Tag Archives: NET

Catch up on Microsoft patching fast

Last week, Microsoft quietly released its convenience update pack for Windows 7, 8.1., and Server 2008R2. This is a great opportunity to catch up on Microsoft patching, as it incorporates all of Microsoft’s OS-level updates from the release of Service Pack 1 to April 2016.

Here’s how to use this to clear your corporation’s backlog of Microsoft patches. No, I haven’t seen your corporate network, but I’ll bet you have one.

Continue reading Catch up on Microsoft patching fast

Move Debian to new hardware without messing up networking

One advantage that Linux has over Windows is that you generally can pick up a machine and move it to new hardware. The trickiest part is getting the network card(s) working.

Maybe I’m the only dummy who had a hard time with this. Well, except for one guy who posted a question somewhere, got no answer, then came back and said something rude to the people who didn’t answer and said he switched to FreeBSD. That was entertaining, but not helpful.

Just in case everyone else is afraid to speak up, here’s how I got the network cards working after I imaged the disks from a failing Debian server to newer hardware.

Continue reading Move Debian to new hardware without messing up networking

I got hacked. I did it to teach you a lesson, and I’m sure you believe it.

The other day, this showed up in my e-mail:

A file change was detected on your system for site URL http://dfarq.homeip.net. Scan was generated on Tuesday, November 3rd, 2015 at 5:25 am

A summary of the scan results is shown below:

The following files were removed from your host:

/var/www/wordpress/wp-content/cache/supercache/dfarq.homeip.net/wordpress/index.html (modified on: 2015-11-03 03:23:52)
======================================

The following files were changed on your host:

/var/www/wp-content/themes/twentyfourteen/functions.php (modified on: 2015-08-19 22:24:04)
/var/www/wp-content/themes/twentyfourteen/header.php (modified on: 2015-08-19 22:24:04)
======================================

Login to your site to view the scan details.

I didn’t make those changes. Fortunately fixing it when changes appear in functions.php and header.php that you didn’t make is pretty easy.

Continue reading I got hacked. I did it to teach you a lesson, and I’m sure you believe it.

Reversing some WordPress malware

Aug 2016 update: Back in 2015, some kind of spam bot wormed its way into my site. I quickly cleaned it up, then decoded the attack and posted details here. Not long after, the spambot started directing traffic to this post, because it contains enough of the magic words, I guess. Only instead of serving up spam, it’s serving up my analysis. I’d rather you read this than spam, so I’ve left this page up.

On to the original post…

A few minutes ago I received an alert that some files had changed on my site (thanks to All-In-One WP Security). But I hadn’t changed anything and WordPress hadn’t updated itself.

Here’s what I found, and how I fixed it.

Continue reading Reversing some WordPress malware

All-in-One WP Security and Firewall plugin can be spectacular, but be careful

Over the weekend I installed the All-in-One WP Security and Firewall plugin to fix another issue–more on that tomorrow–and I ended up breaking my site. Hopefully I fixed it to a better state than it started in.

The lesson, as with many security tools, is to proceed with caution.

Continue reading All-in-One WP Security and Firewall plugin can be spectacular, but be careful

In defense of Anthem declining the OIG audit

Anthem recently refused to allow the Office of Personnel Management’s Office of Inspector General (OIG) to perform an audit of its networks. Coming on the heels of a large breach, there’s been a bit of an uproar about it.

There are a few things to keep in mind, the first being that this isn’t driven by law enforcement–it’s a customer requesting an audit.

Continue reading In defense of Anthem declining the OIG audit

How to use the lock in your web browser’s location bar

A commenter asked me last week if I really believe the lock in a web browser means something.

I’ve configured and tested and reviewed hundreds of web servers over the years, so I certainly hope it does. I spend a lot more time looking at these connections from the server side, but it means I understand what I’m seeing when I look at it from the web browser too.

So here’s how to use it to verify your web connections are secure, if you want to go beyond the lock-good, broken-lock-bad mantra.

Continue reading How to use the lock in your web browser’s location bar

1984 called. It wants its surveillance back.

So, the reaction to my story about my coworker’s 10-year-old going all Scooby Doo on the guy who had the nerve to steal his dad’s car was definitely mixed. Most people, of course, lauded the 10-year-old’s detective work. Others pointed out the dark side.

And there is a dark side.

Continue reading 1984 called. It wants its surveillance back.

Fixing the .NET Framework when it b0rks on you

The bane of my existence as a sysadmin was .NET. It would corrupt itself randomly, sometimes taking with it this awful CA product written in .NET that nobody else wanted anything to do with.

In my day I’d reinstall service packs and the latest patches and one of the six things we tried would fix it. I rarely knew which one. But that was five years ago. Today, as long as you’re running .NET 4.5.1 or earlier, Microsoft has an automated tool that repairs it. You can run it as a GUI app or from a command line or script. Curiously, it doesn’t support 4.5.2 yet–maybe that means 4.5.2 doesn’t break. We can dream, right?

Normally I’d say upgrade to 4.5.2 since its end of life is in 2023, as opposed to 2016, but until the fix gets revised to support 4.5.2, I won’t blame you for staying back on 4.5.1. Availability is 1/3 of security, after all.

Here we go again. Net neutrality is not Obamacare either.

To nobody’s particular surpise, yesterday president Barack Obama endorsed a form of net neutrality. And immediately, Sen. Ted Cruz (R-Texas) came out swinging against it, calling it, “Obamacare for the Internet.”

Sen. Cruz appears to have either failed to read, or refused to read, the four-point proposal, which is short and simple enough to fit on an index card, if not a business card. He also failed to discuss the alternative–and there is a perfectly fair alternative to net neutrality.

Continue reading Here we go again. Net neutrality is not Obamacare either.