Paul's Tech Talk

The Frustrations of Wordrpess 2.8

PaulJune 12, 2009

Photo By Nicholas Wang

WordPress 2.8 was released Yesterday morning, and by Yesterday afternoon people were complaining about it. Some of the issues seemed to steam from a minor template change in 2.8 to prevent people from editing or using Plugins.

Now I have talked about [intlink id=”3171″ type=”post”]backing up important data[/intlink], that includes your website. You will never know when that back up software will be valueable and when you need to restore it.

Just like everyone else I have had problems with my ability to update my blog or update my Advertising. Although unlike others who have a lot of widgets on the sidebar for there users, mine are html and not a plugin version. Although I didn’t have as much problems as others, I did however have problems with the Back up process. I used WordPress Database Backup and I had the file that it gave me but the PHPMyAdmin would not restore the database that I was given from the plugin. So in the process of trying to fix my database, I had a few hours of downtime on my blog. If your a regular visitor you might of seen the message “Database Error” when you visted my site. I have since then fixed the problem With the help of my support team to get my website back up and running.

[ad]I know the WordPress Database Backup plugin is good for 99% of people but I am going to assume that with the difficulties of this restore with the PHPMyAdmin, I will be looking for some other PHP Database editor that will work just as good as that one. Until then I will be doing a Manual back up of my Database because that way I know of having a working copy of my Database in case of a problem down the road. If someone has a good Plugin or an Alternative to PHPMyAdmin by all means leave me a comment and I’ll check it out or you can [intlink id=”995″ type=”page”]email me[/intlink] and let me know.

I still love WordPress because of it not being open source and more transportable onto other servers unlike Blogger, but there will always be those bumps in the road. I will always advise people to backup before doing anything major from a system upgrade to a website upgrade. I hope others have not had this problem as I have but mine might of been just the luck of the draw with all the problems, you know what they say “When it rains, it pours” but there is a silver lining to this. I have learned more about website backups then I previously did.

WordPress Security Tips — For the untrained :

PaulJune 10, 2009

I was reading over at Malware Diaries, about a hacker that doesn’t secure his exploits. What gets me is that I am so surprised that he did that, then I thought about it and I read what Trend Micro had to say about it:

Creating a website is indeed a big task but, considering the present threat landscape, monitoring it and keeping it secure from attacks is a bigger one.
Website administrators have the responsibility to keep their systems malware free, secure web server files from unauthorized access, and keep their website clean of malicious codes, for their own sake and most especially, their visitors’.

[via Trend Micro blog]

[ad]Now admittedly Trend talks about the [intlink id=”3578″ type=”post”]Gumblar[/intlink] and how they compromise websites with either a FTP password stealer or and SQL Injection. These are a common practice with hackers and thief to get the credentials to use your server for their means. So I wanted to talk about some things you can do to better protect your WordPress blog. Since I have a WordPress Blog this was something I know about.

WordPress Security Scan — This is a great plugin to help you identify and also suggests how you can fix them to prevent a hacker from getting in the first place.

Block Wp-Folders from being Indexed — This can be done by going to your robots.txt file and making sure it says:

Disallow: /wp-*

Protect your Wp-admins folder — Attackers can use brute force attacks to without much waiting to get access to your Wp-admin page so you should:

Login Logger Plugin — This is good to see if anyone is trying to login and keeps a log for those instances where you might need to block a certain IP in the .httpaccess file section.

Limit Login Attempts plugin — This has a set amount of login before that IP is locked out for a certain amount of time. You can have it set to what you want an hour or more, it just depends on your preference.

Bad Behavior — This is a good little plugin to help with spam such as referral spam and comment spam. I’ve been using it for the past few months and my referral spam has dropped drastically to almost Zero.

These are just a few things I’ve done to help protect my blog and protect my community and users. I will not disclose everything because I have to keep those bad guys from getting in but I have I hope started you in the right direction. I would also suggest using something like [intlink id=”2646″ type=”post”]Roboform[/intlink] that comes with a password generator to use that with your wordpress login password. This will also help prevent from gaining access easily.

Microsoft Drops a 9 Security updates on Patch Tuesday

PaulJune 9, 2009

So I get home and here is what they updated for those who would like to keep track:

Vulnerabilities in Active Directory Could Allow Remote Code Execution (KB971055) — This update is only for Microsoft Windows 2000 Server, Windows Server 2003, Windows XP Professional and Windows Server 2003. This one is Rated critical due to Remote Code Execution, which means a program can install malware or viruses on your system and you wouldn’t know it.

Cumulative Security Update for Internet Explorer (KB969897) —This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer.

Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (KB970483) —This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Internet Information Services (IIS). The vulnerabilities could allow elevation of privilege if an attacker sent a specially crafted HTTP request to a Web site that requires authentication.

Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (KB969462) — This security update resolves several privately reported vulnerabilities that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed record object.

Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (KB961501) — This security update resolves three privately reported vulnerabilities in Windows Print Spooler. The most severe vulnerability could allow remote code execution if an affected server received a specially crafted RPC request.

Vulnerability in Windows Search Could Allow Information Disclosure (KB963093) — This security update resolves a privately reported vulnerability in Windows Search. The vulnerability could allow information disclosure if a user performs a search that returns a specially crafted file as the first result or if the user previews a specially crafted file from the search results.

Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution (Kb957632) — This security update resolves a privately reported vulnerability in the Microsoft Works converters. The vulnerability could allow remote code execution if a user opens a specially crafted Works file.

Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (Kb968537) — This security update resolves two publicly disclosed and two privately reported vulnerabilities in the Windows kernel that could allow elevation of privilege.

[ad]

Vulnerability in RPC Could Allow Elevation of Privilege (Kb970238) — This security update resolves a publicly disclosed vulnerability in the Windows remote procedure call (RPC) facility where the RPC Marshalling Engine does not update its internal state appropriately.

Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (Kb969514) — This security update resolves two privately reported vulnerabilities that could allow remote code execution if a user opens a specially crafted Word file.

As you can see these are rated from being Critical to Moderate. Each and every one of these should be updated and can be easily done using [intlink id=”2883″ type=”post”]Autopatcher[/intlink]. Something you should consider before doing these updates is to make a Restore point before proceeding or a [intlink id=”682″ type=”post”]Complete backup[/intlink], just in case. Also it is suggested to install these at your earliest convenience due to the fact that the malware authors will start using and is called Exploit Wednesday. Also it wouldn’t hurt to install some[intlink id=”2205″ type=”page”] free Anti-virus and Free Firewalls[/intlink] instead of using Windows Firewall. This will help protect your in the future also.

Canadian Pharamacies not from Canada!!

PaulJune 8, 2009

I got an Email that happen to get past the spam filters and wanted to talk about it. The Email goes like this:

Hi there
Hey where have you been recently ? I could not get any news from you for a long time. Anyway, I found a decent pharmacy store from google last week. I decided to give a shot because it was Canada Licensed Drugstore. Well the prices were % 65 cheaper than the local pharmacies in my region. So I took a chance. I took my medicines in my hand 3 days after i ordered and they were packed very well as they claimed that they provide full anonymity. Needless to say medicines are legit and they give me what i want 🙂 If you need any medicine without any prescription, give it a try until the discount ends.
Take care of yourself. I included the url below. See you later.

http://www.guidefabledme.com

Several things makes me wonder where it stands out that this is just spam. Here are some examples:

the word Google — It isn’t capitalised and that should be capilitized.

Bad Grammar — This shows me this isn’t even close to Canada, I’ll explain later in this article.

Makes it sounds like I know the person — Again this email tries to socialize and makes you think you know the person.

[ad]The first untrusted relay in this email is the the Url Redirect, the instant you click on that you are transported to perfectpharmstart.com which isn’t even located in Canada. If you check the whois on this domain you will see it is [intlink id=”3141″ type=”post”]located in Russia[/intlink].

So the “Canadian Licensed Drugstore” isn’t real in the sentenced because It is nowhere close to the Canada. I looked around the website and find there is this number “(210) 888-9089“. I read what people posted on the forums they were calling this a scam. I do not know if it is or not but I do know you are far better getting your drugs from your local pharmacy and not even trying to order online. You don’t know what they will send your is the right stuff. Also if you want to contact them just click on the Contact us, but you won’t find any information there it will be a web form.

So let’s go over this again, I get an email from a Verizon User which shows a the guidefabledme.com is in the US, but the Redirect goes to a Russian server. That one things is the most important key, they are trying to get you to think you are trusting a US or Canadian site but really are just be sent to a Russian server. Although the URL will change the idea is the same they will probably change it around soon or later with a different URL but the email will be the same. I would be willing to be it will be a different redirect all together but if you check it out it will be in Russia and not Canada.

Not going to Twittertrain.net, just a Phishing attempt!!

PaulJune 5, 2009

So you want to have even more followers, but you don’t know how to do it? I’ve talked about [intlink id=”3647″ type=”post”]Getting more followers and tips and tricks to get the people you want[/intlink]. Now let’s talk about this to a point.

There seems to be automatic post going out with:

“OMG WOW Im getting 100s of followers a day, Check out this site: http://twittertrain.net”

[ad]Now going to the site and giving out your password is always a bad idea. It seems to some people think it is easy to get followers but those who have built up your followers will know just how hard it is sometimes to get more.

I would be willing to guess this is a phishing attempt to get passwords and twitter names for later on. Some would guess this will just become another way the spammers will use this to [intlink id=”3662″ type=”post”]spread Scareware[/intlink]. I am thinking they want to get your password and save it for later use like this or others where they can get more people to click links and buy there fake products.

Graham Cluely blog post about this website also has a video about the problems associated with website. If you have given out your password, I’d strongly recommend Reseting your password if you can log in just changing the password.

I’d also suggest having [intlink id=”2205″ type=”page”]Anti-virus and Firewalls[/intlink] installed to help prevent any malware that might be on your system now or later on.

If your really desperate for more followers, the best proven way is make friends and communicate. This will make it easier for people to recommend you to other people.