Microsoft fixed http://arabia.msn.com problem on Wednesday December 30, 2009. However, Microsoft did not inform public about the source of the problem and fixed it after three days without any explanation . I am not sure about Microsoft incident response procedure but 3-days is much longer than industrial standard!
Archives for December 2009
A world renowned security expert has found a problem with a subdomain of Microsoft’s MSN.com where simple operations lead to error messages from the server. Is this just an error on Microsoft’s part or a prelude to a cyber attack?
December 28, 2009 – Dr. Ali Jahangiri, a world-renowned security expert, has discovered a problem on Microsoft’s MSN.com website. As an expert on hacking and server vulnerabilities he is concerned about Microsoft’s response time in fixing this problem as well, as the possibility that this is a prelude or even the result of an attack on Microsoft’s website.
Discovered on Saturday 26, 2009 at around 5:00pm GMT, the problem is with MSN’s Arabia subdomain. MSN uses subdomains to provide localized content to different parts of the the world. There are MSN subdomains for the UK, France, India and so on. There is also a subdomain for Arabia at http://arabia.msn.com. The problem occurs when users of the site try to access Microsoft’s Bing search engine.
On other subdomains and the main MSN.com website, entering a search term into the Bing search box takes you to the Bing search engine and a page of results for the term entered. But on the Arabia site using Bing results in an error. The error comes in two parts, the general error is “You are not authorized to view this page” and the reason given for this is “Forbidden: IP address of the client has been rejected.”
Dr. Jahangiri, who is the author of Live Hacking – a comprehensive guide to hacking techniques and countermeasures for ethical hackers, has tried accessing Bing on http://arabia.msn.com from computers in the U.S., U.K., Canada and UAE and the same error is seen. This means that it isn’t a specific problem with just a few computers but all computers on the Internet.
Dr. Jahangiri is calling on Microsoft to fix this problem quickly but to also check their MSN Arabia website to ensure that it hasn’t been compromised and also to check for any other vulnerabilities in the web server configuration.
MSN Arabia gives Internet Information Services (IIS) error (HTTP Error 403.6 – Forbidden IP Address) while the users use Bing search engine.
The error discovered by Dr. Ali Jahangiri an information security expert while he tried to use Bing search engine at http://arabia.msn.com . Although, the error describe a rejection for a Forbidden IP Address but the test carried on with different IP addresses from different countries such as U.S., U.K., Canada and UAE.
The above mentioned error may occur due to misconfiguration or it could be the result of an attack to the Bing search engine at http://arabia.msn.com.
I used to write on my Amazon author page but Amazon Author Central is under development (beta version) and keeps only last three posts. Therefore I decided to have my blog on my own website to keep my posts and articles safe! In addition, there are some changes on my website to make it ready for 2010, I hope you enjoy it. Thank you for your comments!
LIVE HACKING will be available world-wide in less than four weeks. This will make LIVE HACKING available to a larger audience through more outlets including: retailers, bookstores, libraries, academic institutions, wholesalers, and distributors. The new distribution channels help to distribute LIVE HACKING to thousands of retail and wholesale outlets throughout the U.S. and world-wide.
I had received many requests from my students and colleagues to create a facebook page. Although, I was concerned about its security and other issues related to the social networking sites but I thought with a proper consideration that could happened. Please click here to visit my facebook page.