I had the strangest thing happen today, Seemed a Bad Bot was Crawling my pages. I was getting at least 60 page views an hour from this bad Bot!! The individual IP’s of this Bad Are:
After the first initial hour of this going on, I started wondering what this bot was doing. I did some more research into this little bot. I did find out it is owned by Kintiskton LLC. (Twitter Search)
Anyways It bothers me that when you do a Google Search for this company, it comes back with no company. Some people have already did there research and have come up with very little.
I dug even more and some are saying this might be Homeland Security, and I have my own thoughts on this. I might be paranoid myself but if there is no company out there and the IP keeps coming back, I assume it is BAD mojo. Some people worry that it is a hacker probing for vulnerabilities and that worried me.
I decided with the Help from Godaddy, to ban the lot of IPs. I figure someone is trying to get information or trying something they shouldn’t, I’ll stop it myself. If you have WordPress and are also having problems with this ip, you can ban it by adding this to your HtAccess file:
order allow,deny
deny from 65.208.151.112
deny from 65.208.151.113
deny from 65.208.151.114
deny from 65.208.151.115
deny from 65.208.151.116
deny from 65.208.151.117
deny from 65.208.151.118
deny from 65.208.151.119
allow from all
This is how you block those ip in the HtAccess file. Thanks to WordPress for showing me how.
Just got done looking at some of my security sites and according to SecuriTeam there are are several programs that have vulnerabilities. here are the Ones that I’ve found:
Google chrome is vulnerable to URI Obfuscation vulnerability.
An attacker can easily perform malicious redirection by manipulating the browser functionality. The link can not be traversed properly in status address bar.This could facilitate the impersonation of legitimate web sites in order to steal sensitive information from unsuspecting users. The URI specified with @ character with or without NULL character causes the vulnerability.
iPhone Configuration Web Utility for Windows Directory Traversal
iPhone Configuration Web Utility lets “you easily create, sign and distribute configuration profiles using a web browser”. A vulnerability in iPhone Configuration Web Utility allows remote attackers to access files that reside outside the bounding root directory of the program’s files folder.
Streamripper Multiple Buffer Overflows
Streamripper “records Shoutcast and Live365 MP3 streams to a hard disk, creating separate files for each track. Runs under Unix and Windows.” Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user’s system.
Amaya URL Bar Stack Overflow Vulnerability
A vulnerability in Amaya browser allows remote attackers to cause it to overflow an internal buffer which in turn can be leveraged to execute arbitrary code.
These are the ones that I found and wanted to let you know about these so you can make your system even more secure. if I find any others I’ll let you know!!!
I recently bought a Cricket Broadband USB for 40$ a month. I tried to get the system to activate it automatically but that kept on failing. Finally called the tech support and found out this little tip. So here is how you manually activate it:
Once your are to the Quicklink Mobile Menu you will want to hit Control-D:
It will bring up this:
The Password to get into manually activate your Broadband USB card is six zeros no more no less!!
Once your enter the password your will get this screen:
Activation Code : Same from above Six Zero’s
Phone Number : The Phone number that is your broadband card
The IMSI (Min) Code : You will find that in the Indirect Dealer Copy. It will be the one telling you another number. In mine it said this:
“In order to program your phone, you will also need the following number (###)###-#### (MIN)”
Enter that number in there without any special characters it would be ########## and then press enter. Close out the Quicklink Mobile menu and reload it. Then click Connect and you should be ready to go!!!
According to a media reports, Erik Tews and Martin Beck claim that they have found a way to unlock the Temporal Key Integrity Protocol (TKIP) key, used by WPA, to read data sent from a wireless router to laptop computers. According to the researchers, the key can be cracked in 12-15 minutes.
According to Sophos, they are claim that people can now watch what you are doing on a Wireless router to a laptop. Although this isn’t to be unexpected this is a very serious out come. It is now easier to watch what people are doing online. So does that mean people can see everything you do? Not necessary. According to some people this is harder than it seems, most of the websites you visit are not encrypted, but websites that use the “https” protocol are more safer to use online. You should be safe if you are buying things online as long as you are sure it is secure. Some other steps to take to help make it harder to unencrypte your wireless single is to use Roboformpromotion codes you will get for 10% or 20% off the purchase price!!
If you have a wireless router and want to be secure with any transactions online you might think about hooking up to the internet via the CAT5 cable. This is one way to prevent anyone from seeing what you are doing online and protects your privacy. Although this too can be overcome in certain circumstances they are much harder to do and implement so you are safer this way than with most others.
According to Computer World, dated Oct 31, 2008 and I’ll quote:
“Over the next couple of months, we’ll be rolling out another infrastructure update to the Windows Update agent (client code),” said an unidentified Microsoft employee on the Windows Update team’s official blog. “This update makes it possible for users to install more than 80 updates at the same time.”
Now if your like me and have several computers who need to be updated at a given schedule, you sometimes worry about these updates that come along that might just break your system. I have been using a program call Offline Updater, which does what Autopatcher does really nicely. So why is Microsoft sending out this patch? Two reasons, one they want you to be able to update your operating System without hurting your system integrity.
Now lets talk about the integrity of having to reboot your system. You see, every time you reboot the system, it causes the system hardware some strain. It is something like having starting up a car, sooner or later you will have the starter go out, because of to much start up.
Second reason for this is, basically the update software needs to be update yet again for any security flaws or features that might be exploitable. I am sure there are some and Microsoft probably knows about that we do not. So that is the second reason, which it is the most obvious reason yet to push out another revision of the Windows update.
What about stopping the update from effecting your system. The only way that I know of is to prevent Windows from checking for updates. Which is simple:
Windows XP Version:
[Category View and Classic View]
<Start> / Control Panel / Security / Click Windows Updates
<Orb> / Control Panel/ Security Center/ Windows Update / click “change Settings”
With both ways, you will be able to control four ways to handle Windows updating and they are:
Automatic - Will download all necessary updates and install them without your permission or knowledge. Note some of the updates will automatically reboot your system. Most commonly they are set to do this every day in the 12am to 4 am period of time. So when you wake up you would see an log in screen.
Download updates but let me choice which ones to install and when - This is most commonly used by people who don’t want to bother having to check manually. It will check and download, then it will let you know.
Check for updates but don’t Download them- This is like the previous one but this will only tell you. The rest of the decision is in your hands not the computer. This is good for people who have limited system resources, like Hard drive space. It still reminds you like the previous one but won’t download any updates.
Never check for updates- This is used for people who don’t want to be bothered with updates and have a way to update manually. This is commonly used by businesses who have several systems on and don’t want to risk an update causing trouble or weigh down the companies internet by downloading updates un-necessarily. This option is not to be messed with because it leaves your system with quite a lot of vulnerabilities. You do this one if you have a set schedule to update each and everyone system. (Extremely Dangerous to do)
With what I talked about, I am hoping you find this useful and to share your discoveries with other people who might want to be able to change how Windows updates are handled on other systems. If you have comments or questions, please post them in the comment section and someone will be more than glad to help you out.
Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (KB953155)
This update resolves a privately reported vulnerability in the Windows Internet Printing Service that could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.
This update is rated Important for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and Windows Server 2008. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses this vulnerability by changing the way that memory is allocated within the Internet Printing Protocol (IPP) service. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
Now from what I understand, if you have a Network attached printer on your system this would make you more vulnerable to someone taking control over your system. So this patch is supposed to fix that. I am recommending to all to update this and fix this update ASAP. I do not know if you don’t have one what that would do so just install this update, because you will undoubtedly still be runing the Internet Printer Protocol even if you don’t have a printer.
A vulnerability has been identified in MicrosoftWindows, which could be exploited by attackers to take complete control of an affected system. This issue is caused by an error in the Server service that does not properly handle specially crafted RPC requests, which could be exploited by attackers to crash an affected system or execute arbitrary code via a specially crafted request.
On Windows Vista and Windows Server 2008, the vulnerability is only exploitable by authenticated users.
Note: This vulnerability is being exploited in targeted attacks.
This was just discovered and needs to let people know. I will do more research on it and maybe come up with a way to fix the problem. According to my sources there is a patch that will fix the problem!!
*UPDATE* According to Microsoft:
This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.
[Via Microsoft Security Bulletin]
| Posted by Paul Sylvester 
Categories: Hacked, SECURITY, wordpress | 
Tags: amp, App, Browser, code, company, EA, FIREFOX, Forums, godaddy, Google, hacker, Help, homeland security, htaccess file, Image, JavaScript, lie, order, page views, quote, research, self, Show, Someone, something, Spam, status, Tech-linkblog, today, twit, Twitter, UP, Use, Vulnerabilities, wordpress | 
9 Comments »
Recent Comments