It seems from the amount of traffic I’ve been notified, a bunch of attempts are being made to login and backdoor this site. I learned a bunch way back when.
My apologies to all others. Maybe someday I’ll get the writing bug again. A lot has happened.
If you pay for SiteLock, stop NOW. I just received this notice from them. What’s revealed to me is that they don’t scan your website, they report what Google is doing for free. There is NOTHING wrong with the URL referenced except that I haven’t pursued fixing the Malware detection via Google yet. What a scam.
So around January 11th, 2018 I visted my website and was presented with:
OH NO!
I then spent the next day Googling all sorts of things. Besides how to fix it, also why or how it happened.
I found out I’d have to register my site with Google and request a review once I resolved the problem. Through various links and searches, I found that a script was the culprit.
Logging in via FTP and looking around my shared hosting directories I found that this wasn’t just limited to my site, although this was the first site that I received this MALWARE error. PHP files had been updated to load this script with the visitor unaware it was even happening.
The other sites hadn’t been kept up to date and have since become abandoned by their owners for one reason or another. Some were just banner pages that simply pointed their visitors to Facebook or somewhere else. Others had fully blown installations with hopes of a bright future employing all sort of bells and whistles that third-party plugins provide, although left untouched with no updates applied.
So the sites that were beyond an easy quick fix, I simply deleted them. I put HTML Pages in their place. I decided I would only leave those installations that were being maintained on the server. Why have a full-blown CMS run a simple one-page site? The files that had been altered could have been anywhere and my goal was to repair mine and prevent it from just happening again.
So, the sites I myself maintain and monitor have been fixed, updated and protected. If yours was one of those that I replaced with simple HTML, now you know why.
My gosh! Try to stay current but shoot yourself in the foot much?
portaudit does the wondrous job of letting me know port vulnerabilities each and every day … We like “0 problems found” to be returned in our daily email, yes? So when there is ports that need to be updated, I usually give it the ol’ portupgrade -aRr to cover everything.
In this last update, proftpd went and modularized everything. I noticed this because I have one server utilizing the MySQL version so as to easily handle virtual users and provide temporary accounts to transfer music files for the studio. So I figure how I have to update the conf file with the proper settings to get proftpd running. Finally when it is happy, logins are failing and I don’t know why. I find in /var/log/messages that there’s a chroot problem … Tracking this down shows that I need to update my FreeBSD version due to this security vulnerability that proftpd is detecting.
Now off to the make buildworld and some hours of compiling. Can’t just build the kernel. Blast!
Regarding Verizon.Net :: A change on the PF firewall’s rule set. Forever the bridge was never in the ruleset and everything seemed to work just fine. Finally, because of the proper testing environment, found out it was my own problem all along. Added rules to address the bridge interface directly. Those rules never seemed to have been needed before … or were they?
Regarding the Wireless Router :: I gave up on it as the MBP17 acted flaky since I unplugged the hard wire … The MBP15 seemed okay with it and remained logged in to IRC room on #pf (which is where I was seeking firewall help) and I guessed at the bridge rule … It happened to work … Anyway, I plugged the cables back in and I think I’m going to try the router that I originally bought that fixed all the problems before … Last resort is to buy Apple’s wireless router.
Now digging through all old email, etc and finding email addresses that I need to send an update to … It seems I haven’t sent a newsletter since 2007 .. Hmpf! Well, no new is good news, right?
A quick update to let you know how Andy Reid and I are alike … I’ve goofed.
Number 1: I thought the Internet was slow from the new connection and called service to have it diagnosed. All the while placing the blame on them, it was I who had coded in the firewall rules the throttling for the old T1. After I changed the values to reflect the much higher speed that is now available, lo and behold it smokes now.
Number 2: While poking in the firewall I started thinking about my Verizon woes again and decided to try to tackle this once again since this problem of not being able to connect has plagued me through 3 or 4 Internet connections. For the first time I was able to connect through my connection, but not through my firewall. With my firewall “opened up” for the mail server, it still will not work over the bridge. I can telnet to hotmail perfectly fine and then in the very next command watch telnet time-out to Verizon.net. I feel that I’m closer to a solution though as I now have something to go by and it’s been my fault all along. So I should take down my “Verizon Sucks” post?
Number 3: The post that’s gotten the most comments here was about the Mac and the Self Assigned IP. While not everyone has used my solution, they’re thanking me for the posting of someone else’s solution. That’s fine. Since my solution was a Belkin router, when I started to move things over to the new location I bought the very same router. Shortly into my Internet usage, the wireless signal would be lost after a certain amount of time. Not the IP problem, just connectivity. Weird. I made sure that the configurations were the same with original router and this new one. They were. I couldn’t figure it out, so I hard-wired and it’s been that way ever since. For some reason I went in the router recently and noticed the Firmware Update. It was two releases behind. I upgraded the firmware, popped out the network cables and have been wireless ever since. Did the newer router come purchased with an older firmware? I won’t know until I check the old router, but if I were a betting man …
You learn something new everyday. I’m not entirely opposed to admitting when I’ve done something wrong, but I sure thought in the first two cases that I was right. The last here is an honest mistake I think … What say you?
So I’ve been doing my thing. Trying to get the gist of it all and get things in place, working, etc … and then they start with this Rails 3.0 stuff that it doesn’t seem I can run …
What I mean is, developers seemed to have moved on to Rails 3 but I don’t understand how. I decided, okay, it’s an RC (Release Candidate) so I’ll take the plunge and install it on a public server and start developing. Welp, Rails 3 requires ruby 1.9.2 far as I know and I can’t get that installed successfully in a FreeBSD environment when the latest ruby is 1.8.7 (2009-12-24 patchlevel 248) (which currently has a UTF-7 encoding XSS vulnerability in WEBrick.) … sure 1.9.2 will install, but it doesn’t install a “ruby” binary, it’s called ruby19 and you have to symlink or copy it to “ruby” … Why?
Can you run rvm on a production server? Would you? Why?
In Rails defense, their website isn’t advocating a new release nor to install it, yet touts how many people are running it in production already … Bah! Cutting edge.
In other words, I think there’s just still too much stuff up in the air to actually try to massage Rails 3 into place before the rest of the world is ready for it. I mean, Rails isn’t the only thing in my servers that use ruby …
… A couple hours later UPDATE: Ruby 1.9.2 Released
I see I have a lot of Verizon visitors and I figured I would express my displeasure with Verizon just for you. You should be flattered.
#1 reason why Verizon sucks? I can’t send “verizon.net” people email from my mail server. I spent an entire day trying to communicate this to Verizon support and I got absolutely nowhere. The people with the accents kept asking for my Verizon email address or my DSL phone number no matter how many times I told them I wasn’t a Verizon customer. I asked for the phone number for their NOC who handled their mail server. Confusion.
Their web interface doesn’t work either. I am not using my mail server to browse web sites and use their white-listing page. My mail server is in a dark server room dutifully sending and receiving email 24 hours a day. Fighting SPAM and Viruses and doing a damn good job of it, but Verizon won’t accept my email. I receive the email from the nice web interface telling me that everything is okay, and when I reply to that email, my email is returned 7 days later never being able to make an SMTP connection with Verizon.Net’s servers.
I resorted to opening a ticket with my upstream provider, and they had no luck in helping me. They suggested I reach out to Verizon customers and have them complain that they can’t receive email from me. Can’t say as I know any Verizon.Net customers, nor could I email them asking them such a favor. They were able to telnet to Verizon’s listed MX and issue simple telnet commands, so they assume that any of their IPs would be able to do the same. Well I try from my mail server and other machines, and all I do is time out. I just sent anther letter to my provider, but it’s Verizon that needs to provide me support.
Anyone from Verizon, please respond to this post and help me deliver mail to your customers from my customers. Thanks.
#2 reason why Verizon sucks? They advertise FIOS constantly on my TV, but it isn’t available in my area. Comcast dominates the Philadelphia area and Verizon finally won against the powers that be to start installing FIOS in the Philadelphia area. Where do they start? In the suburbs. If I could get FIOS to my location, my connection speed will increase 100 times and I will pay absolutely no more money per month for my connection. That’s substantial for me.
I just got Comcast Internet installed at a new location and it blows away my high priced connection. It is an eye opener, but Verizon has been teasing me for so long. I need new copper run for my local loop, but an insider told me that they won’t run new copper, they want to install FIOS – well it’s not available in my area, and I have to deal with outages and bounces … That makes Verizon suck!
Bottom line, hey – Verizon, install me some FIOS and let me deliver email to your mail server, and we’re golden! Thanks again …
If I don’t write this one down I won’t remember it, especially at this hour when I finally got it to work! I was having a devil of a time on the passenger-install-apache2-module … While it says it “found” everything, I guess it really didn’t … The Apache2 Portable Runtime stuff apparently needs directories to be found. Inevitably, this is how I got it to work:
setenv APXS2 /usr/local/sbin/apxs setenv APR_CONFIG /usr/local/lib/apache2/apr-config setenv APU_CONFIG /usr/local/lib/apache2/apu-config
Of course, I found those one at a time Googling all over the Internet and the last was found within the source notes at github … A bunch of what I found had nothing to do with FBSD … Anyway, so the result should look something like this when run:
Checking for required software... * GNU C++ compiler... found at /usr/bin/g++ * Ruby development headers... found * OpenSSL support for Ruby... found * RubyGems... found * Rake... found at /usr/local/bin/rake * Apache 2... found at /usr/local/sbin/httpd * Apache 2 development headers... found at /usr/local/sbin/apxs * Apache Portable Runtime (APR) development headers... found at /usr/local/lib/apache2/apr-config * Apache Portable Runtime Utility (APR) development headers... found at /usr/local/lib/apache2/apu-config * fastthread... found * rack... found
Sheesh!
Web 2.0: Gaetan sent an invite to my email address to follow him on twitter, so I signed up finally. Honestly, I had actually been meaning to sign up with twitter and facebook … My older brother is terrified of facebook, he thinks Rupert Murdoch is after him … I’m particular in the information I share but let’s be honest, if someone like Rupert Murdoch wanted the goods on you, guess what? He’s going to get you …
There are so many times that I think of something to blog, but I never get around to it. I think of the situation, the story and everything, but then I don’t get to it. Or, maybe the paranoia of what I would be posting and the opinion that may come of it, or too much information shared … Blah, tough living in this day and age, isn’t it? The age of immediate consequences from something you may post online. The Internet is everywhere and immediate. Anyway, here are the current events:
Hosting: There have been several instances in the hosting area that have devastated me. One, I had a disk crash on a machine that I never thought the disk would crash. Like, I had it in my mind that that was a pristine machine and I didn’t have to worry about it. It’s where all my stuff was and where I could just ssh in or sit at its console and update code on the fly … No backups. Gone. Now I have everything important on RAID5 and my personal machines have Time Machine running.
Verizon is a huge thorn in my side. My last mile is Verizon. Verizon is copper. Verizon wants to run FIOS (fiber) in Philadelphia. Comcast rules the video market in Philadelphia. Seems contacting politicians is the only way Verizon FIOS will come to Philadelphia. There is nothing more than I want right now is FIOS to be in Philadelphia because my connection speed would greatly increase immediately. How this affects me now is that Verizon doesn’t want to run any new copper, they only want to run FIOS. I have had a terrible time as of late with my connection and this is the problem. It happened the first time in May and was dormant until Christmas Eve, from then on it was daily bouncing until the last copper pair change. Verizon has been on site over 3 times. It’s too late, the customers that this affected the worst have already found other solutions. Not cool Verizon, not cool at all.
Octane: Sound for Octane continues, but with almost every venue having house sound installed, I can’t rememer the last time I needed my PA. For that matter, the last time I had the PA in the trailer, the trailer was burglarized for one bass bin and one monitor. They took nothing else although much was in there as well as all the band’s gear that was strewn to just the outside of the trailer. Makes absolutely no sense. I still haven’t been able to sell the truck since replacing it with the van and trailer. I should try that on eBay again. While Octane remains booked fairly steady for a band in their position, there are weekend nights that I am sitting home.
Fosterchild: I have mixed Fosterchild a couple times since the lineup change and circumstances warranted it. It was a welcome change from the norm. Apparently we’re going on tour soon!
Out On the Town: I have started working with the paper again. This time I am doing the layout on the computer. Another reason for my Mac purchase. (Still steamed about that one [previous entry], but I will survive. I have rationalized some things away.) Hopefully this will help with the ultimate goal of sitting on my ass the rest of my life.
Windows: I found out that MS Access doesn’t scale, or self sustain. Don’t know how to put it, but left to its devices, a web site utilizing an MS Access database will cause ASP to hang on a Windows Server. The database needs to be regularly reorganized. I can tell you for a fact that this will not happen on any other platform. Thanks again Windows! Way to mess up everyone’s life on your server cause you can’t handle something and don’t report on it either.
Health: My health is getting better. I had my last cigarette September 27th, 2008 at 10:45pm. This was right before Octane’s first set (acoustic) outside at The Whiskey Tango. During the set, pressure mounted in the center of me chest and by the end of the set I was getting sharp pains. I didn’t go out for a smoke after the set, I took it easy but sharp pains came and went and I generally didn’t feel right. I was getting scared and I decided that I thought I should go to the hospital. I spent the weekend in the hospital while they did all sorts of fun tests. All tests were okay. I then went back to have a camera shoved down my throat and that turned up acid damage in my esophagus, stomach and duodenum. I was told to take 4 Prilosec daily. The anesthetic for the tube test was wild, like snapping your fingers, test done and two and a half hours went by. I haven’t smoked since and have started dieting and exercising. I may get a Brazilian and wear a bikini or thong to the beach this summer? … and everyone knows how I love the beach.
The Whiskey Tango: I went back to work at The Whiskey Tango May 20th 2008 to fill in the open nights with Octane and to do the off nights. Ronnie quit to go work for Spellcaster down the shore for the summer with more nights. Since then The Whiskey Tango changed ownership and management and those off nights aren’t happening anymore. Status there is up in the air right now.
Coding: I recently updated some old ASP pages I did way back in the day for the Bigg Romeo site. That was fun. I am progressing on new web development projects and I am very excited about that. Also thinking of ways to further promote the hosting through a better interface. The new trickles in slowly anymore and Verizon isn’t helping with the departed. Here’s hoping FIOS comes through. They are sure to support that endeavor more than they’ve helped me now, right?
OH! and the biggest thing about all of this is that anything new will be in a new location! All the servers, routers, switches, computers, etc. will be moved to a brand new location. We will be moving but still don’t know when yet. I am hoping for A.S.A.P., but that’s me.
That’s all I can think of right now. Any questions?
