By Stefanie Olsen, CNet News Blog

It could be a sincere form of flattery or a way to vent two years of frustration, but after losing YouTube's business in December, hosting company ServerBeach filmed a four-minute video of staffers describing how annoying YouTube was to have as a client.

"For being a social site, these guys aren't very social," one ServerBeach employee said in the video, which it posted on YouTube in recent weeks.

Despite the harsh words, the video is a creative exercise in sarcasm, according to Angela Ramirez, manager of client loyalty at ServerBeach, a 6-year-old hosting company. She said that during her company's two years hosting YouTube's servers, their laid-back geek cultures were very similar. To pay homage to the relationship, ServerBeach wanted to send a creative, funny goodbye, she said.

Ramirez joked in the video: "Just because you got acquired by Google you think you're big shots now. You're on the Oprah show, The Today Show. Did you forget the little people that helped you grow to the company you are today. Now that you're millionaires, you just forget about us," said Ramirez, who later in the video asked YouTube co-founder Steve Chen if he's single.

One truth in the clip, Ramirez said, is that ServerBeach had to manually invoice YouTube for hosting services throughout its business relationship, despite ServerBeach's automated billing system. The manual invoice, which required more sign-off and work, was the result of the complexity and heft of YouTube's bill--the company sucked up as much as a petabyte a month in bandwidth.

"They had more than 200 servers here. We had to have the bill approved by corporate accounting, and they had to mail in checks," she said.

Despite the loss of the account, ServerBeach's business hasn't suffered, she said. YouTube is still a customer of its parent company PEER 1, but it likely replaced ServerBeach with Google's corporate data centers. Ramirez said that ServerBeach has gained a lot of business in referrals from YouTube.

As for YouTube's feeling on the matter, Ramirez said she sent the video to Chen and the guys, and they loved the sarcasm. "They asked us to put it up on YouTube. We're going to miss them."

Link to article

SECURITY FIX, Brian Krebs on Computer Security

Spammers are having a field day with a string of recently discovered security vulnerabilities in MailEnable, an e-mail server program offered by many large, dedicated Web hosting companies.

Over the past few months, MailEnable has released updates at least a half dozen times to fix quite serious vulnerabilities in its various products that attackers can use to completely hijack vulnerable systems. Unfortunately, it looks like many customers either are not registered (and thus not receiving e-mail notices from MailEnable about the flaws), or they are simply ignoring the alerts.

"We are seeing hundreds of mail servers getting compromised via the rash of MailEnable vulnerabilities that have been discovered and announced in the last few months," said Lawrence Baldwin, chief forensics officer for myNetWatchman.

Baldwin's company often is contacted by people who were referred by an Internet service provider that has blocked the customer from sending e-mail due to evidence that his or her system has been compromised and is being used to blast out spam. myNetWatchman also gives away a program that will monitor your firewall logs for odd activity and alert you if your system shows signs of compromise.

Exploit code showing would-be spammers exactly how to exploit the MailEnable flaws has been posted to several high-profile exploit sites (ironically, one exploit is named "maildisable.pl"), and attackers have been using them with great success, Baldwin said. "We could actually see that the miscreants became aware of a new vulnerability in early to mid January, had a full month of ravaging and pillaging MailEnable systems" before a patch was released.

myNetWatchman has had nearly four dozen referrals from MailEnable users who scanned their systems and found infections. That's a significant share of its traffic: The company generally receives between 100 and 200 distinct submissions each day.

Baldwin said that in addition to using hijacked systems to send spam (this guy apparently had someone sending Western Union scam mails through his MailEnable server last week), the bad guys are dropping code that steals passwords on the infected system. It also spies on the Microsoft Windows remote desktop protocol (RDP) traffic to steal passwords from users who log on remotely to administer their mail servers.

But wait, it gets better. The attackers also appear to be planting tools that enable them to crack encrypted Windows system passwords. Why would hackers in this day and age go through all the trouble of doing that when they already have total control over an infected machine? According to Baldwin, many Web hosting providers using MailEnable are placing large numbers of systems on the same Windows Active Directory domain and using the same password to remotely configure the machines. Ergo, crack the password of a Web hosting provider using this set-up, and you suddenly control all of the hosting company's mail servers.

Ron Bradburn, director of engineering for Vancouver, Canada-based PEER 1 Dedicated Hosting, said his company bundles MailEnable for its dedicated hosting customers and that PEER 1 began receiving a spike in support calls related to compromised MailEnable systems in mid-February. "That's when the hackers started actively exploiting that and potentially setting up large bot networks."

Bot networks, also known as botnets, are large groupings of compromised PCs that cyber criminals use for everything from spamming to attacking others online to hosting scam Web sites. After a brief lull in botnet activity over the December holiday season, the number of new, compromised machines has skyrocketed recently. According to Shadowserver.org, a volunteer, nonprofit group that tracks botnets, the number of compromised machines has tripled in the past two weeks.

Bradburn declined to discuss his company's network setup or say how many of his customers were compromised by this vulnerability. "I can tell you that it's been a big problem for us. MailEnable is a very widely used e-mail client because it's free, but a lot of people don't monitor the third party software installed on their Web hosting machines."

Unfortunately, organizations whose servers have been compromised will remain compromised even after applying the MailEnable updates. The more popular exploit for these vulnerabilities works by injecting itself into the Windows logon process, which can be quite a tricky thing to fix.

"I think the hackers' intentions have been to collect as many login accounts or authentication mechanisms to the compromised machines as they can, so that even after the infection is cleaned up, they can still get back in," he said.

Bradburn said PEER 1 offers back-up services that can help customers recover from such intrusions, but that many customers do not choose that option. For those folks, he said, the only safe route is to reinstall the operating system on the Web host.

It's an even trickier thing for the anti-virus companies to even detect: This attack uses four different components, few of which were detected by any of the more than two-dozen anti-virus scanning engines over at VirusTotal. That's scary, when you consider that this malware has been in the wild for more than two months now. The result of each scan are available at these four links here (if you're having trouble viewing the results, make sure you've enabled Javascript for Virustotal.com).

Instant screen sharing service provider LiveLOOK (livelook.net) announced on Monday it has partnered with ServerBeach, PEER 1 Network Enterprises' self-managed hosting subsidiary.

ServerBeach will host LiveLOOK, supporting its unique screen sharing network. ServerBeach will also begin using LiveLOOK instant screen sharing as part of its customer support initiatives, along with live chat.

"LiveLOOK is fast and easy to use," says Robert Miggins, VP of ServerBeach. "Our sales team has used LiveLOOK to address customer questions effectively and visually walk them through the shopping and signup process and in turn, we have seen an increase in sales and a dramatic improvement in our customers' first impressions of ServerBeach."

LiveLOOK is an instant screen sharing service that uses Web-based screen sharing technology to provide an instant visual link between customers and support agents. The service launches instantly from a single click on a button, and requires no software downloads for either customers or agents.

A New York instant-screen sharing technology firm has selected ServerBeach as its managed-hosting provider to support the company's network.

Financial terms of the agreement were not disclosed.

LiveLOOK is an Internet-based system that companies can use to give people an instant visual link between customers and customer-support agents. Through it, people can see what's on each person's computer screen.

LiveLOOK is designed to launch instantly with a click of a button and does not require any special software downloads. The system is designed to work alongside live Web chats or a phone conversation, LiveLOOK CEO Olga Cantarella says.

LiveLOOK selected ServerBeach because it needed a reliable service provider that could support the bandwidth-intensive system, LiveLOOK Chief Technology Officer Igor Khalatian says.

In addition to selecting ServerBeach in San Antonio to manage the Web infrastructure for the service, ServerBeach has decided to adopt LiveLOOK instant screen sharing as part of its own customer service.

ServerBeach is a subsidiary of PEER 1 Network Enterprises Inc. (TSX-V: PIX) in Vancouver. The company operates data centers in San Antonio, Los Angeles and Herndon, Va.

“We are excited to connect with ServerBeach. Gamers now have access to great titles on great servers on the ServerBeach Platform via the GameRail Network� said GameRail’s President Blake Ashby.

Online multiplayer computer gaming is one of the fastest growing entertainment activities in the U.S., with over 40 million people now playing regularly. GameRail recently introduced the first network designed to meet the speed and quality needs of online gaming. GameRail’s bypass network delivers a “direct connect� from the game player to the game host and avoids the congestion and inefficient routing paths of the regular Internet. Once GameRail and the subscriber’s provider of Internet access are interconnected, the subscriber’s game play packets bypass the multi-hop, high latency Internet and hot route on a dedicated, national broadband network connected to the game host.

GameRail’s nation-wide, private backbone with Phase 1 access points in seven major cities is presently establishing peering relationships with access providers, game hosts and data center/collocation providers who support game hosts.