Tag Archive: UNIQUE

Turkish Hacker-Crackers, perhaps?

A Cracking Week Off?

I had a week’s holiday of sorts last week.  On returning I found that this website had been cracked. (I already had intimations that something was wrong because of site stat failures and an email from @Justin Asking, sometime commenter to this website and others).  Anyway, so it was.  Unfortunately, I didn’t have good web access so was unable to correct things properly.

The main screen, viewable on zone-h here, was replaced by this,

Site Hack Aug 2011

Site Hack Aug 2011

A neat little JavaScript mouse trailer was part of the package!

The cause was my own – a wide-open directory made so as part of an image upload plugin for my WordPress installation.  This plugin makes it easy and neat for any commenter to add material to the website……unfortunately for me, it allowed any file, with active content or not, to be uploaded.

Needless to say, the plugin is now disabled and the directory is locked down to the specific  file types that I’ll accept.  No more active content allowed there matey!

Unwanted Extras

Once the nasty files were uploaded, the internal site privileges allowed the install of a swathe of .htm files to the site root and uploads folder.  These had various names like f.htm, g.htm etc.  Index.htm was the file on show.

Alongside these, apart from files needed to run the previously mentioned JavaScript, were another swathe of .phtml files, such as joker.phtml, which are actually php code shining as html.  A couple of plain text files had also been uploaded.  These had lists of files, sites and persons.

All .htaccess files were okay as well as the WordPress installation files.  To be sure, I redid the WordPress install from scratch with fresh downloaded files..

Finale

All told, about fifty files were dumped on my website.  I’ve hopefully removed the lot and have them downloaded for analysis at a later date.  The screen content and internal code all points to Turkish or S.E. Asian (Vietnam or Indonesia) Muslim crackers (I refuse to use the hacker term except to clarify the cracking of security by it’s now-common usage).  Saying this, the culprits (the code points to several authors who used freely downloadable files from cracking websites and then proudly expected a pat on the back for their extreme skill at doing a download…like….der….), the culprits could have come from anywhere.

Fifth columnists and agent-provocateurs are nothing new.

Interestingly, being cracked puts me in the same company as at least 186 well-known multinational businesses, such as Acer, Vodaphone, BetFair, The Daily Telegraph, The Register, Spam.Org, Victoria Beckham and Destiny’s Child.

Even System of a Down dot com, was down!

Zone-h’s full list is here.  The Register reports it here, The Guardian here.

The Guardian interview with the crackers notes that the culprits had been planning the attack for some time which obviously includes the time when my site was compromised.  I don’t know if my website was actually used as part of the above DNS server attack but it’s usual for an attack like a DDOS to use several vectors and simultaneous attack points in order to force a server to fail and dump code.  This dump then reveals passwords and the like for later use.

Addendum

WordPress.Org’s forum has a posting about this crack from last week.  A Google search in the comment by RedNeckTexan shows the attack on this website to be far from unique….!   The links I’ve followed go right to the heart of the crack and the people doing the cracking.

This is the Google Search on the “Easy Comment Uploader” plugin.  Like me, RedNeckTexan has pulled the plugin for now, which can be found in the WordPress repository here.

Related Posts:

Comments are closed

What is the Best Backup for Windows in a Small Home or Office?

What is the Best Backup for Windows in a Small Home or Office?

Which Windows Backup?  A History.

Over the years I’ve tried many systems for backing up crucial Windows data.  Currently for small-scale backups I use the ubiquitous and almost bullet-proof flash drives, my current one tipping the scales at 8Gb.  But for major backups, as the years have passed, I’ve used;

  1. Floppy discs – 1.4Mb
  2. Iomega Zip discs – 100Mb
  3. CDRW – 650Mb
  4. DVD-R – 4.7Gb
  5. Western Digital My Book Home Edition – 1Tb

They all had their problems and limitations.  The last one looked good with Firewire, USB2, ethernet  & eSATA connections – but it overheated and broke…..

Best Windows Backup!

My current system is from Synology and is a “DS210j – Budget-friendly 2-bay NAS server for Home and Small Business”

See: http://www.synology.com/enu/products/DS210j/index.php

I can heartily recommend the thing.  It has so much gubbins within it and far exceeds my limited expectations.  I installed two green 2Tb drives from Western Digital  in mirrored RAID for security and use the auto-backup software provided as well as Windows’ own.  This is extremely relevant for the large number of hits I’ve had to this posting where a major part of the problem is the time taken to do a backup!  In my case, the 750Gb just takes a few hours to copy across the Gigabit speed ethernet that the unit can use.

Addendum June 2011: The tool is a seriously capable bit of kit and I cannot recommend it enough. Get one!

It does everything it says on the tin, and more!  The whole thing cost me about 200 quid, plus an hour of my time to install.

Even its firewall is more configurable than any router I’ve used!  It can be used as a server for FTP or the web.  It comes with software for a host of things that mimic Flikr etc but without all the privacy or security issues inherent in off-line storage.  It’ll also run with any operating system because it itself is a mini-linux installation as it is,  and includes Windows, Apple and Linux applications.
Check it out, straight from their overview page:

Build Your Entertainment Center

Download Station 2 functions as a 24×7 BitTorrent, FTP, HTTP, eMule, and NZB download center. RapidShare and RSS download are now supported.

DLNA Compliant Media Sever ensures compatibility and interoperability between Disk Station and a wide range of DLNA-certified home devices.

iTunes Server provides an easy way to share music and videos with other iTunes clients within the local network. You can create playlists with songs that match the criteria you specified, and best of all, iTunes will update these playlists automatically as you add or delete songs.

Audio Station supports music, Internet radio stations, and iPod playback with connected USB speakers. Web-streaming mode allows your music to be shared with multiple users over the Internet.

Back Up Your Precious Data

DSM 2.2 offers comprehensive solutions for you to back up data stored on Disk Station or your desktop computer to the Disk Station.

Server backup includes two alternatives: Network Backup and Local Backup. Both allow you to back up data in the shared folders and databases. Incremental backup option and flexible schedules are available. All can be easily configured with a step-by-step wizard.

Desktop backup provides Windows PC users with the Synology Data Replicator 3 for backing up desktop data, Outlook, and Outlook Express emails to their Disk Station by choosing one of the three backup modes: Immediate, Sync, and Scheduled backup, while Mac OS X users can use Apple Time Machine backup application to back up their critical data to Disk Station.

USBCopy allows you to quickly back up your data from an USB storage device such as an USB flash or USB card reader to the Disk Station with just one single touch on the front-panel Copy button.

Enrich Your Web Presence

Photo Station 3 simplifies photo, video, and blog sharing over the Internet. The flexibility of photo theme customization, blog layout arrangement, visitor’s privilege setting, RSS feed, and the dazzling 3-dimentional photo browsing with Cooliris make Photo Station 3 your state-of-the-art lifestyle sharing center on the Internet.

Web Station with built-in PHP+MySQL allows users to publish their own websites or install numerous popular open-source programs.

Access With Your iPhone/Mobile Device

The iPhone App DS audio allows Disk Station users to stream music stored on Disk Station with their iPhone/iPod® touch where Internet access is available, while DS photo allows uploading photos from the iPhone/iPod® touch to their Disk Station.

Users with a mobile device running on Windows Mobile® 6.0, iPhone OS 2.2.1 onward, or Symbian OS 9.1 can log on their Disk Station to view photos with Mobile Photo Station and read supported file formats with Mobile File Station where Internet access is available.

Eco Friendly

Eco Friendly

Synology Disk Station is designed and developed perpetually with the concept of energy saving. Compared with average PC counterparts, Synology Disk Station consumes a relatively low amount of power and has the HDDs hibernate when not in use. This not only helps to save energy but also extends the lifespan of the hard disk.

Synology Disk Station truly earns the title of “green product” because of the unique Scheduled Power On/Off feature, and the smart fan design effectively cools down the system with minimum power consumption, yet keeps the system quiet on operation.

Finally, all Synology products are produced with RoHS compliant parts and packed with recyclable packing materials. Synology recognizes its responsibility as a global citizen and is continually working to reduce the environmental impact of the products we create.

Related Posts:

Comments are closed

The Bureau d’Exchange de Maux and Crawling Chaos

A Case of One Man’s Cake is Another Man’s Poison

I first read the short story, “The Bureau d’Exchange de Maux” by Lord Dunsany, in the late seventies in a compilation, probably a Panther Books one.  It’s staggering simplicity is matched by the masterful telling.

Later, in (a sort of) homage, Crawling Chaos used the acronym  B.U.E.M.  as a pseudonym for certain releases –  probably because it sounds like ‘bum’, such was our level of humour at the time …   Bureau Universel d’Exchanges de Maux was written on the sign above the doorway. ( Actually, we pronounced it ‘berm’ which is something totally different.  The biggest berm I know of is the Morrocan Wall which you can see on Google Maps. It’s construction was a unique Arab-Israeli collaboration, bizarrely).

The Curse of the Wise WomanBut I digress.

As well as this tale I can heartily recommend “The King of Elfland’s Daughter”, and my favourite Dunsany story,  the Irish-placed tale, yearning for a simple romantic past of continuity, “The Curse of the Wise Woman”, which warns about treating the Earth right – or else.

The Bureau d’Exchange de Maux:  by Lord Dunsany

I often think of the Bureau d’Exchange de Maux and the wondrously evil old man that sate therein. It stood in a little street that there is in Paris, its doorway made of three brown beams of wood, the top one overlapping the others like the Greek letter pi, all the rest painted green, a house far lower and narrower than its neighbours and infinitely stranger, a thing to take one’s fancy. And over the doorway on the old brown beam in faded yellow letters this legend ran, Bureau Universel d’Exchanges de Maux …..  The story is copyright until 2027.  Buy it if you can find it!!

Related Posts:

Comments are closed

Happy Birthday Unix

Google Unix Birthday

Google Unix Birthday

Well it’s a sort of birthday.  As of 23:31:30 today, UNix will be 1234567890 seconds old!

Google has celebrated with yet another unique graphic for the occasion.  Click on the link below for a Google search on this string:

http://www.google.co.uk/search?q=unix+1234567890&ct=unix1234567890&oi=ddle

Unix’s calendar started the first second after the end of the sixties.  Like all clocks and calendars, it has to start somewhere or else we can’t function as human beings.

Unix runs the internet and spaceships.  And other stuff.  Like nuclear reactors.

It was originally developed as an operating system but using the same mental viewpoint and thought processes that developed telephone exchanges.  Obviously, it’s really bad if someone can hear or butt in on a call which could be very personal or security related indeed.  The fact that this hardly ever happens despite the billions of calls and millions of concurrent connections is a testament to this work.  And because of this work, Unix is pretty secure with all bits of code (or phone calls, if you like) kept running in their own little boxes.

Linux at AmazonLinux evolved from this.

So from it’s very beginning, Unix is a system of closed cells that will only talk to each other when told.  In contrast Windows was made from it’s inception as an open system with everything in constant connection.  Since then, it’s been a case of Microsoft running rapidly around it’s house closing all the open windows.

The latest is the autorun open doorway for virus transmission.

Nuff said.

Related Posts:

Comments are closed

Express Park Winter Wonderland

Strangely post on January 13th, 2009
Posted in Art Tags: , , , , , , , , , , , , ,

As the recent cold weather came to a close, I was fortunate to get a few unique pictures on my trusty Fuji F30 before the peculiar atmospheric conditions returned to normal!

[nggallery id=21]

Related Posts:

© 2007-2017 Strangely Perfect All Rights Reserved -- Copyright notice by me