Setting up Your Blog for the Best Chances to Be Included in
Google - and Your Best Bet For Staying In

Here are the top 8 items you need to be concerned with to get
your blog prepared to be recognized and listed well by Google.
The 8th item will clarify one of the most important factors if
you want to stay in.


1- The Location of Your Blog

Your blog is doing you the least amount of good on someone else's
server. If you have Blogger, you can change from the blogspot
version to have Blogger FTP your files to your server for free.

2- The Links on Your Blog Template

By links, I don't mean what you link to when you post. I am
specifically referring to the links in your blog. If you don't
edit your blog template to include links to the main part of
your site, you're making a mistake. How is Google going to find
a link that isn't there?

Edit your chosen template to make sure there is at least one
link from your blog directory to the rest of your site.

3 - The Frequency of Your Updates

A wise webmaster recently said that the best thing you can do
for your search engine efforts is to add a new page to your site
a day, and to make one change to your site a day.

Why is this such great advice?

Because Googlebot does not need to re-spider your site if it
never changes. It probably will - but I've noticed the more
there is a legitimate need for it to return, the more likely it
is that you'll get re-spidered.

Posting to a blog, or an RSS feed, and leaving it to stagnate
will bring you zero traffic. Furthermore, when people see an
abandoned piece of web real estate, they leave. It's like tuning
into a TV channel and seeing "snow". Most people can't stand it
for more than a few seconds, and will either turn the channel,
or turn the television off.

There are even shorter attention spans online, from both search
engine robots and people. If you want either to return, update
constantly.

4 - The Right Keywords for Your Blog

When you're selecting keywords for your blog, your best bet
is to pick keywords that have a medium to high yield and low
competition. The essential difference is this - would you rather
be ranked #107 for "internet marketing" and get no traffic, or
be ranked number one for "learn internet marketing" and get a
few hundred?

5 - The Placement of the Keywords on Your Blog

Here's where your primary keywords need to be :

. in the title
. in the description
. in your post titles where applicable
. in the name of the links to individual posts
. in the text that links your posts


If you look at the front page of my blog, you'll see the phrase
"Free Traffic Tips" everywhere. And yet, the pages don't sound
ridiculous.

This is because I set up my blog so that every page and every
post utilizes these words. If you set up your blog correctly,
and get in certain habits when you post, you'll find that your
site will begin to rank for the term that best matches your
topic.

6 - The Length of Your Blog Posts

Always remember this. "Posts are paragraphs, sentences are
spam." Your posts should be at least two paragraphs. If there is
little to no content on a page, there's no reason for it to be
indexed unless it is the only page available for that term.

The only time your post can be shorter than that, and still be
effective, is if you're linking to something else. It won't
always work out that you'll have several paragraphs worth of
content to discuss. But do your best to stay above 90%.

7- The Frequency of Your Archives

Remember the wise webmaster's quote earlier? Well, here's a
question - if one new and updated page on your site is good, do
you think creating or updating three pages of your site can be
better?

It sure can.

Daily archiving makes a huge difference. If you have this
option, use it. If you don't switch. If you need more room on
your server, get some. It's worth it.

When you combine daily archiving and having individual post
pages, each time you post, your site generates a new page for
your post, updates the day's archive page (or creates it if it's
the first post of the day), and updates the index page of your
site.

Combine these date-stamped pages with real content and you've
got great spider bait.

8 - When, and Where You Are Linked

If you have Blogger, you'll want to make sure your blog is
listed as "public", so that it will appear on Blogger's
recently updated blogs pages whenever you make a new post.

There is some speculation that this is what gets your blog
spidered so quickly by Google if you use Blogger to post. And
the answer is yes, if you are willing to wait about 48 hours,
this will get you spidered.

Once.

And IF your site is indexed, it will probably be dropped out the
next day, if this is all you do. This has been documented in
public on other sites.

What hasn't been made public yet is that your best bet for
staying spidered is frequent and regular updates. Let Google
know that you're not trying to use Blogger to spam its database.
Provide useful content that updates at regular intervals.

All these tips help you get ethical attention from Google. You
don't need to do anything dishonest or underhanded to get your
site spidered, or listed. So, if your site fills a need that
Google has for sites, and you have a quality site, you can get
listed.

With just these tips. you have enough to get a good blog into
Google.

It'll be up to you to stay in.

================================================================
Can you really get spidered by the Googlebot in less than 24
hours? Is there more you can do to get your blog into shape for
inclusion? What if you're using another blog system? Find out
more at www.FreeTrafficTip.com .

---

WickedZone.com

By Matt Hines
Staff Writer, CNET News.com

The Department of Justice has landed its first conviction against an American defendant trapped via Operation Fastlink, a multinational law enforcement effort undertaken against online software piracy.

The U.S. Attorney for the Southern District of Iowa said that Jathan Desir, 26, of Iowa City, has pleaded guilty to charges related to his role in a criminal enterprise that distributed pirated software, games, movies and music over the Internet.

Appearing in the U.S. District Court in Des Moines last week, Desir pleaded guilty to a three-count felony that charged him with copyright infringement and conspiracy to commit copyright infringement. Desir will face a maximum sentence of 15 years in prison when he is sentenced on March 18, 2005.

The Department of Justice said that Desir will be the first American citizen convicted as part of the plan which was introduced by outgoing Attorney General John Ashcroft in April 2004. Since the debut of Operation Fastlink, law enforcement investigators have conducted more than 120 searches in 27 states and 11 foreign countries, resulting in the identification of nearly 100 people considered by the investigation to be leaders or high-level members of international piracy organizations, according to the agency.

In one past sweep, Operation Fastlink officials seized 200 computers, 30 of which were alleged to have been used as storage and distribution servers containing thousands of copyrighted works, including newly released movies and music. The Justice Department estimated that the seized copyright material alone was worth $50 million.

The global effort specifically targets so-called "warez" groups, members of which are believed to distribute unauthorized copies of material to previously identified clientele over secure servers. Those files typically end up on an Internet Relay Chat network or a peer-to-peer file-sharing service.

By Gregg Keizer, TechWeb News

A trio of new and unpatched vulnerabilities in Microsoft Windows were made public on security mailing lists over the weekend, nudging some security vendors to alert users that their systems may be open to attack and hijacking.

The vulnerabilities, first reported by a Chinese group and then posted to the Bugtraq mailing list, are in Windows' LoadImage API function, its animated cursor files, and in the way it handles help files. All of the bugs are as yet unpatched.

All currently-supported versions of Windows -- Windows NT, 2000, XP, and Windows Server 2003 -- are affected by the three flaws, said Venustech, the Chinese security firm that posted analysis on Bugtraq. Some impact Windows XP Service Pack 2 (SP2), some don't.

The LoadImage API vulnerability, for instance -- the latest in a series of image-related vulnerabilities that have hit Windows, Unix, and Linux -- affects Windows NT through Windows Server 2003. Whether Windows XP SP2 is at risk, however, isn't yet known.

This vulnerability could be exploited by attackers who entice users to a malicious Web site that includes a specially-crafted icon, cursor, animated cursor, or bitmap file, said Danish security firm Secunia in its alert. Alternately, the malicious image could be delivered via HTML e-mail. Users who view such messages or visit such sites could find their systems hijacked by hackers, who would be able to run their own code remotely on the PC.

The second bug, which is in Windows' ANI (animated cursor) files, could be used by an attacker to crash or freeze a Windows PC, said Venustech in its analysis. Windows XP SP2 is not vulnerable to this flaw, however.

But it is to the third, and last, of the trio, which revolves around how Windows parses help files. The bug can be exploited to create a buffer overflow, and thus give attackers control of the computer, if users open a maliciously-crafted help file posted on a site or sent to them via e-mail.

Secunia bundled the three bugs and labeled the group as a "highly critical" vulnerability, the second highest warning the firm uses. "Don't visit untrusted Web sites and don't open documents from untrusted sources," advised Secunia.

The SANS Institute's Internet Storm Center (ISC) gave similar stay-clear advice. "Try not to install help files until some Tuesday in, we hope, January," the center reported.

The ISC reference to Tuesday relates to Microsoft's practice of releasing patches on the second Tuesday of every month. The next scheduled security bulletin/patch day is Jan. 11, 2005.

[Original Story found here ]

By TechWeb News

A new version of the Santy worm appeared over the weekend, and according to analysis done by some security firms, poses a broader threat than its ancestors, which used Google to spot vulnerable Web bulletin boards, then defaced them.

Dubbed Santy.e, the worm differs significantly from its predecessors, said Moscow-based Kaspersky Labs in an alert. Rather than target only those Web sites running phpBB, software for creating Internet forums using the PHP scripting language, the worm can exploit any site that's left allowed arbitrary file inclusion into PHP scripts.

"This can only be prevented with decent, secure coding," said Kaspersky Labs. "Every site [that uses PHP] is potentially in danger."

Kaspersky noted that it had already received reports of Websites attacked by infected systems, and that some servers have been compromised or dramatically slowed down as their loads climbed under constant probing.

Like earlier Santy variations, Santy.e uses Google to identify exploitable Web pages written in PHP which use the vulnerable functions "include()" and "require()." Santy.e, however, also throws Yahoo's and AOL's search engines into the mix, learning a lesson from the originals, which were stymied when Google blocked their searches.

Another anti-virus firm, the Finnish F-Secure, downplayed the threat, saying "in practice these latest variants haven't gotten out of control." F-Secure credited that to the fact that the Brazilian group suspected of being behind the attack is using a relatively small number of PCs -- about 100 -- in the bot network that's searching for vulnerable sites and then launching attacks on those it finds.

"While there are lots of vulnerable sites out there, this worm is still under control," F-Secure said in its online warning.

However, because the vulnerability lies in poor programming techniques rather than a code bug, securing sites against the Santy.e exploit may be time-consuming, and require rewriting scripts with the include() and require() functions.

[Original Story found here ]

Author: Matt Cameron

According to the Indian Computer Emergency Response Team, a security firm that tracks vulnerabilities, there are three new dangerous flaws in Windows XP. The three flaws are as followed: "LoadImage API Integer Buffer overflow," "Kernel ANI File Parsing Crash and Dos Vulnerability" and "winhlp32.exe Heap Overflow Vulnerability."

A trojan named Bloodhound.Exploit.19 is already out on the prowl which exploits the LoadImage API vulnerability. The vulnerability is related to the way LoadImage API fails to properly verify the size parameters of input image files when they are passed to the 'LoadImage' function, resulting in an overflowing of integer values. Files that have been designed to exploit this vulnerability can be embedded in .html Web pages or email messages.


Microsoft has not yet released patches for these vulnerabilities, therefore it is highly recommended to keep your anti-virus up to date. These vulnerabilities do NOT affect users running Windows XP SP2.

[Original Story found here ]

By Paul Festa
Staff Writer, CNET News.com


Days after Google acted to thwart the Santy worm, security firms warned that variants have begun to spread using both Google and other search engines.

The Santy problem originally flared up a week ago as bulletin board Web sites found their pages erased and defaced by the worm's own text. The worm spread by targeting pages that used vulnerable versions of the PHP Bulletin Board (phpBB) software, and used Google to locate those pages.

After Google took measures to prevent the worm from executing Google searches for the faulty bulletin board software, Santy variants are making the rounds using AOL and Yahoo search, according to security firms, and are still targeting Google as well.

"Perl.Santy.B is a worm written in Perl script that attempts to spread to Web servers running versions of the phpBB 2.x bulletin board software prior to 2.0.11," warned Symantec in a Dec. 26 bulletin. "It uses AOL or Yahoo search to find potential new infection targets."

AOL, which uses Google for its underlying search technology, said it was looking into the problem and was uncertain whether Google blocks already in place would prevent misuse of AOL's search site. Yahoo, which dumped Google's search technology in February, could not be reached immediately for comment.

Several other variants are cropping up. Santy.c targets Google once again. Kaspersky Labs today renamed Santy.d and Santy.e Spyki.a and b., citing significant differences in the worms' structure from earlier Santies. The security firm also said the new worms were using the Brazilian Google for their exploits.

Security researches last week faulted Google for not responding more swiftly to the emerging Santy threat.

The Santy worm and its variants affect only targeted bulletin board sites and do not pose a threat to Web surfers who visit them.

[Original Story found here ]

By Clint Boulton

New critical flaws in Microsoft (Quote, Chart) Windows have sent security experts scrambling to warn users of the ubiquitous operating system.

Numerous security vendors, including Symantec and Secunia, issued warnings about the flaws after Chinese security group Xfocus first reported them last week. But as of Monday, Microsoft had not provided patches for the flaws.

Xfocus found that a buffer overflow exists in the LoadImage API of the USER32 Lib, enabling attackers to write and send a custom file within an HTML page or in an e-mail that would allow them to run arbitrary code on a computer.

XFocus also reported a hole in winhlp32.exe, the Windows .hlp file parsing program. The vulnerability is forged from a decoding error within the .hlp header. A perpetrator can exploit the flaw by triggering a heap-based buffer overflow.

Both the LoadImage and .hlp overflows may affect Windows NT, Windows 2000 SP0, SP1, SP2, SP3, SP4, Windows XP SP0, XP SP1 and Windows 2003. But the winhlp32.exe bug is more inclusive, affecting Windows XP SP2, as well.

Overflow flaws occur when a computer's memory is exceeded. This makes it possible for attackers to run their own code on a PC. Overflows are some of the most common exploits in the Redmond, Wash., software giant's operating systems software.

While Microsoft hasn't acknowledged the bugs publicly, security firm Symantec suggested users set virus definitions to include the Bloodhound.Exploit.19 signature, preventing the LoadImage overflow. A .hlp overflow can be avoided if users block e-mail attachments with an .hlp extension and avoid sites or e-mail messages of questionable origin.

In other Microsoft flaw news, Xfocus said a malicious intruder can use a bug in Windows' animated cursor files (ANI) to crash or virtually seize a PC. Like the LoadImage overflow, this Windows Kernel ANI File Parsing Crash and DoS Vulnerability affects Windows NT, Windows 2000 SP0, SP1, SP2, SP3, SP4, Windows XP SP0, XP SP1 and Windows 2003.

Symantec today warned of Phel.A, a Trojan horse that affects Windows XP SP2. The flaw distributes as an HTML file that attempts to exploit a flaw in IE. The Trojan may be stymied with virus definitions from Symantec.

[original story found here ]

From computerweekly.com

A newly reported security problem in Microsoft's Internet Explorer (IE) web browser allows attackers to create a fake website that looks exactly like a genuine site.

The vulnerability lets an attacker display any website while the address bar in IE will display a trusted web address, for example www.paypal.com/, and even show the icon indicating SSL (Secure Socket Layer) security, security researchers warned.

The issue could result in more sophisticated phishing scams, a prevalent type of online attack that typically combines spam e-mail messages and web pages that look like legitimate e-commerce sites to steal sensitive information such as user names, passwords and credit card numbers.

The problem was discovered by a security researcher from the Greyhats Security Group and reported by Danish security company Secunia. The vulnerability lies in an ActiveX control in IE and has been found to affect version 6.0 of the browser running on Windows XP with Service Pack 2 and earlier versions, according to a Secunia advisory.

Microsoft is investigating the report, a company spokeswoman said. "We have not been made aware of any attacks attempting to use the reported vulnerabilities or customer impact at this time, but we are aggressively investigating the public reports," she said.

Upon completion of this investigation, Microsoft may provide a security fix through its monthly release process or as an out-of-cycle security update, she added.

Meanwhile, Secunia suggests users protect themselves by disabling ActiveX in IE or setting the IE security level to "high" for the internet zone.

Banks are trying to combat phishing by educating consumers. Citibank, for example, on its website warns customers not to click on links in e-mail messages. Also, Citibank advises customers to manually enter the web address for the bank in a web browser to make sure they are dealing with Citibank and not a scammer.

By RACHEL KONRAD

SAN JOSE, Calif. (AP) - Hackers, spammers and spies go into overdrive in December and January, when unsuspecting neophytes unwrap new computers, connect to the Internet, and, too often, get hit with viruses, spyware and other nefarious programs.

"People want to get on the Net right away, just like they want to put together and start using any Christmas present," said Tony Redmond, chief technology officer of Palo Alto, Calif.-based computer giant Hewlett-Packard Co., whose new PCs ship with 60 days of virus and adware protection. "They should be warned that the Net is a very, very dangerous place."

Susan Love's problems began with a smile.

The New York City fund-raiser clicked on a happy-face attachment in a friend's e-mail last year. The virus crashed her computer within an hour.

Love, 57, salvaged her data. But within a few months her computer's performance slowed to a crawl. In December 2003, she upgraded to a Sony Vaio with an extra-large monitor and Microsoft Windows XP operating system.

Within a few days, "spyware" - programs that sneak onto computers uninvited - began sponging up valuable memory. Then her e-mail stopped arriving.

Instead of crafting holiday e-mails, she spent hours installing the latest antivirus, anti-advertising and anti-spyware software. She also instituted a rule: Her computer never gets turned off, so security programs patch vulnerabilities around the clock.

"You have to become something of a nerd to make sure your computer is safe," said Love, a former English teacher who recently installed anti-adware on her daughter's computer. "If you don't sweep the computer every night, you could hit."

Love won't be the last to get a holiday crash-course in computer security.

Although few researchers produce holiday-specific security data, experts at IBM Corp., Dell Inc. (DELL), Hewlett-Packard Co., software companies and Internet service providers agree that the holidays are prime time for hackers.

Holiday viruses are so rampant that consumers could be attacked even if their first online destination is to a Web site for updating security patches.

Kris Murphy, help desk coordinator for North Carolina Internet service provider Indylink.org, said his minister got attacked last year, only a few minutes after unpacking and connecting the machine. At the time of infection, the minister was updating security patches to Windows.

"Hackers know that you are most vulnerable as soon as you go online for the first time," said Murphy, whose 10-person company hires temp consultants during the holidays to handle higher call volume. "Inexperienced people tend to fall into traps more readily because they don't recognize that this guy might be trying to get your credit card information."

Technology executives describe the relationship between hackers and security programmers as an arms race - both sides keep ratcheting up fire power. But lack of consumer awareness - if not downright naivete - allows the war to escalate.

According to a recent survey by the National Cyber Security Alliance, of the 185 million Americans with home computers, one in three say they'll never get hit by viruses or other cyber attacks. In a Consumer Reports study, 36 percent of U.S. home computers showed signs of being infected with spyware and only 41 percent of surveyed households said they actively try to prevent it.

American businesses are savvy about firewalls, spam filters, multiple passwords and other network protections, said Stuart McIrvine, director of corporate security strategy at IBM. But problems at the consumer level - from spyware to security risks in coffee shop wireless networks - are so severe that every hardware and software vendor should be worried about a backlash.

Seasonal attacks start around Thanksgiving, when online shopping begins an annual spike and marketers pummel consumers with junk e-mail - from the perfect stocking stuffer for a balding spouse to a limited-offer holiday cruise.

With the rise in e-commerce, identity thieves try even harder to obtain credit card and other financial data from wireless and home networks. They set up dummy Web sites that seem to be hosted by major financial institutions in hopes that gullible consumers will provide their account information.

Virus writers hide viruses and worms in holiday-themed e-mails, seasonal greetings cards and screensavers.

"W32/Zafi-D," a mass mailing and peer-to-peer worm, harvests addresses from Windows address books and other files. Infected e-mails' subject line begins, "Merry Christmas!" and the text reads, "Happy Hollydays."

The most vulnerable computers are the ones that have sat under Christmas trees for days or weeks. If a consumer buys equipment that arrives on Dec. 15, and it sits in the living room until Dec. 25, it could be hit by hundreds of viruses written in the 10-day interim.

Tony Ross, analyst at British security firm Sophos Plc., advised consumers to get a CD-ROM with the newest updates from their electronics vendor, next-door neighbor or the computer at their office before connecting to the Internet. They should prohibit children - who tend to be liberal in distributing their personal data - from using the machine until it's patched.

Consumers should vigilantly buy and update security software, which can add hundreds of dollars over the course of a computer's lifetime. Popular anti-spyware and anti-adware programs include Webroot Software Inc.'s Spy Sweeper ($29.95 for a one-year subscription), LavaSoft's Ad-Aware SE Professional ($39.95), Tenebril Inc.'s SpyCatcher ($29.95), the free Spybot Search & Destroy and Computer Associate Inc.'s eTrust PestPatrol ($39.95).

Some experts wonder whether the computer has become the digital age equivalent of a puppy - an enthralling treasure on Christmas morning, but a sinkhole for time and energy for years after. At very least, computers are far more demanding than the typical holiday toy, which merely requires batteries.

"At some point, people who receive them for Christmas often ask, 'Is this computer a gift or a curse?'" Ross said.

By David Morgenstern

Symantec Corp.'s Security Response service on Friday confirmed that unpatched Windows vulnerabilities could pose a serious risk for exploits via malicious Web pages and e-mail messages.

One of the three security vulnerabilities involves image handling—a source of recent exploits on Windows and Unix operating systems. The other two risks are found in the Help system and in Window's ANI (Automatic Number Identification) authentication.

Symantec said the Microsoft Windows LoadImage API Function Integer Overflow Vulnerability could be exploited via browsers or e-mail client software. Users who open an HTML message or Web page bearing the image could face security risks.

Another vulnerability that could only require users to click on a site or message is called the Windows Kernel ANI File Parsing Crash and DoS Vulnerability. Its vector, a malicious ANI file, could invoke a DoS (denial of service) attack that could bring down unprotected systems.

These two issues potentially affect a wide range of Windows versions, including Windows NT, Windows 2000 and Windows XP with SP (Service Pack) 1, the report advised. Windows XP SP2 machines are not vulnerable.

Another "high-risk" issue concerns the interpretation of Windows Help files (.hlp), Symantec said. Some decoding errors during processing could cause a heap buffer overflow that could then be exploited. This vulnerability affects Windows XP SP2 systems as well as earlier versions.

Symantec said the three vulnerabilities were first reported by a Chinese community group called Xfocus Team. Microsoft has yet to confirm the vulnerabilities and was unavailable for comment.

Symantec suggested that users make sure their virus definitions include the Bloodhound.Exploit.19 signature, which should prevent the LoadImage API Function Integer Overflow.

To ward off the other problems, Symantec said, Windows users should block e-mail attachments with an .hlp extension, avoid untrusted sites or e-mail messages from unknown sources, and read messages in plain-text format.

Exploits of graphics libraries and APIs on Windows and other operating systems have been a common occurrence throughout 2004. Earlier this week, a number of Linux distributions offered patches for image-handling and PDF (Portable Document Format) libraries.

The problem also plagues developers of Web browsers. Earlier this month, America Online Inc. discovered its newly refreshed Netscape browser was open to an image-based attack when handling files in the PNG format. This vulnerability had already been fixed in earlier versions and on other platforms.