Month: June 2009

Morpheus comes a scanning!!

Paul

morpheusscan1I’ve been reading about this on other blogs about this user agent   I have been seeing this agent trying to access an area where I know WordPress doesn’t have anything there.  Some people suspect it is scanning for any Drupal Vulnerabilities.   I have to say if it is searching for Drupal, it is in the wrong place.

Now let’s get down to it.  I’ve seen a lot of comments that just blocking the User is not going to prevent this from happening.   You see they can always spoof the agent with out much trouble but I feel that if they are going to do use an agent that I can track.  It is never a bad idea to block that type of access.  If that was a true agent, I seriously doubt it would be a legitimate agent because of the name.  Others have suggested this is looking to find a PHP Vulnerability and exploit your system.

[ad]I don’t know if it is true.   I have been reading the comments on the blog and some of them are quite interesting.   One such comment that I like how this scanner has been around since 2006 and most PHP servers have been updated to prevent this type of exploit.   So either this scanner is an old system that has nothing better to do or they are just trying to see if they can get a response from my server.   In which case, they now will be give the Access denied.   I have modified my htaccess file to prevent this scanner from even coming to my website.  See blog post to find out how.

What makes this so interesting is it tries to go to “user/soapCaller.bs” expecting to find something, Oh well I am pretty much unconcerned due to the fact that I keep WordPress up to date and I am constantly looking for oddities like this in my log files.   Now we heard that they don’t always have to use the headers and can hide and not be blocked so I have thought about denying anything that doesn’t show IP or has no header?   I wanted to ask my users if that is a good ide or bad idea?   This would stop bots from being bad, I do wonder if this has to do with me talking about [intlink id=”3132″ type=”post”]Pifts.exe a couple months ago[/intlink].    I have read about this on the comments section about this being a Government funded data collection, I don’t know but it does intrique me on the subject.

Remember to help prevent exploits on your server you should keep it up to date as much as possible.  [intlink id=”3700″ type=”post”]If there is an update to WordPress[/intlink], you should always consider updating even when there are problems down the road.

Harry Potter and the Half Blood Prince Movie Spreads Malware

Paul

It seems in anticipation of the release of Half Blood Prince the Malware authors are starting to send for the movie. For example:

harrypotterblogspotfake
As you can see they really try to fool you into think your are going to be able to watch it for free.    They even put it the movie poster to try to get you to click that link. It is on a blogspot page and has a few Google followers, which I am amazed at because what I have found it.   If you were to click that play link (usa-top-news.info) it will redirect your to (world-news-scandals.com) and then to the final destination (tubes-portal.com). Each site is surprisingly in the US and tries to look like it is a real site. It sends you a file called streamviewer.40018.exe, which I am surprised AVG hasn’t picked this up so I went to see if this was a virus and Virustotal showed me this:harrypotterblogspotfake1

[ad]Very few actually detect this trojan downloader even [intlink id=”2205″ type=”page”]AVG[/intlink] hasn’t detected this as being malware.   So you best bet is not try to go watch it early because 9 times out of 10 it will be a virus.  You also should know that there are even some links in Digg.com and other popular websites that are promoting this. The top rated sites are what I call Google Juice to put the blog spot website onto the first page of Google. So you should install a good [intlink id=”2205″ type=”page”]Anti-virus software and Firewall[/intlink]. I also believe this will be coming out on DVD in December according to my sources this movie has been ready for quite some time and they are anxious to have it ready for Christmas so you won’t have to wait long to see it. Afterall they have had this movie ready since last Year.

This seems to be like the [intlink id=”3448″ type=”post”]Fake Codecs[/intlink], I have talked about.   In order to see this you have to install this software to view this movie.   I don’t even know if it is a true movie but I do expect in the coming weeks to days there will be even more Fake Sites like this trying to promote watching it for Free.  Thank goodness [intlink id=”3385″ type=”post”]we don”t have to worry about Zango anymore[/intlink]. Nothing in life comes free, so be on your guard.  Only you can prevent virus infections on your system.

MyGodaddy Review : Thumbs UP!

Paul

I have been using [ad#Godaddy Name]as my Hosting Company for quite some time and really love the service. As you know they clam to have 99% uptime and I haven’t seen them go down for anything since I started. So Let’s Talk about this even more:

[ad#Godaddy Video]

  • Hosting plans starting as low as $4.99 a Month. ([ad#Godaddy Hosting plans])

  • Domains starting as low as $1.99.  ([ad#Goddady Domain Sale])

  • Technical Support has been excellent.  Every time I call there hasn’t been nothing they would not do to help out.

  • WordPress, Simple Machine Forum, and even Wiki programs. You have a wide variety of programs to use to such as blog and have it up and running in no time.

  • You can become a Reseller for Godaddy if you want, and have a store if you want.   This is also makes it even easier for you to make and sell domains for cheap.

  • SSL Certificates — Keep your website secure and prevent people from getting information they shouldn’t.   This is good for businesses who have to sell using a credit card or registration for people information.

This is a good service for bloggers and podcasters who want to blog.   I have been using this service from [ad#Godaddy Name]and have been really impressed.  If you looking for a hosting this is the right place to go.   Although the support for [ad#Godaddy Name]is not the best, when I went through them for tech support.   They would tell me how to fix it and leave me do it myself but that is a good way to learn how to keep a website going.   I still recommend [ad#Godaddy Name]for people who want a dependable service.   Do you like or not like Godaddy?  I want to hear from you!  Leave a comment and let me know what you think!

All in All, I like the support and friendliness of [ad#Godaddy Name]to keep me going when something unexpected comes up. You will never know what is around the corner.

Link shortening and the new wave malware on Twitter

Paul

I’ve been reading what Sans Internet storm has to say about twitter and how that can bring malware to Twitter. Sans argues that there is no reliable way to determine the information someone says, and that is where I am wanting to talk about the way people are creating what I call Link baiting or Blind links. You ever click on a link in twitter to find it it wasn’t what you thought it was?

[ad]I also thought of what Sopho’s blog about today where someone hijacked 2.2 Million redirect Urls using Cli.gs services to shorten links. I was reading through the Cli.gs blog about the incident and it came from Canada but I don’t think the user of the website who had all that traffic was involved in any way shape or form to the hacking of Cli.gs website. I personally think this was done to prove a point and it is a very good point.

That in the future there will be someone to redirect links to a malware site and it won’t be pretty. Think about it any shorten url service like Tinyurl or others who could have their links all be directed to a website. that is a big number and it worries me. Let us go through the numbers a little bit and see. 98.2% of people go to Tinyurl.com and don’t preview the url first. Half of the clicks in Bit.ly are coming from the US, which means we are more at risk of clicking on a link that could be a virus or malware.

Now I know people don’t have time to check out all the links or forget to check before they click. So I have a few plugins that might help with this.   LongUrl Pluggin  Can use 72 different web services including Bit.ly, Tinyurl, Cli.gs, and a bunch more.  This is a good little plugin to help prevent yourself from clicking those links that you are unsure of.    I would also recommend getting a [intlink id=”2205″ type=”page”]Free Anti-virus and Free Firewall[/intlink] to better protect yoru system.  I wouldn’t use Internet Explorer it seems that is more easier to infect with malware than Firefox.  [intlink id=”3668″ type=”post”]Firefox still has to worry[/intlink] but not as much.

Those get rich quick schemes are doubtful

Paul

I was on Twitter and I saw this message from someone I am following.   Talking about how to make 171,161.08 a month.

Ok before we go any further you would have to see the name Oprah Winfrey (see Above for Photo of Account) just like the name of the [intlink id=”3501″ type=”post”]one who just came on to twitter[/intlink].    Now is this a true name or just a fake account?  I’ll let you decide that because it looks like it is just random tweets with the same URL.    This to me is looking more and more like spam.  Back to the site, it is call Maverick Money Makers.

[ad]As you can tell this is like every other get rich page I’ve seen trying to tell you will make insane amount of money in a few minutes a day.  So I decide to go to another page unrelated to this page and you will get.

So now this is what keeps making me wonder if it isn’t just a scam because Like the virus alerts you get where they try to keep you on the page.   I’ve also did some research and find that there was a post about this being a scam on Yahoo Answers but strangely it was deleted.   I don’t know how long that cache copy of the question will be there, so I took pictures of the questions and answers to better help you decide for your self about why it was deleted.  See The gallery pictures for more information.

I won’t say if it is actually a scam or not but everything that I’ve seen tries to get you to buy this stuff and tries to make you think you will make money easily.   My thought of this is that you will never make money quick and you will have to work hard for it.   I expect this blog to make money later on down the road like other blogs that have been on the net for a long time.  I however know that making money from the internet is never quick.   Everything I’ve made takes time and effort on my part.