| Product: |
Fasthosts.co.uk |
| Date: |
03/05/01 (216 review reads) |
| Rating: |
 |
Advantages: Good value for money and based in the UK
Disadvantages: Very poor security and back procedures
Fasthosts technical support..arrrg...
Quick Glossary First:
ASP - In this instance it stands for Active Sever Pages - a technology introduced by Microsoft to allow websites to make pages dynamic (i.e. they can change to show different information depending on the User, time of day, a quote of the week). The alternative meaning for ASP is Application Server Provider - this is not relevant in this opinion.
Patch - This is a piece of software released by the software vendor to overwrite an existing problem in there software.
Security Flaw - This allows people to access/modify parts of the website/webserver which they should not normally be allowed to view.
This opinion is aimed ASP Developers using, or thinking of using fasthosts.co.uk
The Story:
Called them about 3 weeks ago informing them that many of their machines had not had all the relevant ASP (Active Server Pages) patches applied. The technical support lady replied "What's an ASP Patch", I replied "An Active Server Page Patch", she replies "What's a patch?"...
At this point I sent an e-mail to them and listed 15 security faults (for a list of security issues with Microsoft's ASP go to www.4guysfromrolla.com).
A week a go I called to find out why it takes so long to apply a patch on machine, and the response was "Why are you trying to find faults in our system?"
Current Situation: Still 3 weeks on and the patches haven't been applied, although I've now got a techie contact there who is guiding my support request!
I'd advice anyone who uses fasthosts for ASP purposes to check there site for security holes.
To check your site..
http://www.mysite.com/apage.asp::$DATA
- This will display your source code to the browser
http://www.mysite.com/global.asa+.htr
- View the source (Right Click - select view Source) if you can see your Co
de you're in trouble.
For further ASP security flaws visit
http://www.4guysfromrolla.com/webtech/LearnMor e/Security.asp
Summary:
|
Last comments:
 |
- 03/05/01 Thanks for the feedback, I've added a brief glossary explaining the terms used in the article. |
 |
- 03/05/01 This looks like it could be a really useful opinion if you added some more detail. Try pretending you know nothing about ASP's and went to Dooyoo to find out more info. After reading your Op I'm really no wiser, sorry but for the none technical amongst us, What's a Patch? Exactly what should people do to security check their sites? |
|
Deutschland 
España 
Italia 
France - 
