As part of our normal operating schedule, several of our hosting servers will be undergoing routine maintenance between 18:00 and 19:00 tonight.  During this time, access to some services may be impaired or unavailable.

The ACS Support website will not be affected by tonight’s work and will remain operational should any customers wish to contact our support team.

For live status of all our NamesAndSpace (N&S) hosting servers, please visit http://status.appliedconsultancy.com.

As and when the maintenance work has been completed, our support team will update this blog.

Phishing or exploitation messages are ten a penny now a days, but there is occassionally one that pops into the Inbox that can appear to even experienced users to be genuine.  A case in point is one that we have received today at our enquiries address.

This message, which we know have been received by other users, purports to say that an important service upgrade is required and that to complete it you need to download a file.  A sanitized version of the message is enclosed below:
From: tech-admin [mailto:tech-admin@appliedconsultancy.com]
Sent: 12 October 2009 16:12
To: enquiries@appliedconsultancy.com
Subject: Important Notification!

Attention!

On October 16, 2009 server upgrade will take place. Due to this the
system may be offline for approximately half an hour.
The changes will concern security, reliability and performance of mail
service and the system as a whole.
For compatibility of your browsers and mail clients with upgraded server
software you should run SSl certificates update procedure.
This procedure is quite simple. All you have to do is just to click the
link provided, to save the patch file and then to run it from your
computer location. That's all.

http://updates.appliedconsultancy.com.secure.first-systems.com/ssl/id=76040839057-enquiry@appliedconsultancy.com-patch11732.aspx

Thank you in advance for your attention to this matter and sorry for
possible inconveniences.

System Administrator

Disecting the message: Why this message is a con.

There are several indicators, but the most obvious one is the link.  Although it may be first purport to com from our domain appliedconsultancy.com, it actually doesn’t.  The full domain name listed is updates.appliedconsultancy.com.secure.first-systems.com.  The section in orange, first-systems.com, is the principle domain name, and the one that the link points to.   In other words, you click on this link, you will not be going where you may think you are going.

We have never heard of first-systems.com and consequently have nothing to do with them.

The next indicator is that there are no contact details supplied by the message.  Even the most frugal web host will supply and e-mail address and the web address of their support portal at the very least.

Another indicator is that the recipient e-mail address together with an ID Code (the part of the string with id=76040839057) is included in the link.  This is done so that the recipient server not only get confirmation that the e-mail address is valid, but also an identifier of the person who clicked on the link.

Lastly, the final indicator with regards to the validity of this message is that it was sent from tech-admin[at]appliedconsultancy.com.  We do not have any such address or alias in service, either now, or in the past.

Recommendations

As with all Phishing, exploitation and con messages, the trick in avoiding them is to be aware and wary of messages from unknown sources.  Irrespective of the message content, if you don’t recognise the sender, assume that the message may be malicious in nature.  These messages are just a new variation on the con-trick.

At ACS, we do send out messages relating either to our services or ongoing customer support issues.  All of these messages will conform to the following rules:

• All support and technical messages from ACS Limited (including NamesAndSpace and SecureSiteSolutions) will be sent from the address support[at]appliedconsultancy.com and will contain a ticket reference number.
• We do not generally send out messages regarding server upgrades and maintenance work.
• All announcements regarding server upgrades and maintenance work  for our NameAndSpace servers will be made via this blog and on our support websites, http://support.appliedconsultancy.com.
• All messages will contain a full signature including our contact details and all legally required information.  You will never receive a message from us that end with just System Administrator

Our support team carries out a rolling program of maintenance and housekeeping work on all of our servers.

• All updates and upgrades to our NamesAndSpace servers are managed and carried out by our Support Team.  This process does not require the direct involvement of any of our customers.
• You will never be asked to download an application or file as part of an upgrade of our servers.

As always, if you are an ACS or NamesAndSpace customer and have received this or a similar message, please contact our support team if you have any concerns or queries.

As part of our routine housekeeping and maintenance cycle, our NamesAndSpace (N&S) hosting services will be receiving some attention tonight.

Part of this work entails the necessity to restart some servers for new settings and updates to take effect.  During this restart, access to some services may be impaired.

For the full status of our N&S servers, please visit http://status.namesandspace.net.

Of late, there have been a few files uploaded to some hosting accounts that contained viruses and/or potentially malicious coding.

Our policy on such malware (Viruses, Spyware, Trojans etc) is well established – we don’t tolerate them under any circumstances.  Any uploaded file found to be, or containing, Malware is permanently deleted.

All of our N&S servers run AntiVirus software that is regularly updated, with full system scans taking place each night.  Any infected file will be deleted without any prior notification.

We routinely carry out checks and maintenance work on our NamesAndSpace (N&S) servers to ensure they are in good working order and fully patched and updated against potential security threats.

For the most part, such maintenance work is transparent to most users.  We very rarely need to take a service like e-mail offline for any period of time, and if we do, it is only for a minute or so.

To minimise service interruption, we carry out such maintenance work during predefined windows when server usage is at a minimum.  This tends to be after 8PM at night, or during weekends.

Where possible, we advertise these maintenance windows at least 48 hours or 2 days in advance of the start of the scheduled work.  However, there may be circumstances where we may have no option to undertake work on little or no notice.

Notices on forthcoming and current maintenance work may be found on this blog, and also on the N&S Status Website at http://status.namesandspace.net.

As some of our support customers may be aware, we had a problem earlier today with the e-mail feed for our support ticket facility.  In correcting the issue, some old updates were re-registered causing duplicate e-mail alert messages to be sent out.

If you were a recipient of these duplicate or out of date messages, we apologise for any inconvenience or confusion their arrival may have caused.  We have now implemented a number of extended measures to mitigate the possibility of this issue from reoccurring.

Our support team fully investigated this problem, and it was sourced to an old enemy: spam.  Out of all the messages we receive through the support e-mail address (support [at] appliedconsultancy [dot] com *) less than 2% are actually support related.  In this instance, a deluge of SPAM messages, mostly Russian in origin and content and with sizable attachments had filled up e-mail account.

Despite some progress in recent months, Spam continues to account for at least 80% of all e-mail traffic.  Increasingly, we are seeing spam messages containing some form of malware (Virus, Spyware, etc.) as an attachment.  Our recommendation on handling suspect e-mail messages remains the same: If you don’t recognise the sender,or have any doubts, don’t open the message and delete it.

* The support e-mail address is only accessible by registered ACS Support account holders and through their nominated e-mail addresses.  Any messages sent to this address from an unknown e-mail accounts are automatically deleted.

As expected, on 14th April, Microsoft ended mainstream support for Windows XP and Office 2003.  No further new function or non-security related updates will be released for either product.  Security updates will continue to be released until 4th August 2014, when Microsoft has declared that support for both XP and Office 2003 will formally end.

This is not entirely unexpected, nor is it particularly worrying.  No significant non-feature updates have been released for either product for a good while, and in the case of Windows XP, not really since Service Pack 2.  All Microsoft products are subject to a finite support life, and Windows is no different.  Existing installation will continue to be protected by Microsoft established security updates and patches.

For our support customers, this announcement does not equate to any realistic change in your systems.  Windows XP will continue to operate as expected, and given the average lifecycle of a PC, it is unlikely that you will still have any Windows XP PC still operational in 2014.

Microsoft has released a patch to correct the now well documented Zero Day Flaw in Internet Explorer that applies to all supported versions of Microsoft Windows.  The patch is available through Windows Update and provided your computer has been configured for Automatic Updates, you will be prompted to install it shortly.

If you are one of our corporate support customers, this patch will be automatically rolled out across your networks.  No further or direct action is required on your behalf.

The released patch only applies to versions of Windows that Microsoft still actively supports,principally:

• Windows 2000
• Windows XP
• Windows Server 2003
• Windows Vista
• Windows Server 2008

As Microsoft no longer actively supports Windows 95, Windows 98 or Windows ME, we would anticipate no correctiive patch will be issued for these operating systems.

This patch corrects a flaw that has been detected in Internet Explorer and its’ derivatives.  It does not apply to other Web Browsers like Mozilla Firefox, Opera and Google Chrome.

Our Support & Engineering team have implemented a number of vendor updates to correct a few issues with the Hosting Control Panel for NamesAndSpace accounts.  The Control Panel, accessible at http://controlpanel.namesandspace.net, faciliates easy management of all NamesAndSpace hosting accounts.

If you are unaware or have lost your Control Panel account details, please contact our support team via our Support Website.

Due to a recent update to the AntiVirus software we use on NamesAndSpace, we will be restarting our hosting servers from around 18:00 tonight (9th December).  Unfortunately, this restart is unavoidable.

We anticipate the downtime for each of our servers to be limited to a few minutes, and to minimise the inevitable service interruption, we will be restarting individual servers at different times.

If you have any queries regarding this, our rolling maintenance programme or any other support matter, please contact our Support Team via our support website, http://www.acssupport.co.uk.