Wright PC Consulting, LLC

A flaw in many DNS servers leave users vulnerable to a redirect exploit that could send them to the darker side of the web. The flaw was discovered by security researcher, Dan Kaminsky had been advising ISPs and others to patch their DNS servers to protect themselves and their customers. Through an unfortunate mistake details of the flaw were released into the wild this week when those details were posted on a blog. That post has long since been removed. However, the cat is already out of the proverbial bag.

So, what does this mean for you? Hopefully your ISP was one of the more proactive and has patched their servers. Not all have been so swift and have left customers vulnerable. To see if your DNS servers have been fixed, go here for an instant analysis.

If you have followed my earlier advise and are using OpenDNS, then you can skip the test. OpenDNS servers are not vulnerable to the flaw as shown by the test results:

My advise to customers who are either unsure about thier DNS servers or if thier servers fail is to switch to OpenDNS at least temporily.  Who knows, with the feature set that OpenDNS offers, you may decide to use them as a perminent solution. I did a long time ago and have been a happy with the speed, features and security that I now expereince. You may too.

While most all web hosting providers, including mine, have a provision in their AUP or TOS that says that you, the consumer, are responsibility for backing up your data, I believe that as a service provider I owe it to my customers to do all that I can to protect their data. Backing up customer data both internally and off site is really the only way to fully mitigate potential disaster as the unfortunate folks that run their business out of The Planet’s H1 data center in Houston, Texas discovered when there was a large explosion in the electrical room that took the center off line for more than a week. While The Planet staff from the top down worked 24/7 to get the center back online, the update page tells the story of how difficult a task they had before them. During the downtime I followed the frustration of many whose data was held in powerless servers with no off site backup, were without a web presence, email and other services that make any hosting service’s world turn.

So, what do does Wright PC Consulting, LLC do to protect consumer data? Here is our current backup formula. While not perfect, it provides a pretty reasonable level of safety.

1. At approx. 3AM the cPanel backup script, cpbackup, runs an incremental backup of all customers’ home directories and cPanel configuration files and saves them to a dedicated backup drive where they are archived and rotated monthly.
2. When cpbackup has completed its backup, it starts a second script that “mirrors” the backup drive and sends it to a data center in another state through a secure encrypted tunnel using the rsync protocol.
3. Monthly customer data is burned to DVD and stored in a third, secure location.
4. For added security and by special arrangement, we will also mirror a customer’s email off site every hour.

These steps have proven to not only ease customer anxiety, but make they make restoring data, from a single file to any entire account easy.

Some may remember a post a few months ago in which I discussed ways that you can secure your laptop’s personal data using the opensource encryption solution TrueCrypt. I then took our security journey a step further in this post where I explored similar options to secure your data on external drives. Finally, I even touched on the importance of encrypting your data when using a off-site backup solution like Mozy.

So, why all the emphasis on data security and encryption? Well, you would have to be living a pretty isolated life not to realize that identity theft rates have been climbing to all time highs. Additionally, we store, transmit, manipulate and share data in more transparent ways than ever before. In fact, many are often unpleasantly surprised where their personal information may be stored in the clear for the taking.

While there are some state laws for how and when victims of a data breach should be notified, once a breach has occurred that data is in the wild with little that you can do to protect you, your family and your identity. That leaves us to do what we can to protect ourselves. Hence, my short series on data encryption and taking personal responsibility to protect your data.

Equifax
To report fraud, call (800) 525-6285 or write to P.O. Box 740250, Atlanta, GA 30374-0250.

Experian (formerly TRW)
To report fraud, call (888) EXPERIAN or (888) 397-3742, fax to (800) 301-7196, or write to P.O. Box 1017, Allen, TX 75013.

Trans Union
To report fraud, call (800) 680-7289 or write to P.O. Box 6790, Fullerton, CA 92634.

It is my hope that with the tips, tricks and solutions that I’ve presented will help to motivate you to safeguard your information. As I’ve demonstrated, with a little bit of preventative effort, you too can rest a little more easily knowing that if you leave your laptop on the train or your flash drive falls into the back seat of the cab, that your data will be safer than ever before.