Category Archives: Security

The bandwidth hogs at allresearch.com

It seems like some others my sites are being bombarded with hits from a mob called AllResearch. Apparently one of the things they do is hit RSS feeds and suck down every page referenced, for some kind of indexing. Judging from the amount of traffic they’re burning up, they suck big-time, in fact. I mean, indexers usually put in a lot of hits on web sites, but these guys are hitting more than 10 times as much as the next one down the list, MSN.

These are the top hitters over at toxiccustard.com:

  • 45541 sp1.allresearch.com
  • 3448 msnbot.msn.com
  • 3110 index.atomz.com
  • 1328 crawl25-public.alexa.com

Time for a little .htaccess magic:

order allow,deny
deny from 38.144.36.
allow from all

Default passwords, iPod mini and mobile games

Common default passwords, most-used passwords, lists of trojans, all good stuff for the network admin or hacker. (via Office Weblog)

Hot rumour department: iPod mini to get a colour screen and a bigger drive, probably 5 or 6Gb, with a probable announcement next week.

This mob is selling well-known games adapted for mobile phone use. They vary from clone games like Packman to the apparently fully licensed stuff like Shrek 2. My kids are addicted to Midtown Madness 3 on the XBox… would they go for it in 2-D on my phone? Dunno, but at AUD$8, it’s not too exhorbitant. Might give it a try, when they get bored of Bounce Back.

Wikipedia down, and MyDoom hits again

Wikipedia down: We’re currently recovering servers from a power failure in our colocation facility. This means backing up 170gb of database on several servers and running recovery. Back soon. … Let’s hope they’re back soon, and that that rumoured deal with Google goes through. Despite rumblings of lack of accuracy, Wikipedia is still a terrific resource.

Another MyDoom variant (rumoured to be Mydoom.o@MM) is playing havoc with mail servers and networks, particularly in big corporations. This one puts SCR, EXE and COM files in Zips, and sends them around. From the sounds if it, there’s still enough gullible people who blindly open attachments that it’s spreading fast through corporate networks. Time to remind all your non-geek friends to take care around attachments. Happily for me, most of my family are running Macs!

Briefs

The weird bounces I was getting a while back are apparently due to a bug in QMail. They’re also causing some mails to be sent multiple times from webmail. Triffic. But I’ve switched webmails from SquirrelMail to IMP, and that seems to help. I don’t like IMP’s “This mail was sent by IMP” footer, but I do like its features, especially the timezone setting, which was never satisfactory in SquirrelMail.

A big batch of Microsoft patches are out. Through as someone at work pointed out, they shouldn’t be due to buffer overflows, ‘cos MS claimed years ago that they’d eliminated them in Windows XP. (Thanks Ian)

Mr 99Zeroes has apparently been sacked from Google. As Scoble remarks, the rule for blogging about work really needs to be: Don’t piss off your boss. The alternative is simply not to blog about work.

C/Net’s new online news/RSS reader/aggregator: NewsBurst. (via Steve Rubel who features on the latest G’day World podcast)

An Englishman was arrested after he used the text-only browser Lynx to donate money to a tsunami fundraiser. Apparently British Telecom technicians looking through the web site logs thought it was a hacking attempt.

Pornzilla

As everyone knows, the web is the best place for finding and viewing high quality pornography in the comfort of your own home. Or internet cafe.

Pornzilla is a collection of tools for surfing porn with Firefox. These bookmarklets and extensions make it easier to find and view porn, letting you spend more time looking at smut you like.

I love the tools including the one that allows you to “… find galleries similar to one you have open without using the keyboard”

They need funding:

“Since nobody has contributed to our testing budget, these tools have only been tested with free porn sites.”

Is it good that they’re being kept off the streets? Perhaps you’d like to give the authors jobs?

More On MS Anti=Spyware

I’ve downloaded the beta of Microsoft’s anti-spyware and had a play with it. My initial reaction is favourable. It’s small, light and appears to work although the 3 ‘threats’ it found were only applicable to Internet Explorer. This made me sit up and take notice though, I’m a fairly scrupulous person when it comes to checking what I’m about to install on PC yet these malware products made it on to my hard drive. Being IE problems though they would never have affected me thanks to the wonder that is Firefox.

For the moment I will keep Spy Bot Search And Destroy, and it will probably remain my initial defence against these sort of nasties. I wonder what Microsoft will end up calling this program? After all, Microsot Windows AntiSpyware isn’t the sexiest of titles.

Dave Barry on computer security

Dave Barry on computer security:

I am beginning to suspect that the way “antivirus” and “firewall” software protects you is that it makes it basically impossible for your computer to (1) send email; (2) receive email; (3) use your home network; or (4) contact the Internet in any manner. It’s a lot like turning your computer off, except you have to pay for it, and then periodically pay to “update” it so that it can continue effectively preventing you from using your computer.

Not that I am frustrated or anything.

(via Lauren)

Windows permissions

In an effort to secure my home computers, I have been setting up accounts for my kids on both of them. Very easy. They get to play around with their favourite screensavers and wallpaper settings and so on. And I’m making them regular “users”, not “power users”, so they can’t “accidentally” install anything they find on the Web into the Windows directory or Program Files. (The school computers are riddled with stuff found from some super-dooper smilies and “mini games” web sites).

It’s times like these that you begin to understand why it’s so handy to have the Documents And Settings directories and the Registry, which have areas writable by all users. And you also begin to wonder why some software writers (including Microsoft) ignore them.

Example 1: Midtown Madness 2 (which my son Jeremy loves) needs write access to its own directory, for storing player data and some other guff. Easily fixed, but WHY?

Example 2: the DVD player software that came with one of the computers obviously wants to do something in one of the verboten directories and gracefully crashes and burns when it’s not run as Administrator. Haven’t had time to sort out why, exactly, yet. Must upgrade to PowerDVD — I wonder if it does that.

This is pretty basic stuff. Software authors really should know better.

Do you really really want to open the file?

I know the spread of macro viruses via consumer products is a dangerous thing, and obviously Microsoft in particular have had to take action to help slow them down. But I’m not convinced the plethora of dialog boxes that now adorns every application is really the way to go.

For instance, if you open an MDB in Access 2003 that was created in Access 2000, you are likely to get no less than three separate security dialogs asking if you’re sure, if you’re really sure you want to open the file.

I’ve been using Access for some years, but I don’t know what an “unsafe expression” is. I created the MDB I’m opening, and it’s just got tables in it. No macros, no VBA modules, not even a report or query. There’s nothing unsafe in it. So I said No, don’t block the unsafe stuff you imagine is in this file. Give it all to me.

Having said no, I don’t want them blocked, it then complains that it can’t block them. Obviously it doesn’t trust me to answer sensibly, it really wants to block those imaginery unsafe items. But it can’t without sending me off to Windows Update to install Jet 4 SP 8 or later.

I had to really concentrate to work out what the Yes/No options at the bottom of the dialog are for. They’re nothing to do with blocking the alleged unsafe expressions, or installing the service pack. Nope. What it’s asking is if I still want to open the file.

Having ascertained that I don’t care about the unsafe expressions that don’t exist, and I still want to open the file… it asks me just one more time, by suggesting the bleeding obvious: “This file may not be safe if it contains code that was intended to harm your computer.” Well duh, no kidding.

The cunningly placed Cancel button on the left could easily lead one to click that by default. But finding and clicking the Open button finally really opens the file.

Now, why did I want to look at this file again?

XP SP2

I don’t run Windows XP (my PCs are a couple of years old and happy on Win2K… I don’t feel compelled to lumber them with the beautiful XP), but a lot of people I know do. I want to give one of them a copy of SP2 to install, to save a long boring troublesome download via dialup.

Problem? The SP2 download page lets you install it via Automatic Updates or Windows Update. Or you can order a CD. You can order it in any country, not just North America (good) but it takes four to six weeks to arrive (bad). If the average unpatched computer can be compromised in 20 minutes, in four weeks it could be compromised 2,016 times. (Okay okay it’s on dialup, so it wouldn’t be connected all that time.) Gimboids. Even the Download.com page for it pointed me back to Microsoft.

Happily, I did find it on an APC Magazine CD. I also eventually found the Butch Microsoft Technet Geeky Professional Developers’ download page.