The Five Biggest Mistakes Companies Make on Their Websites

The Five Biggest Mistakes Companies Make on Their Websites

People often ask whether we see any big ?mistakes? on their website. We usually respond with this question, ?What are the goals for your site?? Assuming your goals are to generate new leads or sell products and services, here are five ?mistakes? we often find on a website: 1. No Planning or No Tracking Who do you want to come to your web site? What do you want them to do once they get there? How many visitors turn into leads or customers? Analytics tools like Google Analytics can help you to see how people found your site and what they do once they get there. With this information you can take action to improve your marketing as well as the site content to help customers and prospects find you and reach their goals. Google Analytics is free and easy to configure for reporting on your specific goals. 2. Weak or Missing Call to Action Your customers come to your site to solve a problem. They want to quickly learn about what you offer, and, if there?s a fit, to buy your products or engage your services. Are you making it easy and quick for them to achieve those goals? If you?re not, then you?re losing customers. Every page on your site should have a clear call to action to make it quick and easy for your customer to achieve their goals. 3. No Email Registration Maybe your customer isn?t ready to buy. Then, you need a Plan B so that you can keep in touch and stay top-of-mind. Our recommended strategy is to get site visitors to sign up for your newsletter. Of course, if you don?t make this easily available to your customer, then they?re not going to sign up. We recommend offering customers the opportunity to sign up for your newsletter on every page of your site. 4. Lack of Search Terms Your analytics tools will show the terms that people use to find your site via search. If there are terms that describe what you want to be known for, does your site incorporate those search terms explicitly into its content? Are you linking from your content to additional information on your site using those exact terms for which you want to be known to your customers? It is important to use the terms customers are most likely to use in search engines. In other words, if customers find your site using the search term ?cool widgets,? then when they land on your site they should see content discussing ?cool widgets? and linking to content about ?purple cool widgets.? You can find out which terms are most popular on Google Insights for Search. 5. Not Enough Traffic to Your Site Search Engine Optimization is a start, but it needs to go beyond metatags and keywords. Setting a public relations campaign with timed press releases that link back to your site is key. Additionally, if you want your customers to find you before they find your competition, consider a Paid Search (Pay-Per-Click) Campaign.

Disable Click Sound in Internet Explorer (IE) for Windows XP/Server 2003/Vista

If you want to disable the click sound in Internet Explorer found in Microsoft Windows XP, Windows Server 2003 or Windows Vista, then follow these steps:

1. Open the Start Menu / Settings / Control Panel
2. Double click on the "Sounds" control panel. In this control panel, Scroll down in the events window until you reach "Windows Explorer" and under this you will find "Start Navigation".
3. Click on "Start Navigation" and you will see a .wav file appear in the "Name:" box. This is the sound that is associated with the click sound.
4. In the "Name:" drop down menu, select (None) and then hit "OK". This will set no sound to be played when you're navigating on the web.

Keep in mind that this will remove the click sound from hitting buttons and links on all web sites you visit until you set it back. This is a safe change to make and does not affect any other functionality of your Windows Explorer browser.

Difference between system standby and hibernation

What is the difference between system standby and hibernation?

In standby/sleep, the power is kept on to the memory, the processor is bought to a stop and devices are put into low power mode. However there is still some activity as the memory still needs to be refreshed (otherwise it looses its contents) and the low power mode of devices may not be all that low. Unplugging the computer from the mains (or removing/flattening the battery) will result cause a cold reboot with possible data loss. Startup from standby is very quick as the devices need to be woken and the CPU restarted.

In hibernate, the memory is written to the hard disk (in the hiberfil.sys file), along with the state of devices and the CPU and then the power is turned 'off'. The computer is still burning a little power as things like keyboard/mouse/LAN power on features are supported. However, unlike standby, unplugging the computer from the mains doesn't result in a col boot or data loss as everything needed is stored on the hard disk. Startup is still pretty quick as the memory needs to be read from the disk, the devices reactivated and the CPU restored to the same state is was when the hibernate started.

Vista goes one step further with its 'hybrid sleep' mode which writes all the same stuff to the disk as a hibernate does, but then keeps the system in standby mode. If the power hasn't been interrupted then the restart is the same as a standby restart, or if the power has been interrupted then a warm boot from the hibernate info on the hard disk is used.

However, almost all computers are never completely turned off unless the power/battery is removed. PC power supplies have a special power lead to provide 'standby' power that is always there even if the computer is 'off'. It doesn't matter if the computer is in standby, hibernate or a full shutdown, that standby power is still there. This means the power supply is still alive and chewing power.

Most ATX power supplies have a kind of efficient 'baby' power supply built in to supply this standby power when the main power supply is off. However I had one very inefficient power supply that drew nearly 60 watts even when the computer was fully shutdown! I'd say it didn't have this baby component and used the main power supply circuit all the time. I've since 'retired' that power supply!

So to answer the original questions "is this what some people mean when they say they never really turn their computers off?"

Basically yes.

Does hibernation consume any power whatsoever?

Yes, although often (but not always) it is a relatively small amount of power (20 watts or so).

Put your hand on the case above the power supply of a computer that has been off for a while and you will often still feel warmth as the PS supplies the standby power.

Turn a hard drive into a fridge magnet

Affordable new local search website

OddBodd.com is an affordable new local search website that offers the advantage of a video introduction when someone clicks on your listing. They are offering incentives for people who sign up prior to their official launch. You can see examples (including my listing) and get more information by visiting their website: http://oddbodd.com/

ZBot trojan attached to flight ticket confirmation

I just received the following email message in my inbox:

Subject:Your Online Flight Ticket N 49444

Greetings, Thank you for using our new service "Buy airplane ticket Online" on our website. Your account has been created:
Your login: israel@leichtman.net Your password: passR5AW
Your credit card has been charged for $601.66. We would like to remind you that whenever you order tickets on our website you get a discount of 10%!
Attached to this message is the purchase Invoice and the airplane ticket. To use your ticket, simply print it on a color printed, and you are set to take off for the journey!
Kind regards, Southwest Airlines
If you get such an email DO NOT OPEN THE ATTACHMENT

Attachments are .zip files with filename E-ticket_N7399294.zip (random number) with inside a E-ticket_N7399294_and_Invoice_for_N73992943442.exe.

On an infected computer the trojan will create a new files like %System%\ntos.exe, %System%\wsnpoem\audio.dll, %System%\wsnpoem\video.dll and creates a new directory %System%\wsnpoem.

It also adds and modifies entries in the Windows registry and make connection with a server for http://*********.ru/alaska/alaska.bin. It opens random TCP ports in order to provide backdoor capabilities.

Hacking autorun for USB flash drives

How to: Quick intro to hacking autorun for USB flash drives

Disclaimer: This tutorial is designed to show existing vulnerabilities and should only be used on systems you own, or have permission to execute this on. Removable media devices don?t deploy malicious code and steal data, people do.

Autorun will not work with ?regular? USB flash drives the way that they do with CD-ROMs, but there are some tricks that you can do that will come very close. I say ?regular? in that as many may know there are ways of modifying U3 drives so that they appear as CD-ROMs on Windows systems and can thus use autorun to silently run your ?tools? without any indication anything is happening. The U3 hack however is a bit more complicated, I will do another ?How to? on that later. For now let?s just discuss how we can create an autorun.inf file on a regular ?ol USB flash drive that will do some interesting things.

Also it is important to mention that some of these techniques will even work if autoplay is disabled!

First, although we cannot have an application run automatically with a traditional USB drive, we can make it so that when a USB drive is plugged we have Windows make a suggestion to the user and all they need to do is click ?OK? to a specific application or script you have deployed to the flash drive.

First in Notepad create a file called autorun.inf and save it to the root of your USB flash drive of choice. In the autorun file put this:

[autorun] icon=lilguy.ico open=howdy.bat action=Click ?OK? to play this fun game!

The first parameter is ?icon? this tells Windows what icon to use as the icon image for the drive etc. This is important for the social engineering portion of the trick, you must consider your target. The image you choose should help instill trust in the application they are about to run.

The ?open? parameter indicates the program you wish to run, this can be an executable, or as in this case a .bat file. You could even call a .bat file which calls a series of executables. Go crazy.

The next parameter is ?action? this is what will trigger the autorun dialog to appear. This text will appear in the dialog box along with your icon, so you probably want make this friendly, something like ?Fun Game,? you probably don?t want to put something like ?Click ?OK? to install backdoors and trojans!?.

Now unplug your flash drive and then replug it in, a dialog box like this should now appear:

So this is not as good as automatically running the application, but is useful nonetheless and there have actually been successful simulations where this has been used. A security consultancy used this technique as a proof of concept to test a credit union client of theirs. Several drives used this simple technique to run exectue a trojan that sent some simple data to an external email account. They scattered the drives in the parking lot, several employees picked the drives up on their way into work and within a short amount of time the email account they had set up was receiving emails.

Now we have our basic autorun.inf setup. But notice that if you click cancel and then click on the drive you just see the contents of the drive. However we can take this one step further, if the user is smart and their spidey senses are tingling from the dialog menu that appears and they click cancel, with the addition of one more line of code to the autorun.inf file that will automatically execute the code we specify when they click the drive either from ?My Computer? or Explorer. This is different than a true autorun as it still requires a user to take an action to exectue the application, but still a significant security risk.

Add these lines to your autorun.inf file

[autorun] icon=lilguy.ico open=howdy.bat action=Click ?OK? to play this fun game! shell\open\command=howdy.bat

OK save it and then unplug and plug the drive back in again. This time when the prompt appears hit ?cancel?. Now go to double click the drive under ?My Computer?. The application will automatically execute. By the way, this second portion will still work even if autoplay is disabled on a system and is actually more dangerous than the dialog in my opinion.

So what if we don?t want to execute a command on the drive and just open a webpage? You could execute Explorer in your .bat file to do this, or in the exectuble you run, but there is a quick and easy way to do this in the autorun.inf file. Replace the last line with this instead:

[autorun] icon=lilguy.ico open=howdy.bat action=Click ?OK? to play this fun game! shellexecute=http://www.usbhacks.com

Retrieving an Entire website

wget: Download entire websites easy v1.0.4 (en) Fooling sites to let wget crawl around wget is a nice tool for downloading resources from the internet. The basic usage is wget url: wget http://linuxreviews.org/ Therefore, wget (manual page) + less (manual page) is all you need to surf the internet. The power of wget is that you may download sites recursive, meaning you also get all pages (and images and other data) linked on the front page: wget -r http://linuxreviews.org/ But many sites do not want you to download their entire site. To prevent this, they check how browsers identify. Many sites refuses you to connect or sends a blank page if they detect you are not using a web-browser. You might get a message like: Sorry, but the download manager you are using to view this site is not supported. We do not support use of such download managers as flashget, go!zilla, or getright Wget has a very handy -U option for sites like this. Use -U My-browser to tell the site you are using some commonly accepted browser: wget -r -p -U Mozilla http://www.stupidsite.com/restricedplace.html The most important command line options are --limit-rate= and --wait=. You should add --wait=20 to pause 20 seconds between retrievals, this makes sure you are not manually added to a blacklist. --limit-rate defaults to bytes, add K to set KB/s. Example: wget --wait=20 --limit-rate=20K -r -p -U Mozilla http://www.stupidsite.com/restricedplace.html A web-site owner will probably get upset if you attempt to download his entire site using a simple wget http://foo.bar command. However, the web-site owner will not even notice you if you limit the download transfer rate and pause between fetching files. Use --no-parent --no-parent is a very handy option that guarantees wget will not download anything from the folders beneath the folder you want to acquire. Use this to make sure wget does not fetch more than it needs to if just just want to download the files in a folder. Copyright (c) 2000-2004 Øyvind Sæther. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License".

brother mfc won't recognize cartridge

Problem Brother MFC-230C won't recognize new black ink cartridge. Seems the remanufactured cartridges appear to be empty. It seems there are light sensors in the printer that sense the cartridge is empty even when it is full. The solution is to put tape on the back of the ink jet cartridge. The danger of such a procedure is that the cartridge could be totally empty and it will burn out the printhead before you realize it.

Recover lost wireless network key

Description WirelessKeyView recovers all wireless network keys (WEP/WPA) stored in your computer by the 'Wireless Zero Configuration' service of Windows XP and by the 'WLAN AutoConfig' service of Windows Vista. It allows you to easily save all keys to text/html/xml file, or copy a single key to the clipboard.