• WebTrader the old label still lives on

    Webtrader was an initiative of the European Consumer organisations for webshops that were trustworthy and safe for consumers. They received European money, but were only used by three webshops in Belgium and finally lost their European subsidies and disappeared for so far I can make out. Or did they ?

    the name webtrader.be now redirects to beltonen.be probably someone who is buying up older domainnames with traffic just to redirect traffic - but DNS.be don't mind at all (about anything that is)

    and the administration of Economic Affairs has to be informed also of the demise since 2001 because on their handbook for webenterprises it is still mentioned.

    "In die geest nam de consumentenvereniging Test-Aankoop het initiatief om op basis van een gedragscode een labelingsysteem uit te werken, nl. de Web Trader. Dat labelingsysteem heeft tot doel de elektronische handel te promoten door de betrouwbaarheid en de ernst van de websites die het logo voeren te certificeren. De consument die dergelijke sites bezoekt, weet dan zeker dat die sites de Web-Tradercode naleven (zie http://www.budget-net.com/webtradersite/webtrader_home_be.html). Een vergelijkbaar labelinginitiatief werd opgezet door het netwerk van Kamers voor Handel en Nijverheid van België (zie http://www.cci.be/)."

    and by the way, the other initiative from the CCI is also gone up in smoke.

    Luckily the creditcard companies have started to get a bit of their act together and are pushing for the PCI standard. Even if can have a lot of criticism about it, it is a much better start than any of the initiatives above.

    about the demise of Webtrader label http://www.zdnet.be/smartbiz.cfm?id=14147

  • DNS.be didn't but we found bank17.Be on dns.be

    Bank17.Be one of the domains that we found to be in quarantine that were used for spamming, didn't exist declared Van Wesemael of DNS.Be before the parliamentary commission on infrastructure where he wanted to defend himself.

    If anyone thinks that we publish information that we didn't check and we are only publishing a fragment of what we have or know, they should think again. It is not our way of working. We are not a group of angry teenies. We are professionals that try to start a real debate about cybersecurity in Belgium.

    So here it is bank17.be live from dns.be

    token_015

    and the sites was used the 22 second of January this year in a phishing site according to phishtank
  • You can trust belgian webshops they say

    trust is good control is better (but where is the control ?)

    raak_16

     

    and this is in the hacked listing zone-h.org

    pcms.be

  • New phishing tactic used against DNS.Be register process

    When we said a few days before that some domains in the quarantine of dns.be are being used for things that seem 'phishy', we didn't knew that we were to find a whole campaign.

    Phishtank has send us a list of phished sites in the .be domain between november and 2 days ago (240 in total). From 25th of december untill know phishers are not losing time with hacking sites to place phished pages. Now they are using domains like the ones we have found in the quarantine (itemx*.be and bank*.be) There are about 200 phished sites like that mounted the last month alone.

    So there is something that seems like a growing hole between the registration process, activation process and the payment process in dns.be that is being used by others to launch very quickly phished sites for a very short time. One should keep in mind that a phishing sites collects the most data in the first 4 hours after the spam with the link is being sent out.

    It seems that there needs to be done something. Most of the domains are now in quarantine and inaccessible by domainname. But it seems that something needs to be done.

    Maybe you do need a real security investigator-officer that handles everything securitywise and uses the very stringent Belgian domainlaw to take down and close down whenever it is in the public interest.

  • Priorweb.be hacked

    This is news because priorweb is according to RSA the most insecure Belgian hosts because it is the host that is most used to place phishing sites or should we say that its servers are hacked to place phishing pages on other sites. So now the Turks leave their mark.

     token_013

    According to zone-h.org the hack was as midnight. Let's see how long it takes to get it cleaned up.

    token_014
  • Minister of Justice will attack online gambling in Belgium

    It has taken months of meetings by our gambling commission but only a few hours for our new Minister of Justice. If we can't have any control on online gambling and poker under the old law and reglementation, we will change them and that will be done quickly. So, lets go. Hope he does that before the 22th of March.

    The easiest part are the online gambling and poker sites with a .be domain because these domains fall under the Belgian law. Dns.Be may maybe not like it but these domains and themselves do fall under Belgian Law. So or they ask for a copy of the permission of the gambling commission if you want to open a Belgian gambling site or they give the Belgian gambling commission a list of all new belgian gambling sites so they can start an investigation.

  • Robinsonlijst.be, making it difficult for the consumer

    So the Robinsonlijst.be is meant to be a service for the consumer. This is hardly the case if you read what a consumer has to do

    * he has to give his information to be sure not to receive advertising, maybe it should be the other way round, surely if you read what the conditions are

    * This blacklisting is for 3 years only and every 3 years you have to confirm that you still don't want to receive any advertising from their members. They will contact you, but if you didn't ask them to receive advertising why should they contact you ?

    * You will have to list every member of your family individually. It is also not possible to delist a firm. This last thing is strange. Why can't a firm decide it doesn't want to receive all that advertising ? You can delist an emailaddress of a network, but only one at a time.

    * You shouldn't receive any advertising from other Belgian firms or from firms outside from Belgium because they were asked to respect this list. You shouldn't also receive any junk faxes because it is illegal in Belgium to send unsollicited commercial faxes.

    * After you have given your information, it will take up to 3 months before you will no longer receive advertising from any of their members.

  • No advertising from Belgian firms anymore ? Only for dutch and french speaking people.

    Go here http://www.robinsonlist.be/

    and you can chose what you want to blacklist (SMS, Email, mail, phone) your address for any advertising from all 450 members of the Belgian Direct Marketing association.

    but you will have to speak french or dutch to understand anything what they are saying because the listing is only in those two languages (they have also forgotten the german community in Belgium, which is an official language in b Belgium).

    http://www.robinsonlist.be/ou_nl.htm dutch or http://www.robinsonlist.be/ou_fr.htm  french

    or maybe phone for free  0800/91.886 and speak english or german or send a letter in english or geman to "Robinsonlijst, Buro & Design Center, Heizel. Esplanade B46, 1020 Brussel"

  • DNS.be and illegal gambling sites

    Gambling is illegal in Belgium, but who cares on the internet.

    DNS.Be our Belgian VZW managing the .be domainname is a Belgian organisation that falls under Belgian law.

    The Belgian institution that is responsable for the regulation of the gambling business in Belgium - kansspelencommissie (sort of commission) - has spent many meetings looking for a way to have some control on the gambling sites in Belgium. But....

    As long as dns.be sells domainnames .be to business that have no postal address in Belgium it is too difficult to apply the Belgian law.

    So here is a Belgian organisation that is responsable for the management of a public good (our domainname system) without any consideration for the other institutions of the Belgian government that try to make some Belgian law and ethics rule on the Belgian internet.

  • DNS.be and online gambling

    It is illegal for a company in Belgium to have poker or any other gambling operation online or offline without a permission from the gambling commission. But there is a monopoly so it is very hard to get one. But the gambling commission communicates any online gambling sites that has any link to Belgium to the federal taxes administration so they can try to levy taxes (right, yep,....) or just close the whole thing done - as they do with real illegal pokergames.

    It is not illegal for the players to play online poker on other international poker sites.

    But the question is, is a .be domain name not a link with Belgium as .be is the national domainname. And can you sell domainnames for an activity that needs a permission from the gaming commission otherwise it would be an illegal activity ?

    Or do we just think that those reports about the thousands that are addicted to online and offline gambling and wrecked lives are just about losers that don't deserve much better ?

    And if you are curious just type in Google "site:be poker "

  • impossible to stop or filter fast flux DNS for now

    Fast Flux DNS Signatures
    Written by Matt Jonkman   
    Friday, 25 January 2008

    New sigs from Jim Mcquaid and Jart Armin. Intended to catch dns lookups for fast flux DNS domains. If you're not familiar, many botnets are using what we call fast flux to keep their domain names moving and thus harder to shutdown. They'll have a ttl less than 60 seconds, and do very frequent automated dns server changes with their registrar. If you get a lookup for a hostile domain there's a very good chance the source is infected or trying to download infecting code.

    These are experimental for now, please give feedback to the emerging-sigs list.

    ***Update***  Lots of falses, revisiting the issue, will post new sigs shortly

    *** Update 2 ***  Had to abandon the idea. Google and others use the same methods as fast flux. 

  • Why DNS.be should control domainregistrations with financial institutions in

    Because already twice such domainnames have been registered and are still active in phishing schemes.

    It wouldn't be that hard to block the names of financial institutions and so on if they are used in the domainname or typosquatted.

    Naam paypal-updates
    Status REGISTERED
    Registratie 3 augustus 2006
    Laatste wijziging 18 augustus 2006 11:02
    Licentienemer
    Naam jilali kadour
    Taal Frans
    Adres address
    E-mail email

    www.castlecops.com one of the international phishing fighters finds it a scam

    The other one is even better. After being used for phishing and being blocked as such by www.millersmiles.co.uk the website is not blocked but ......

    Domeinnaam Status
    bardays-ibank.be

    AVAILABLE  

  • The Belgian site that hosts Coolwebsearch infections

    There is a spyware/malware Cool Web Search that is being run out of Russia that has been making live very difficult for surfers and antivirus firms. A russian registrered a Belgian .be website and uses it to infect surfers.

    All sites listed here are either linked to sites that run exploits,
    are found in the code of CWS files that have been infested on computers,
    or their whois with their mostly faked aliases and/or emails are
    registered to other domains that run the CWS exploits
    http://webhelper4u.net/whmembers/siteslists/cwsalphaA.txt

    wwwhttpcom.be

    Naam  wwwhttpcom 
    Status  REGISTERED 
    Registratie  10 oktober 2007 
    Laatste wijziging  10 oktober 2007 23:18 
    Licentienemer 
    Naam  Ivanov Fedor 
    Organisatie  Fedor Ivanov
     
    Taal  Engels 
    Adres   
    Telefoon   
    E-mail   
    Technische contactpersonen van de registrar 
    Naam  Pierre-Yves Goubet 
    Organisatie  Eurodns S.A.
     
    Taal  Frans 
    Adres  41 am Bann
    3372 L-Leudelange
    Luxemburg 
    Telefoon  +352.2619161 
    Fax  +352.26202996 
    E-mail  hostmaster@eurodns.com 

  • Open letter to DNS.Be

    We heard that the actual leadership of DNS.Be felt personally hurt by the questions that were raised about its role - or the lack of it - in securing the Belgian Internet (and that I wasn't the only one doing so - or agreeing when it was being said). First it must be clear to everyone that there is nobody - even not your hardest critics who would deny that you have placed the Belgian domainname .be back on the map and that you are delivering a professional service. There is no one who would deny that the present state of the Belgian domainname is lightyears from where it was 10 years ago and there is no one who would like to go back to that situation. A situation in which it took months to be able to register a domainname and in which the installations weren't safe. So comparing us with that situation or saying that we don't appreciate your work would be unfair because you know it ain't true. The consequence of all that hard successful work is that you have become so important for securing the Belgian internet and for the cyberimplementation of Belgian law that the people in those branches can't ignore it (even if they don't speak about it). But some of us feel that we have hit a Berlin Wall when we tried to argue that changes were due and that your initiatives (like your free domainnames and now your quarantaine method) are being abused by spammers, spywaredealers, phishers and more of that kind of people we would like to make it as hard as possible to rip off people around here. You have become so big that aren't the startup anymore but you are a big firm now and like the others in your branch you will now be open for discussion and proposals for change. You don't have to take them as a personal attack or as if we don't appreciate the work you are doing. But as a way to place the Belgian domainname where it belongs : among the representatives of the Belgian enterprises, consumers, internet community and the Belgian lawmakers. Because after such a long hard way to success your place belongs where it ought to be for years to come. Your place in the history of the Belgian Internet is a Belgian domainspace people, businesses and democracy can believe in and trust. You can try to build a Berlin Wall around your organisation and try to quell every discussion or debate and make some cosmetic or half-baked changes, but the automatic registration without any control and the obsession with numbers instead of quality will lead to mistakes and problems and questions and debates every so many months. It is up to dns.be to chose if it will accept the responsability it has to keep a clean and responsable Belgian domainspace or it may try to quell any debate or question about its role and functioning and lose its time with fighting against change. History shows who wins in the long end.Are you ready and open for discussion and debate ? A factual debate, not a personal or hysterical, defensive one ?

  • No Belgians in the list of ICANN accredited domain registrars

    http://www.internic.net/origin.html

    All accredited registrars have agreed with ICANN to obtain contact information from registrants, to provide it publicly by a Whois service, and to investigate and correct any reported inaccuracies in contact information for domain names registered through them.

    Reports submitted through this facility will be forwarded to the appropriate registrar for handling, and the progress of your report will be tracked

    http://wdprs.internic.net/

    But no Belgians yet.....

  • Our official VDAB webdesign course for unemployed Hacked

    So you start well with learning them how to set up your site or forum in high security ? Official courses all over Flanders for the unemployed. Learn how to be hacked.....

    raak_17

    and their forum looks like this

     raak_18

     

    but these enterprise revisors (auditors) will have to audit their website by someone else that has followed a different course

    http://www.dfsa.be//images/File/SHT.html

  • added a bunch of sites to the Belgian hacked websites

    So we have found a list of new ones (no, not all new ones are added already) Our archive is already over the 900 on Furl alone.

    We also have seen that there are still a lot of hacked sites that are still hacked since weeks or months who cares ? Maybe the visitor who can get a virus .....

    Some sites couldn't be indexed, so we put them here

    HackeD By J0k3R---->>for HackTurkiye- [ Traduire cette page ]HackeD by J0k3R. J0k3R@HackTurkiye.com Sisteme Turk Hacker tarafindan tecavuz edildi uzulme gurur duy kapaK oLsun :D >>>> J0k3R ...
    www.amos.be/files/ 

    By Hacked By X-MaN- [ Traduire cette page ]Hacked By X-MaN. -. By_X / Pıtbulls_hacker / İstanbulls. TURKİSH HACKER TEAM. www.genchackers.info. NHacked X-MaN N. Copyrıght© 2oo7 X-MaN.
    www.vano.be/byx.htm 

    DeltaHackingSecurityTEAM- [ Traduire cette page ]HACKED BY DAVOOD_CRACKER.
    site-it.be/uploads/index.html - 6k

    By Kamaimasen™::..::Hacked::..AvciHack-AkinciHack-HackTurkiye TIM ...Hacked The By Kamaimasen™, Hacked The By Kamaimasen™ Turkisch HacKer HackLeyenide HackLeriz koçummm. FAQ FAQ · Search Search · Memberlist ...
    www.jeugdmerret.be/index.html

    and our selection of today

    a good one
    http://www.mundaneum.be/

    Hacked By ML`- [ Traduire cette page ]y0ur system owned by ML`. irc.opustanje.org #viper-crew. Greetz to : mawena | StRoNiX | JuMp-Er | jimena_slo | Ziva`Vatra | System-c0d3r | Vuk | Apolo ...
    www.mundaneum.be/fichiers/index.html 

  • Quarantined Belgian .be domains already used by spammers

    The antispamsoftware by jwSpamSpy publishes a permanently updated blacklist of spammers. We found some belgian domains in it and wanted to know more

    itemx1.be and so on and they also had all the same domain in HongKong

    bank7.be and so on

    and some other domains with letters that mean absolutely nothing.

    The strange thing is that they were all in quarantine which means according to dns.be

    QUARANTINE
    Names deactivated by the domain name holder (through a registrar) or by the registrar himself (e.g. when the renewal invoice was not settled on time) will no longer be immediately released but will be blocked for 40 days. These names are not active, but are NOT YET released

    So domains that are in quarantine are already being used by spammers to send out spam. Maybe they don't think of paying anything. The obvious question is how do they send mail from such a domain. Well, they fake it. In email you can fake anything and so it looks as it is coming from that domain but in fact in comes from a server or simple pc.

    Maybe these domains don't ought to be in quarantine, they - and their registrars ought to be in blacklists or receive a warning. The names of the domains themselves tell already enough, they are not up to any good.

  • A belgian virussite sending you to a China Virus site

    We wouldn't want you to go on this site without any protection. The page will try to open and your antivirus will go nuts. At the end a page with an vido will try to open on a Chinese site. And will try to install ActiveX stuff as trusted on your machine.

    And the site itself has nothing else than this on the frontpage

    This is the placeholder for domain jii.be. If you see this page after uploading site content you probably have not replaced the index.html file.

    This page has been automatically generated by Plesk.
    jii.be/fds/in.cgi?20 216.195.58.37 - Zlob N/A
    http://avic.blazina.cn/video.html
    and while we're at it these sites also have to clean up their act
    users.skynet.be/fa088362/gp/i.exe195.238.0.64hostingpool001.isp.belgacom.beDownloaderN/A
    screensavers.skins.be85.214.23.175h648911.serverkompetenz.netAdwareSebastian W. Foster