A Few Changes Going On…
Nothing too drastic… same them but went default instead of the subvert theme. I like it better. Few more things I am working on… but been pretty busy. My server I guess… was accessed and was being used for hosting phishing eBay pages. I had no clue about this! I am trying to figure out how to trace back who did this. Needless to say, I have changed all my passwords on all accounts. I can't imagine how someone could get in and do that? I am waiting to here more from my host providor about the issue. They actually were very helpful and locked the directory that had the content in it. I am just waiting at this point to see what advise they can offer, or what suggestions they have in helping me track down who did this.
I honestly don't know too much about phishing. From what I know, phishing refers to pages that are created to look like another such as a mirror eBay page, and is used to try to collect user names, passwords, credit card info and such from registered users of the site. I don't know yet… perhaps that means something else entirely? Researching it a little bit tonight, and hoping to hear back from my host soon!
Advertisements:
Hot Deals:
September 11th, 2006 at 10:21 pm
They don’t necessarily need your passwords to do it - it could’ve been malware on your computer or in one of your skins.
Since you run so many different skins and operate your home system on broadband, without any hardware firewall AND you use Filezilla (no SCP), AND you’ve allowed people you don’t know access to your server (they might have placed a password tag in there), it is no wonder they got you.
Any one of the above places you at rish. Doing all of them is like advertising for the bad guys to come get you.
September 12th, 2006 at 7:54 am
Hey Vex,
There is only one person that I have allowed to access this site. However, he was only able to access blogtheinternet.com and not garryconn.com. The eBay phishing file was put into coppermine on garryconn.com. I sent you an email with the info.
My OS is up-to-date and such, I do have the firewall turned on and all the other protective services offered by Microsoft, turned on. However, I do not have a hardware firewall… (that is where you take an older computer and turn it into a dedicated firewall, correct?.. If so, how do I make one?) Yes I do use Filezilla (I forgot the name of the program that you recommended… will you let me know the name again… last time, promise!) What is SCP? I am now interested in not having something like this happen again… and now I want to take all the measures possible to prevent it.
September 12th, 2006 at 5:37 pm
SCP stands for Secure CoPy, the long ago replacement for the insidiously insecure FTP (File Transfer Protocol).
An SCP program uses SSH to copy files between two hosts. It uses syntax similar to the standard Unix CP command. Unlike regular CP, you must also include a hostname.
Having your OS up to date means nothing when running a Windows or Linux machine, because your machine is still 100% visible to the Internet without a hardware firewall.
A software firewall is a second method of defense and should never be used as a primary or only method.
A hardware firewall effectively hides your network (and connected computers) because all the Internet sees is your firewall, with its assigned IP. The network components behind that firewall have their own IP addresses and are only seen by the firewall or other systems on your network.
Bringing it down to a level everyone can understand, a hardware firewall is like having a locked solid-core door between you and the outside. You can get in and out, but intruders are kept out, unless you invite them in. A software firewall is like having available weapons inside your house. If you use both, you’re protected from the outside and have a chance at defending yourself if you make a mistake and allow an unfriendly in. If you only have an updated OS and a software firewall (NO hardware firewall), it is like sitting in your easy chair, back to the door (hanging wide open), you’re watching the TV, and there is a sign out on the street telling everyone you have cash, jewelry & electronics lying around everywhere. But you feel safe because you have a .22 pistol on your lap. Unfortunately, the bad guys may come in large numbers, toting automatic AR-15 rifles, loaded with full clips.
By the time you realize what is happening, you’re toast.
Depending on one’s surfing habits and email practices, both firewall types can be easily breached, if you’re not careful.
To turn an old computer into a hardware firewall/router setup, you do need proxy server software. The stuff that costs money is simple to administer. The free stuff is difficult to administer, frequently requires your attention and often isn’t that strong.
As for that Secure CoPy software, it is WinSCP. Not only will it handle SCP, it will also do the less secure SFTP.
September 12th, 2006 at 10:15 pm
GUI on this program? Similiar to CuteFTP or Filezilla… where you have split screen… and simply drag and drop folder, file, etc. from one side to the other?
A Linksys router… is this a hardware firewall too?
What does this mean? I remember you saying this before in the blog wars post?
Thanks for the help! Talk to you soon.
September 12th, 2006 at 10:37 pm
Are you going to repost or should I call your ugly self?
September 12th, 2006 at 11:09 pm
Looks just like them - only with more toys and tools.
Some Linksys & Netgear routers are equipped with a hardware firewall, while some may not be.
All it means to be visible to the Internet is that your IP is visible. If your IP is also what your machine is running on, anyone can attack it. With a hardware firewall, your main IP is assigned to your router, while secondary ones are assigned to each machine on the router. If your IP is 209.58.7.123 and it is assigned to your computer, anyone can see it and hack at it until they get through. They can do the same thing with a router, but a router is hard coded. When running a router, it gets your IP address (209.58.7.123) and each machine gets its own IP address, assigned by the router. These IP addresses might look like 192.168.0.2 or 192.168.0.7 and they are not readable on the Internet.
With a hardware firewall, an attacker would try to attack your router, while your computers remained safe and shielded. With only a software firewall, a hacker would be free to go after your individual computers or even your entire network, in search of a vulnerability in your software.
If you think your software firewall is secure, think again - if you receive email or install software, you might allow something to open a port in your firewall. Then again, you need open ports in your firewall, else you won’t connect to the Internet.
A software firewall is only a filter. As with any filter, it is not impervious to everything. Or, you can think of it as a window - that pane of glass will keep honest people out, but a crook can break it and get in. Now, adding a harware firewall makes that same window invisible - the folks outside don’t know its there because they cannot see it. If they can’t see it, they can’t break it. Yet even though they can’t see it, you can still use it.
September 17th, 2006 at 10:05 pm
An interesting discovery I’ve made here - a good portion of your problem may have been caused by the host.
Their security is way down lately.