A security professional fights back against tech support scammers

I guess Matt Weeks is as sick as I am of tech support scammers, because he developed a way to fight back, in the form of a Metasploit module that exploits a software defect in the AMMYY remote access tool that these scammers sometimes use. Metasploit is a tool that penetration testers use to demonstrate–with permission–how hackable a computer network is. In this case, the would-be victim is penetration testing someone without permission. Run the module when the scammer connects to the would-be victim, and he or she gets a command prompt on the criminal’s PC. At that point, the would-be victim can break their computer, perhaps by deleting critical files, corrupting the Windows registry, or something else. Anything you can do from a command prompt would be possible at that point.

I’m anything but heartbroken that this threat exists, although I’m not going to do this myself. Let me explain. Read more

Make a Word hyperlink UNC path

I had an issue in a document with a hyperlink to an existing file. The file existed on a network drive, so the link worked fine… until someone with a different mapping for the I drive had to look at the document. Then the link didn’t resolve and the person got an error message. A confusing error message. It turns out it’s tricky to make a Word hyperlink UNC path.

Fixing it wasn’t as easy as it should have been. Read more

Beware of unexpected links in e-mail messages

Hackers are stealing Yahoo accounts by sending messages containing malicious web page links.

The message looks like a link to a web page on MSNBC. But if an unsuspecting user clicks on it, it redirects to another page that steals the e-mail account, allowing the hacker to use the account to send spam, or grab the account’s contact list.

The gory details are here.
Read more

Just added: More Like This

New feature: More Like This. It took me several hours to implement this one. It should have taken me less than thirty minutes. Hot tip: If you try to run a CGI script and you get Internal Server Error messages, try re-uploading the script in ASCII mode rather than the default binary. Betcha it works after that. When running under Linux or Unix, Perl hates extra carriage returns, and Windows often inserts them.
I think this is the next trend in Weblogs sites. If it’s not, it should be. The idea is this: You assign some keywords to each entry. And at the end of the entry, you put a line that says More Like This and some hyperlinked keywords. So if you like it when I write about baseball or music and you want to see more, click on the baseball or music hyperlink at the end of the entry, and the search engine I stole will go fish around for other entries I gave the same keyword to.

For sites that always write about the same thing, this isn’t very useful. For sites with eclectic content, this is a boon. You can quickly find whatever writings of mine tickle your fancy and skip over the subjects that bore you. How cool is that?

My goal is to put together the best site in the Daynotes circuit. I’ll never have the best content, but if I have reasonably good content and you can quickly find a whole lot of what you’re looking for (be it entertainment, stuff that makes you think, or technical content), I stand a ghost of a chance of reaching that goal.

I actually managed to implement More Like This without modifying any Greymatter code. First, I grabbed Meta Tag Search, a simple CGI script that searches on meta tags, from http://support.cws.net/hosting/cgiscripts.html. I followed the installation instructions. Like I said before, upload it in ASCII mode. You’ll save yourself a few hours and a lot of gray hair. Now, whenever I make an entry in Greymatter, I put a keywords meta tag at the very beginning of the entry. I don’t know if other search engines will find the tags there, but Meta Tag Search will, and that’s my primary concern. Then, at the end of the entry, I add collection of hyperlinks that call Meta Tag Search.

So now it takes a couple more minutes’ effort to make each post, but I think it’s worth it.

More like this: Linux Weblogs HTML CGI

WordPress Appliance - Powered by TurnKey Linux