will help protect against major social engineering attempts on their employees: Establishing a standard trust framework: Establishing a strong framework of trust on an employee/personnel level by training personnel on how sensitive information should be handled. Scrutinizing information: Identifying which information is sensitive and evaluating its exposure to social engineering and breakdowns in security systems. Following Security Protocols: Establishing security protocols, policies, and procedures for handling sensitive information. Training Employees: Training employees in security protocols relevant to their position. Periodic Testing: Developing a framework is important, but it is just as important that the employees are tested to make sure that they are absorbing the information. Running tests to see how employees react to controlled social engineering experiments can help adjust training and discussions in the right direction. Why Social Engineering is Important   The human systems set up around technology are consistently the weakest link in the security chain. Attention to detail when establishing training and security infrastructure can help to protect businesses from cyber attacks and their related fallout.
Read more

Phishing attacks

What is a phishing attack Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack or the revealing of sensitive information. An attack can have devastating results. For individuals, this includes unauthorized purchases, the stealing of funds, or identify theft. Moreover, phishing is often used to gain a foothold in corporate or governmental networks as a part of a larger attack, such as an advanced persistent threat (APT) event. In this latter scenario, employees are compromised in order to bypass security perimeters, distribute malware inside a closed environment, or gain privileged access to secured data. An organization succumbing to such an attack typically sustains severe financial losses in addition to declining market share, reputation, and consumer trust. Depending on scope, a phishing attempt might escalate into a security incident from which a business will have a difficult time recovering. Phishing attack examples The following illustrates a common phishing scam attempt: A spoofed email ostensibly from myuniversity.edu is mass-distributed to as many faculty members as possible. The email claims that the user’s password is about to expire. Instructions are given to go to myuniversity.edu/renewal to renew their password within 24 hours. Several things can occur by clicking the link. For example: The user is redirected to myuniversity.edurenewal.com, a bogus page appearing exactly like the real renewal page, where both new and existing passwords are requested. The attacker, monitoring the page, hijacks the original password to gain access to secured areas on the university network. The user is sent to the actual password renewal page. However, while being redirected, a malicious script activates in the background to hijack the user’s session cookie. This results in a reflected XSS attack, giving the perpetrator privileged access to the university network. Phishing techniques Email phishing scams Email phishing is a numbers game. An attacker sending out thousands of fraudulent messages can net significant information and sums of money, even if only a small percentage of recipients fall for the scam. As seen above, there are some techniques attackers use to increase their success rates. For one, they will go to great lengths in designing phishing messages to mimic actual emails from a spoofed organization. Using the same phrasing, typefaces, logos, and signatures makes the messages appear legitimate. In addition, attackers will usually try to push users into action by creating a sense of urgency. For example, as previously shown, an email could threaten account expiration and place the recipient on a timer. Applying such pressure causes the user to be less diligent and more prone to error. Lastly, links inside messages resemble their legitimate counterparts, but typically have a misspelled domain name or extra subdomains. In the above example, the myuniversity.edu/renewal URL was changed to myuniversity.edurenewal.com. Similarities between the two addresses offer the impression of a secure link, making the recipient less aware that an attack is taking place. Spear phishing Spear phishing targets a specific person or enterprise, as opposed to random application users. It’s a more in-depth version of phishing that requires special knowledge about an organization, including its power structure. An attack might play out as follows: A perpetrator researches names of employees within an organization’s marketing department and gains access to the latest project invoices. Posing as the marketing director, the attacker emails a departmental project manager (PM) using a subject line that reads, Updated invoice for Q3 campaigns. The text, style, and included logo duplicate the organization’s standard email template. A link in the email redirects to a password-protected internal document, which is in actuality a spoofed version of a stolen invoice. The PM is requested to log in to view the document. The attacker steals his credentials, gaining full access to sensitive areas within the organization’s network. By providing an attacker with valid login credentials, spear phishing is an effective method for executing the first stage of an APT. How to prevent phishing Phishing attack protection requires steps be taken by both users and enterprises. For users, vigilance is key. A spoofed message often contains subtle mistakes that expose its true identity. These can include spelling mistakes or changes to domain names, as seen in the earlier URL example. Users should also stop and think about why they’re even receiving such an email. For enterprises, a number of steps can be taken to mitigate both phishing and spear phishing attacks: Two-factor authentication (2FA) is the most effective method for countering phishing attacks, as it adds an extra verification layer when logging in to sensitive applications. 2FA relies on users having two things: something they know, such as a password and user name, and something they have, such as their smartphones. Even when employees are compromised, 2FA prevents the use of their compromised credentials, since these alone are insufficient to gain entry. In addition to using 2FA, organizations should enforce strict password management policies. For example, employees should be required to frequently change their passwords and to not be allowed to reuse a password for multiple applications. Educational campaigns can also help diminish the threat of phishing attacks by enforcing secure practices, such as not clicking on external email links. Phishing protection from Imperva Imperva offers a combination of access management and web application security solutions to counter phishing attempts: Imperva Login Protect lets you deploy 2FA protection for URL addresses in your website or web application. This includes addresses having URL parameters or AJAX pages, where 2FA protection is normally harder to implement. The solution can be deployed in seconds with just a few clicks of a mouse. It doesn’t require any hardware or software installation and enables easy management of user roles and privileges directly from your Imperva dashboard. Working within the cloud, Imperva Web Application Firewall (WAF) blocks malicious requests at the edge of
Read more
20 Jan, 21

Managed Cloud Hosting & Re-Designed Website for UPSP – Sindh Govt.

  YISolutions, an IT Managed Services & Cyber Security Solution company based in Karachi, Pakistan, is proud to announce that once again Directorate of Urban Policy & Strategy Planning has selected YISolutions as their Managed Cloud Hosting Services along with SSL Certificate for website security. This is the Sixth Consecutive Year, our Managed Cloud Hosting selected by Directorate of Urban Policy & Strategy Planning.  YISolutions, is also is pleased to announce, this year -2021, UPSP selected us to re-designed their content management-based website.   Services provided to UPSP; Managed Cloud Hosting Services Managed Cloud eMail Services Managed Cloud MailChannels Services Domain Management Services Implementation SSL Certificate  Management of SSL Ensure Compliance Analyze the “old” website Adding more functionality to a website Adopt to modern Technology Start building the website re-design  plan   New Website is here – https://urbandirectorate.gos.pk/     Being cognizant of the role of cities as engines of growth, Government of Sindh has established the Directorate of Urban Policy and Strategic Planning (UP&SP) in the Planning and Development Department, with the mandate to plan for sustainable urban development in the province to realize the objectives of economic growth, planned infrastructure development – dictated by a strong policy and regulatory regime and to  also address inequities caused by intra-urban and regional disparities. YISolutions is a key player in IT Consultancy, Cyber Security and IT Managed Services. YISolutions was established in 2002-2003 and our Pakistan Registered Office is located in Karachi at Clifton. And our Principle Registered office is located in the US at Herndon. For more information please email us at  support@yi.com.pk  
Read more
15 Jan, 21

Teramind Partner & Distributor in Pakistan

YISolutions,  is proud to announce its appointment as the exclusive distributor & Partner of the complete range of Teramind products & Services in Pakistan.   About Teramind Teramind is a leading, global provider of employee monitoring, user behavior analytics, insider threat detection, forensics and data loss prevention software solutions. Over 2,000 organizations in finance, legal, retail, manufacturing, energy, technology, healthcare, and government verticals across the globe trust Teramind’s award-winning platform to detect, record, and prevent malicious user behavior in addition to helping teams drive productivity and efficiency. Core Solutions; Employee Monitoring Employee or User Behavior Analytics Endpoint Data Loss Prevention   About  YISolutions YISolutions is a key player in IT Consultancy, Cyber Security and IT Managed Services. YISolutions was established in 2002-2003 and our Pakistan Registered Office is located in Karachi at Clifton. And our Principle Registered office is located in the US at Herndon.   Core Services; IT Managed Services Cyber Security & Protection Cloud Solution Digital & Social Media Marketing Software Solution Web Solution For more information please email us at  support@yi.com.pk   You can also visit Teramind e-Store in Pakistan 
Read more
15 Jan, 21

Netwrix Partner & Distributor in Pakistan

YISolutions,  is proud to announce its appointment as the exclusive distributor & Partner of the complete range of Netwrix  products & Services in Pakistan.   About Netwrix Netwrix empowers information security and governance professionals to reclaim control over sensitive, regulated and business-critical data, regardless of where it resides.  Over 10,000 organizations worldwide rely on Netwrix solutions to secure sensitive data, realize the full business value of enterprise content, pass compliance audits with less effort and expense, and increase the productivity of IT teams and knowledge workers.   Core Solutions; Netwrix Office 365 Auditing Netwrix Active Directory Netwrix Windows Server Auditing Netwrix SQL Server Auditing Netwrix Oracle Database Auditing Netwrix VMware Auditing Netwrix Exchange Auditing About  YISolutions YISolutions is a key player in IT Consultancy, Cyber Security and IT Managed Services. YISolutions was established in 2002-2003 and our Pakistan Registered Office is located in Karachi at Clifton. And our Principle Registered office is located in the US at Herndon.   Core Services; IT Managed Services Cyber Security & Protection Cloud Solution Digital & Social Media Marketing Software Solution Web Solution For more information please email us at  support@yi.com.pk   You can also visit Netwrix e-Store in Pakistan 
Read more

CloudLinux NodeJS Support for cPanel

CloudLinux NodeJS Support for cPanel Node.js is an open-source, cross-stage JavaScript runtime environment for building up a different assortment of instruments and applications. In spite of the fact that Node.js is not a JavaScript system, a number of its essential modules are composed in JavaScript, and engineers can compose new modules in JavaScript. Node.js is mainly used for hosting different kinds of applications like the Ghost blogging platform etc. The issue is cPanel does not have any support for NodeJS by default, however, it can be installed manually via command line by following our step by step installation guide. The bad side is, the above couldn’t have any user-friendly interface, so it would be hard to configure and set up an application in it. The CloudLinux provides a much friendly interface for the same by designing NodeJS selector and can be managed through the website cPanel interface easily. The CloudLinux OS enhances server strength, security, adaptability, and permits framework executives to track substantial asset utilization in shared facilitating situations. Here I’m are going to describe on how we can install this utility on a cPanel server. 1) Login to the server as a root user via SSH, and run the following commands to install the various versions of NodeJS packages provided by CloudLinux repository. #yum groupinstall alt-nodejs6 alt-nodejs8 alt-nodejs9 alt-nodejs10 alt-nodejs11 –enablerepo=cloudlinux-updates-testing 2) Make sure to install LVE Manager, Passenger Apache module and CageFS (for extra security) utilities on the server by running below commands. #yum install lvemanager lve-utils ea-apache24-mod-alt-passenger cagefs –enablerepo=cloudlinux-updates-testing 3) Once the above has completed, you can now go to the WHM interface >> CloudLinux LVE Manager and in “Options” tab click on “Node.js” option where you can view the installed versions. Through this interface, you can completely turn off the NodeJS support or can disable/remove or make a specific version as default as your wish. 4) The users can now manage or create new applications via their cPanel control panel >> Setup Node.js App interface under the “Software” tab. We will go through a sample NodeJS application creation/managing through this utility to familiarize much more via another article.   If you should require any assistance in setting up the above, please feel free to reach out to our support department.
Read more

Advantages of CloudLinux

The CloudLinux OS enhances server strength, security, adaptability, and permits framework executives to track substantial asset utilization in shared facilitating situations. Clients on the committed server are reminded when they are at their asset limit, which keeps away from the punishment of closing the whole site down. They can likewise track CPU, memory or plate I/O with diagrams on their dashboard. A standout amongst the most difficult assignments for any web facilitating supplier is overseeing client server use, yet a working framework called CloudLinux can make it less demanding. For little web has, overseeing devoted servers can mean awakening at extremely inconvenient times of the night to handle a server over-burden, and for bigger hosts with many servers, these issues are just copied and heightened. In the mutual facilitating environment, it is basic to guarantee no single client can over-burden a framework with their applications. Be that as it may, with any mutual server, it’s generally a matter of “when will the server be over-burden by a client” as opposed to “will a client over-burden the server?” One of the real distinct advantages in web facilitating has been the presentation of CloudLinux, a working framework intended to handle the greater part of the issues identified with web facilitating and devoted server usage. Solidness The essential advantage of utilizing CloudLinux is the client asset constraint highlights it offers. Before CloudLinux, it was almost difficult to apportion particular memory, CPU, and plate I/O limits onto shared facilitating clients. CloudLinux breaks every client into an occupant, like how virtual private server’s capacity, by making a record framework for every client with asset restricts that the web host characterizes. At the point when a client maximizes CPU assets, their site pages will be nimbly backed off for clients as opposed to suspending the site. Should they maximize on memory or circle I/O, web has the choice to set their own particular custom mistake page to ready clients of the asset use issues. This permits committed facilitating clients to venture in and enhance their site, or plan an overhaul. Never again are clients ready to over-burden a committed server, which implies an unbelievably stable facilitating environment for clients. Utilization Following A typical sympathy toward shared facilitating clients is a comprehension of precisely the amount of the server’s assets they are utilizing. Without CloudLinux, it is hard to give clients careful points of interest and charts on their memory, CPU, and circle I/O utilization. CloudLinux wonderfully coordinates into cPanel to give clients point by point diagrams on accurate use of their applications. This helps client’s arrangement move up to VPS or devoted facilitating by demonstrating to them a visual representation of use and engaging them with the data they have to settle on educated choices about their site facilitating. Security CloudLinux uses an innovation called CageFS, which totally isolates every client’s record framework. This keeps clients from seeing each other and survey the delicate data of different clients. CageFS likewise shields clients from various assaults, including the vast majority of the benefit heightening and data revelation assaults. CageFS incorporates consistently for clients, so there is no requirement for them to change their scripts or perform undertakings in an unexpected way. Proficiency and Benefits One basic metric of benefits for shared web hosts is the quantity of clients that can be set on a server. It is essential to have enough clients on the server to be productive, yet having an excessive number of clients causes your devoted servers to log jam and can bring about asset issues. CloudLinux saves the day by permitting web hosts to uniformly part up assets, permitting them to have numerous more customers on a server without giving up the client experience. This prompts expanded benefits and server assets are utilized efficiently. Numerous web host in the past have reported a worry that overhauling a server’s equipment wouldn’t resolve asset use since high use clients would wind up over-burdening the server in any case. CloudLinux permits web hosts to buy those bigger committed servers and utilize the equipment to its potential. Another way CloudLinux enhances benefits for a host is with the point by point utilization data charts laid out before. Numerous web has assembled data on their customer’s asset use and connect with their high use clients to offer them arrangements more suited for their requirements. This can create extra items being sold to a client like a VPS, or a common facilitating arrangement with ex   If you need any further assistance please reach our support department.
Read more

Understanding CloudLinux CageFS

CageFS, beforehand known as SecureLVE, is a security augmentation of Cloud Linux. It makes a virtualized document framework and set of instruments for every end client. This ensures every client can see just their own documents and apparatuses. The division is protected for shell scripts, CGI scripts, and cronjobs also. CageFS encloses each mutual facilitating client in his/her own private virtual space. It contains an arrangement of apparatuses which contain the clients in its own asset limits or a ‘pen’. Every client will have its own particular completely utilitarian CageFS, with all the framework documents, instruments, and so on. Advantages  1) Taking care of Hackers CageFS keeps programmers from filtering the server for defenseless documents, and raising benefits to pick up root access. 2)Virtual Private Region CageFS guarantees that clients can’t see some other client and will have no real way to distinguish the nearness of different clients in the server. 3) Free Programming CageFS turns out to be a piece of Cloud Linux OS and there is no extra charge for it. 4) Seclusion from Server Setup documents CageFS additionally keeps clients from reviewing the server design records, for example, Apache config documents. 5) Similarity with cPanel CageFS accompanies module for WHM that permits us to oversee and overhaul CageFS. We can see and in addition change the default conduct of the clients utilizing the frontend board itself. Plesk, DirectAdmin, InterWorx and ISP Chief are likewise completely upheld and can be incorporated with CageFS. 6) Simplicity of Establishment and Design CageFS has the preferred standpoint that it can consequently recognize cPanel, Plesk, DirectAdmin, ISP Chief and InterWorx design from the server. This prompts less time expected to introduce the product and arrange it. 7) Simplicity of Overseeing Clients CageFS can be worked in two modes and flipping of clients between modes is conceivable from the front-end. The two bolstered modes are as per the following. Enabled for all, aside from those that are handicapped. Debilitated for all, aside from those that are empowered. The first mode is helpful for creation operation, where we can add every new client naturally to CageFS. The second mode is helpful while you test CageFS, as it permits you to empower one by one for your clients. 8) Usage of/tmp Already all clients kept in touch with the frameworks/tmp registry, which once in a while would get full from a runaway script or ineffectively coded application. With CageFS every client keeps in touch with a/tmp registry inside their home catalog, enhancing both security and dependability. 9) Client and Framework Access You’re actually in your own surroundings now. No taking a gander at different clients, their procedures, or what’s going on the server. You won’t have the capacity to view what different clients are signed in by means of SSH. You’ll even just access particular doubles. Commands: A client under CageFS has an exceptionally restricted arrangement of orders they’re ready to keep running from the shell. Basically you ought to have all that you need and nothing you don’t. For instance, here is the yield of the “top” order on a non-CageFS server: As you can plainly see the client running “top” with CageFS can just see their running procedures and that’s it (different clients, framework forms, and so forth). In a mutual facilitating environment, CPU and IO utilization are the most basic bottlenecks. At the point when a client introduces a CPU hungry module/programming in his record, then different clients facilitated in the server are denied of the assets. With CageFS this situation can be totally ignored, bringing about higher server solidness and security. This eventually brings about less bolster calls and henceforth more satisfied clients. This will start a chain of occasions eventually bringing about business development and more benefit.   If you need any further assistance please reach our support department.
Read more
Cart

No products in the cart.