What I’ve Been Doing?
Apr 17th, 2008 by Don Ray
While I have skipped posting for a few days, I have still been working on several areas of the blog. Technical stuff is therapy for me and much less stressful than doing several other things.
One thing I have done is to review all of the existing posts and add “Tags” for the majority of them. The “Tag Cloud” on the right side panel reflects the number of entries by the relative letter size of the tag. In reviewing all of the posts, I found many posts are missing photos or graphics. Some I fixed. Some I left without a photo or graphic and some I deleted. I am done with that process. Making a blog more easy to find information, is not all that easy. Whether, the “Tag Cloud” work is of benefit or not remains to be seen.
I sent questions to my webhost for support in solving the problems I had had with hackers. Basically the response I got was make sure I was up to date with all releases. They weren’t responsible for what was installed, so they couldn’t answer what might be wrong. I got no answer to questions on whether other users had been hit recently. It was easy for them to say that they were not responsible for the current installs because they had removed the install programs (Fantastico) from my access, when they moved me to the last server.
I had to upgrade the Photo Album software (Coppermine) as it also got hit by the hacker on the last attack. With that upgrade I am at the latest version for WordPress, the MistyLook theme, and Coppermine.
I removed the clock plugin from my theme. I am still thinking about whether I like it better with or without the clock.
I next moved to looking for potential sources of entry for the blog hacker. I found a couple of possibilities. The “login” for the WordPress admin is one possible source. To secure login, one could use ssh tunnels, but that would require more support than I currently get from my webhost. I found another plugin that adds a second level password and I think that should do a good enough job.
I changed all of my passwords and the new passwords are at a much higher level of difficulty.
Another security flaw, I had, was my FTP method. I had been doing standard FTP, to move photos to my host, and that sends the Id and password in the clear. I changed my FTP program (gFTP) to request ssh2 and now that connection is secure.
A final opening was Cpanel, which is an interface that is provided by many webhosts to enable a user to manage his/her address space. Unfortunately, native Cpanel sends your Id and password in the clear. Now this is extremely serious, because this could allow a hacker entry to the root area for the user and then anything could be done. The webhost could care less, if your address space gets mucked up, because all address spaces are secure from one another. They can still say the problem is not theirs.
I sent questions to my webhost asking how to secure Cpanel. They said it was secure. I said I didn’t think it was. I researched securing Cpanel on the Internet and found if I connected through a different port, I could use ssl. Now my Cpanel and any thing I do through Cpanel is secure. I informed my webhost that they had provided me bad information and how I secured Cpanel, and they didn’t bother to respond.
I then moved on to look at using ssl for my email, to secure my password signin. I know it would not secure my message, but securing the password would be a big step. When I questioned my webhost about this, I was told that I could try it. It might or might not work since I was on the “last chance” server. I can’t tell you how good that made me feel to receive a response like that. I tried ssl and it didn’t work, so I am just living with an insecure email connection.
I have a couple other things to do on the blog, but for the most part, I am caught up. I certainly hope that these efforts harden my security a little. I am lucky I was running on Linux and not a Windows based PC or the hacker could have taken my PC town also.
I guess that is all of the technical gobbledygook for now. Have I missed anything that has been going on for the last 4 days?
. Hi Don Ray:
Good to see you back. There is an article in this week’s Business Week about sophisticated hackers getting into the Defense Department and the State Department I did get the impression that for them to get into someone’s computer the owner had to click on an attachment.
It is interesting that what is therapy for you is torture for most of us. Do you use your Mac Mini for anything?
Hi Tom. Currently my Mac Mini is being used for English Lessons. Actually, I prefer using my Linux PC over the MAC. Mostly because it is much more powerful than the MAC mini. All systems are different and the one you are most familiar with is usually the one you enjoy most.
If you are using a Windows PC that isn’t current with the latest security updates, you can get infected simply by entering a website that will deliver a virus. Normally this is prevented by having current virus signatures in your AV and a good AV.
This is much more difficult if the PC is an Apple or running Linux.
Normally people say they don’t need to worry about getting a virus from a bad website, because they don’t go to bad websites, because they assume that it is easy to tell dangerous sites from non-dangerous sites.
However, the hacker that got this blog was redirecting traffic to what now appears to be a site in Russia. Omar, in Panama City, had his PC infected and I know that Omar keeps his PC current and AV up to date. Luckily, Omar had a back checkpoint to get him back up. Many people don’t create and maintain a check pointed backup.
My Windows PC is too old and the checkpoint function no longer works. Since I rarely bring up Windows, and have moved all files to Linux, I am not all that worried, if I lose it some day.
Many viruses are sent via email and usually you do have to open an attachment to get the virus. To modify parts of the OS in both Apple OSX and Linux, you have to provide the root password before the change can be made. I don’t know if Vista has hardened this area or not.
Hello Dan:
“I informed my webhost that they had provided me bad information and how I secured Cpanel, and they didn’t bother to respond. “
Is there a possibility that you could change your webhost? According to your comments, his service is not up to par. I’m glad you’re back. I was checking CCeveryday serveral hours a day to find traces of you. Are you going to blog daily as before?
Best Regards,
Omar.-
Hi Omar. You usually get what you pay for and my rate is pretty cheap. As long as the current server holds up, I am probably ok. I have learned a quite a bit by having to do more of my own maintenance and I am actually more current on product versions that I was with the automated product.
Changing webhosts is always a possibility, but one I keep as a last resort. Sometimes the devil you know is better than the devil you don’t know.
Related to posting frequency, I will post if I have something.
I want to get out and take a few short trips. I hope I can work them in because getting out does me good.
Don I’m glad you’re back as I was wondering if Sophia is well again.
Hi Yvette,
Sofia returned to Panama City Tuesday morning. She was fit and feisty. Thanks for asking.
Don Ray,
Good to see you are posting again. When I looked for e-mail providers that used SSL, I didn’t find too many. In fact, only one, Luxsci seemed to fit my bill. They aren’t cheap, but I’ve had good service.
If I switched my email to gmail as my primary email, I would have it. I am considering doing that.
dear don ray,
how is carson & your daughter kim & la familia doing? i am not welcoming you back because i still think you need more time(but of course i asked you a ? there you go) thank you ellen
They had to take Carson back to the Doctor because he was still sick. I am hoping now he is better. I need to check. Thanks for reminding me.
Hi Don, it’s good to see you back online. You could get a personal certificate (or digital id) to sign your email messages. VeriSign offers it for $20 a year. There are other providers as well. I am not sure if you need that but it could be something you want to look into.
Don, you have made my evening and bring joy to each tomorrow knowing you are back. Missed you. Glad to see you are in a comfortable place with your security for the moment.
I haven’t ever looked at that. I will check it out. Thanks.
Jerry, lets just hope the security holds up for a while.
hi don
,but if you preffer play poker, bad girls, beer & rum, salsa, more bad girls ….come here with money…oh, oh, bertha is reading,,,,forget last….
…only hobby
David
Hmmm. I think you are in trouble with Bertha now!
Glad you’re back. Before you left, I was on the internet researching hotels in David, and got referred back to your site. As many times as I’ve been here, I’d never seen the comprehensive list with pictures that you had done.
See? We need you, doing what you do. but only if it’s fun. As I used to tell my team at work (back when I worked), “Have some fun today. If you’re not having fun, you’re doing something wrong.”
Hi Mary. Thanks for taking the time to leave a comment. Usually it is fun. Life at this age needs to be fun.
Welcome back.
I’ve been following your travails with much interest since I’m probably going to be forced to develop my own website as I’m about to outgrow my picture hosting site’s maximum storage capacity.
REALLY glad CC is back online again..
Mike
It is probably easier than it appears from watching my site. I seem to be a problem magnet.