I’ve got all traces of the old cms system off of the server now. (Well there might be a README here or there, but all php scripts from the old CMS are now gone.) At this point I can disclose a bit about the sudden move.
(more…)
Category: Security
-
Busy Evening
-
Windows RDP Denial of service vulnerability
I just saw this article at zdnet news a few minutes ago. Basically a new security bulletin is out with regards to Windows Remote Desktop Server being vulnerable to a denial of service (DoS) attack. Essentially it affects Windows 2000, XP and Server 2003. It appears that under an overwhelming flood of requests the system could blue screen. This vulnerability though, I think points out a flaw in the software firewall of XP (more…)
-
More on the virus/trojan front
I have a couple new things to post. One, in my futher investigation of the server logs, from the last big topic…. (read the entries below.) I’ve discovered at least one MAC, so this should be a warning that no one should take system security for granted. Likely someone has installed a rootkit of some sort on that machine, as I know of no virus or trojan that is cross-platform in it’s ability to be a spam helper.
(more…) -
Progress…
Well, things are shaping up a little better today on some fronts. My webhosting provider apologized for the offensive tone of the subject of their message to me. (Given that they provided the script that they warned me about.) And they’ve taken my suggestion to pass word along to ALL of their customers that have the script in their account that they should find an alternative and get rid of cgiemail. The fact is cgiemail as a script has not been maintained in several years and there are other options out there. I encourage ANYONE using it to look into replacements.
(more…) -
I’m just a bit ill at the moment…..
Yesterday morning I started the day with a check of email —0– 1100 messages… ?? Yes 1100. Most of them were filtered into a folder I set up for delivery failures some time back. (about 950), (about 100 to junk mail and then 50 to the inbox). I started investigating because my usual morning haul is 150 or so with 2/3’s being filtered into a spam folder, the rest being routine messages from scripts on servers I monitor, daily correspondence, mailing list digests/etc….
(more…) -
The connection between Spam and Viruses
After comparing MANY of these delivery failures (a fraction of what has gone out with my domain name forged I’m afraid…) They are all advertising essentially the same site (sometimes different gateways to it, but I’ve traced it all back to a close group of domains that have been unresponsive to abuse reports online…. (more…)
-
Junk Mail
In the last hour or so I’ve received a TON of bounced emails to various fake addresses at averyjparker.com Just in case anyone has come here thinking I’m sending them out, I’m not. Some junk mailer has decided to forge the return address with averyjparker.com as the domain. Unfortunately this is rather trivial to do. (It would be equally simple to have email that appears to be from gwbush@whitehouse.gov) (more…)