Category: order

Being a Bad BOT!

Paul7 Replies

badbot1

I had the strangest thing happen today, Seemed a Bad Bot was Crawling my pages. I was getting at least 60 page views an hour from this bad Bot!! The individual IP’s of this Bad Are:

65.208.151.112
65.208.151.113
65.208.151.114
65.208.151.115
65.208.151.116
65.208.151.117
65.208.151.118
65.208.151.119

[ad#ad2-right]After the first initial hour of this going on, I started wondering what this bot was doing.   I did some more research into this little bot.   I did find out it is owned by Kintiskton LLC.  (Twitter Search)

Anyways It bothers me that when you do a Google Search for this company, it comes back with no company.  Some people have already did there research and have come up with very little.

I dug even more and some are saying this might be Homeland Security, and I have my own thoughts on this.   I might be paranoid myself but if there is no company out there and the IP keeps coming back, I assume it is BAD mojo.  Some people worry that it is a hacker probing for vulnerabilities and that worried me.

I decided with the Help from Godaddy, to ban the lot of IPs.  I figure someone is trying to get information or trying something they shouldn’t, I’ll stop it myself.   If you have WordPress and are also having problems with this ip, you can ban it by adding this to your HtAccess file:

order allow,deny
deny from 65.208.151.112
deny from 65.208.151.113
deny from 65.208.151.114
deny from 65.208.151.115
deny from 65.208.151.116
deny from 65.208.151.117
deny from 65.208.151.118
deny from 65.208.151.119
allow from all

This is how you block those ip in the HtAccess file. Thanks to WordPress for showing me how.

Microsoft Keynote CES 2009

Paul

[ad#ad2-right]

Some Key topics talk about in this Keynotes are:

Windows 7 — Lighter, Faster, and Reliability. Windows 7 Should boot quicker and faster, and enables cool new interface touch.

Windows 7 — Beta will be available Worldwide on January 9, 2009 and will be available for download on MSDN and Technet.  Also it will be available at : http://www.microsoft.com/windows/windows-7 For those who want to download it from Microsoft directly.

Windows Live Essentials — Windows live Messenger, Mail, and Photo Gallery works with Windows XP, VISTA, and Windows 7. It is available for download worldwide. Dell will also be putting this on their consumer and small business computers.

Windows Mobile — 11 Different Mobile phones.

Verizon Mobile —  Windows Live Search will be available through Verizon and it’s a partnership with Microsoft.

Demo of Windows 7, Live, and Mobile:

Windows 7 will have Windows touch and be able to use net books with Windows 7.

Windows 7 has been designed with the Touch DNA in mind.

Windows Mobile demo with an Panoramic display.

Windows Live Demo —  Various things they discuss here including Photo’s and Silver light.

Windows XBOX:

[ad#ad2-left]Halo Wars — Strategy game and will Available February 28, 2009. The Bungie Will have a demo version February 5, 2009 and will be available for download.

Halo 3 ODST — Will be available in the Fall of 2009. New Characters, new events and will be like Halo 3.

Various stuff about Xbox Live 360

These were just the main things that I thought was important to let people know what was mainly the important highlights of this keynote. I will recommend everyone to go and watch it for yourself, I am sure I’ve missed something that someone would consider very important and understand that. This however is a personal and will be different in everyone. I watched this and am excited and can’t wait for windows 7 to be released so I can get my hands on this and see how it fairs with a Vista CPU and GPU. So only time will tell. I hope you enjoyed this little run down. Please feel free to leave a comment and talk about this or anything else in the Disqus community.

Removing Win32/Bagle.HE worm

Paul15 Replies

Here is another virus that seems to be spreading lately.   From the looks of it, it sees to be another email worm.  Here is what eset says:

Aliases

Email-Worm.Win32.Bagle.gt (Kaspersky), W32/Bagle.gen (McAfee), Trojan.Tooso!gen (Symantec)

[ad#ad2-right]Win32/Bagle.HE is a worm that spreads via e-mail. The size of its executable is 40565 B .

When executed the worm copies itself in the following locations:

  • Documents and Settings\All Users\Application Data\hidn\
    hldrrr.exe

  • Documents and Settings\All Users\Application Data\hidn\
    hidn2.exe

In order to be executed on every system start, the worm sets the following Registry entry:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drv_st_key

[ad#ad2-left]It seems to have a manual removal process, Unless you pay for the other software but according to the 411 on PC Security:

Win32/Bagle.HE worm is a “threat” that appears in security scans by fake antispyware WinDefender 2008.

The danger of Win32/Bagle.HE worm is supposed to scare you into wasting $49.95 on WinDefender 2008.

Unless you like getting ripped off, don’t download the software the Win32/Bagle.HE worm popup links to. You’re not really infected with Win32/Bagle.HE worm — you’re infected with scamware that you need to remove.

I’ll show you how to get rid of Win32/Bagle.HE worm and WinDefender 2008, for free.

[via 411 on PC Security]

According to this site you can remove it by doing some steps.  I think Kaspersky has an easier way to remove it and it looks like most anti-virus software will remove this.   You need to remember that only you can prevent this from the future.   You should also update your windows update and make sure your system is up to date.

Bank of America Slashes 35,000 Jobs in 3 Years

Paul

This one hit me hard in the chest.  I must say this was a big surprise to me and others but it looks like Bank of America is going to cut 30,000 to 35, 000 Jobs in the next 3 Years.   I’ll will quote Huffinton Post:

NEW YORK — Bank of America Corp. said Thursday it expects to cut 30,000 to 35,000 jobs over the next three years, as it faces a deteriorating economic environment and tries to absorb Merrill Lynch & Co.

[Via Huffinton Post]

[ad#ad2-right]Now this one will affect the Whole US and some other International in the coming years. It is based on the Economic Stresses we are getting hit with right now. I am saddened and disturbed by how many people have loss there jobs. I have lost count as to how many people have losed their jobs over this economic downward spiral as Jason Calicanis once said. I can only hope that we can get up after this and fix what went wrong in the first place. I also know that it is quite hard to get hired in this day and age. So what is to become of the hard working men and women? Will the Government have to pay for housing for even more people? These are all questions we must answer soon in order to prevent a disastrous depression.

Some program Vulnebilities Detected!!

Paul

Just got done looking at some of my security sites and according to SecuriTeam there are are several programs that have vulnerabilities. here are the Ones that I’ve found:

Google chrome is vulnerable to URI Obfuscation vulnerability.
An attacker can easily perform malicious redirection by manipulating the browser functionality. The link can not be traversed properly in status address bar.This could facilitate the impersonation of legitimate web sites in order to steal sensitive information from unsuspecting users. The URI specified with @ character with or without NULL character causes the vulnerability.

[ad#ad2-right]iPhone Configuration Web Utility for Windows Directory Traversal
iPhone Configuration Web Utility lets “you easily create, sign and distribute configuration profiles using a web browser”. A vulnerability in iPhone Configuration Web Utility allows remote attackers to access files that reside outside the bounding root directory of the program’s files folder.

Streamripper Multiple Buffer Overflows
Streamripper “records Shoutcast and Live365 MP3 streams to a hard disk, creating separate files for each track. Runs under Unix and Windows.” Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user’s system.

Amaya URL Bar Stack Overflow Vulnerability
A vulnerability in Amaya browser allows remote attackers to cause it to overflow an internal buffer which in turn can be leveraged to execute arbitrary code.

These are the ones that I found and wanted to let you know about these so you can make your system even more secure.   if I find any others I’ll let you know!!!