cPanel has decided to provide Enkompass free of charge. Enkompass is a Multi-server Windows Hosting Control Panel for Windows 2008 and Windows 2008 R2 with same functions, feel and looks as cPanel/WHM.

cPanel Vice President of Product Development Ben Thomas, “All options for moving this product mainstream were considered, but ultimately the decision was made to move Enkompass to a no-cost control panel”. He also told that the Enkompass is considered a stable, mature, and feature-packed product that is capable of enterprise- and production-level hosting but its sales and distribution didn’t met the expectations of the company.  Development on Enkompass will be slow now but the Enkompass team will keep working on hot fixes and patches of the control panel.

Enkompass was launched by cPanel in 2010 with basic features like third party integration, cPanel/WHM feel and look, DNS Management, overselling, quota’s, bandwidth management, and centralized management of a single hosting infrastructure and with feedbacks from users and partners cPanel fixed the bugs and added features. Enkompass become more stable and mature as compared to what it was at the time of launch.

Now it will be interesting to see how many hosting companies opt for Enkompass after cPanel removed the license cost.

cPanel is a leading Web Hosting Control Panel Software provider supplying hosting automation tools to numerous data centers and customers all around the world. cPanel offers web hosting software that automates the intricate workings of web hosting servers. cPanel products are used on tens of thousands of servers worldwide to equip server administrators with the tools they need to provide top notch hosting to their customers. Since our beginnings in 1997, cPanel has been setting the standard for web hosting automation.

cPanel is one of the leading Control panel providers for Webhosting companies. cPanel UI and Design team is now working on a complete new layout, features which will make cPanel more user friendly and easy to use for user (from Newbie to Advance users). Following are the screens released by cPanel (forums)

[Show as slideshow]

eUKhost Ltd., a provider of Shared, Reseller Hosting, Virtual Private Servers and Dedicated Servers, today announced that it has extended its services portfolio by introducing Voice over Internet Protocol (VoIP) services. The company states that the service is designed specifically for VoIP service providers and businesses using VoIP services.

Voice over Internet Protocol (VoIP) is transmission technologies for delivery of voice communications over IP networks such as the Internet or other packet-switched networks. Other terms frequently encountered and synonymous with VoIP are IP telephony, Internet telephony, voice over broadband (VoBB), broadband telephony, and broadband phone.

The company avers that it will provide Free Trixbox installation with Extensions, Trunks, Route Setup, HUD configuration along with full support and management for the dedicated server. It further explains that it will pre-configure and optimize each Linux server with either Asterisk or Trixbox.

“There are numerous web hosting companies offering VoIP server hosting, but what makes eUKhost’s VOIP Server Hosting stand apart is full server management along with support for Trixbox and Asterisk” said Jack Mason, Product Manager at eUKhost.

“We see VoIP services as a high value extension of our varied product range and believe that it will achieve significant growth into our customer base.” he adds further.

Pricing for VoIP Dedicated Servers (http://www.eukhost.com/voip-dedicated-servers.php) start at £79/month for 1U rack servers. The company states that only branded server hardware from Dell Computers is used so that users receive the best dedicated server hosting experience.

Today I received following email from PayPal about the changes in User Agreement in India. These RBI Guidelines are really going to affect many Indians and Indian Firms..

As part of our commitment to provide a high level of customer service, we would like to give you a 30-day advance notice on changes to our user agreement for India.

With effect from 1 March 2011, you are required to comply with the requirements set out in the notification of the Reserve Bank of India governing the processing and settlement of export-related receipts facilitated by online payment gateways (“RBI Guidelines”).

In order to comply with the RBI Guidelines, our user agreement in India will be amended for the following services as follows:

Any balance in and all future payments into your PayPal account may not be used to buy goods or services and must be transferred to your bank account in India within 7 days from the receipt of confirmation from the buyer in respect of the goods or services; and

Export-related payments for goods and services into your PayPal account may not exceed US$500 per transaction.
We seek your understanding as we continue to employ our best efforts to comply with the RBI Guidelines in a timely manner.

We regret any inconvenience caused to you and hope the advance notice will enable you to plan your future use of our services accordingly. For further information, click here.

If you have any questions, please contact PayPal customer support by logging into your PayPal account and clicking on â??contact usâ?? at the bottom of the page. We sincerely thank you for your patience and continued support.

Sincerely,

The PayPal Team

Today I received following email from Cpanel about Vulnerability in Exim Mail Server.

Summary

A memory corruption vulnerability exists in Exim versions 4.69 and older (CVE-2010-4344). Exim is the mail transfer agent used by cPanel & WHM.

Security Rating

This update has been rated as Important by the cPanel Security team.

Description

A memory corruption vulnerability has been discovered in Exim. This vulnerability may lead to arbitrary code execution with the privileges of the user executing the Exim daemon. cPanel previously released RPMs that mitigated the severity of the vulnerability on December 9, 2010 (CVE-2010-4345). This notification is for the release of new RPMs which remove the remote memory corruption vulnerability in its entirety. The vulnerability relies upon “rejected_header” being enabled (default setting) in the log_selector configuration.

Solution

To resolve and work around the issue on Linux systems, cPanel has issued new Exim RPMs. Server Owners are strongly urged to upgrade to the following Exim RPM versions:

Systems configured to use Maildir: Exim 4.69-26

Systems configured to use mbox (deprecated): Exim 4.63-5

Exim RPMs will be distributed through cPanel’s package management system. All cPanel & WHM servers receiving updates automatically will receive the updated Exim RPM during normal update and maintenance operations (upcp). To begin an Exim update on cPanel systems immediately, run the following command as root:

/scripts/eximup

FreeBSD systems should be running Exim 4.72 by default, which is not affected by this issue.

FAQ

This notification covers CVE-2010-4344.

The notification release earlier on December 10, 2010 with the summary “A privilege escalation vulnerability exists in Exim, the mail transfer agent used by cPanel & WHM.” covers CVE-2010-4345. At the time of the earlier announcement, the CVE had not been assigned.

For More information about this please check Cpanel

_

Social bookmarking sites are considered as a good way to promote your blog, posts or articles. Digg, delicious, reddit etc. are some of good social bookmarking sites which are used by most of the blogger. I as a blogger use many bookmarking websites to promote my blogs and posts and through this post I would like to share some Indian Social Bookmarking websites which can help you to promote your blog as well.

1) Tagza

2) HotKlix

3) OneIndia

4) Tweetr

5) Sitemarks

6) Rambhai

7) DiggSamachar

8) Tagz

9) Chalo

10) SurfUrls

11) ApanaStory

12) IndianPick

Microsoft has announced that they are shutting down Windows Live Spaces and will migrate all the existing users to WordPress.com. All the information of users like their content, and if any visitor visits existing Microsoft Live Spaces sites they will be automatically redirected to the new WordPress.com domain.

At the time of migration wsers have the options of transferring their content to WordPress, downloading it and storing it locally or deleting it when they hit the migration page. I have Just migrated my Windows Live Spaces blog to WordPress and in this post I will explain the exact steps

As soon as you login into you Windows Live Space you will get following screen which notify users about the switch/migration.

Here, user will get option to Migrate the Space to wordpress or Download Your blog to local system or Delete the Space or the user can just ignore and go to his space. If you are ready press “Get started. Upgrade my blog to WordPress.com“

On next screen you will get some basic instructions about the migration. Press Continue

Now you will get Actual Migration Screen where it will ask you to re-connect your MSN. Press Connect and relogin in your account.

If you are already registered with WordPress you can login and integrate blog with existing blog or create new wordpress blog for Live Space.

On “Create another WordPress.com Blog” page fill all information about your new WordPress Blog. Click on “Create Blog“

Once you get Miration Complete window like below. That means you have successfully migrated your Windows Live Space to WordPress.

Always wanted to fly in space? wanted to be the part of Space Crew? If Yes, then this Article is for you.

NASA (National Aeronautics and Space Administration) is inviting the Entries from all over the world to send their portrait/Photos into space aboard one of the two remaining space shuttle (Mission STS-133 And Mission STS-134) flights. To participate, upload your picture to a NASA website: http://faceinspace.nasa.gov

The Site will ask your Information like your Name, Country and option to upload your image, which will be flown aboard the space shuttle – Discovery in September or Endeavor, targeted for November . If you don’t have a Picture or don’t want to upload the Picture, no problem, just skip the image upload and NASA will fly your name only on mission you have selected. You can get more information about the Missions at the time of Participatuion and select the Mission in which you want to send your Image/Name.

A map on the website keeps track of submissions and after the Flight, participants will get Special Flight Certificate – a commemorative certificate signed by the Mission Commander. You can also check mission status, view mission photographs, link to various NASA educational resources.

See Space Wallpapers here

Now atleast your photo or name can fly in space and it will be a part of space crew. So, hurry up and get your name registered with NASA

Software Security Researchers at matousec.com has developed a method which can bypass protections built in to many of the most popular anti-virus products like McAfee, Trend Micro, AVG, and BitDefender.

The attack, called KHOBE (Kernel HOok Bypassing Engine) works like “bait-and-switch” style by sending a file which contains Harmless code that passes the user’s System Check and as soon as it get passed the code is swapped with malicious code. This attack works more efficiently on Multi-Core systems as in Multi-Core System one thread doesn’t monitors on other threads that are running simultaneously which makes the switch/swapping easier. As a result, the vast majority of malware protection offered for Windows PCs can be tricked into allowing malicious code that under normal conditions would be blocked.

“We have performed tests with [most of] today’s Windows desktop security products,” the researchers wrote. “The results can be summarized in one sentence: If a product uses SSDT hooks or other kind of kernel mode hooks on similar level to implement security features it is vulnerable. In other words, 100% of the tested products were found vulnerable.”

List of Antivirus solutions which was tested by matousec.com and found vulnerable

• 3D EQSecure Professional Edition 4.2
• avast! Internet Security 5.0.462
• AVG Internet Security 9.0.791
• Avira Premium Security Suite 10.0.0.536
• BitDefender Total Security 2010 13.0.20.347
• Blink Professional 4.6.1
• CA Internet Security Suite Plus 2010 6.0.0.272
• Comodo Internet Security Free 4.0.138377.779
• DefenseWall Personal Firewall 3.00
• Dr.Web Security Space Pro 6.0.0.03100
• ESET Smart Security 4.2.35.3
• F-Secure Internet Security 2010 10.00 build 246
• G DATA TotalCare 2010
• Kaspersky Internet Security 2010 9.0.0.736
• KingSoft Personal Firewall 9 Plus 2009.05.07.70
• Malware Defender 2.6.0
• McAfee Total Protection 2010 10.0.580
• Norman Security Suite PRO 8.0
• Norton Internet Security 2010 17.5.0.127
• Online Armor Premium 4.0.0.35
• Online Solutions Security Suite 1.5.14905.0
• Outpost Security Suite Pro 6.7.3.3063.452.0726
• Outpost Security Suite Pro 7.0.3330.505.1221 BETA VERSION
• Panda Internet Security 2010 15.01.00
• PC Tools Firewall Plus 6.0.0.88
• PrivateFirewall 7.0.20.37
• Security Shield 2010 13.0.16.313
• Sophos Endpoint Security and Control 9.0.5
• ThreatFire 4.7.0.17
• Trend Micro Internet Security Pro 2010 17.50.1647.0000
• Vba32 Personal 3.12.12.4
• VIPRE Antivirus Premium 4.0.3272
• VirusBuster Internet Security Suite 3.2
• Webroot Internet Security Essentials 6.1.0.145
• ZoneAlarm Extreme Security 9.1.507.000
• probably other versions of above mentioned software
• possibly many other software products that use kernel hooks to implement security features

KHOBE can be loaded/initiated under standard user or account having limited access as this attack doesn’t requires Administrator Access to the System. As it requires a large amount of code/Script to be loaded on the targeted System, making it impractical for shellcode-based attacks that rely on speed and stealth. It can also be initiated only when an attacker already has the ability to run a binary on the system. The technique might be combined with an exploit of another piece of software, like a vulnerable version of Adobe Reader or Oracle’s Java Virtual Machine to install malware without rising the suspicion of the any Anti-Virus software the victim is using.