You are currently browsing posts tagged “anti”

WordPress Brute Force Attacks on non-WordPress Sites

December 1, 2017 // Posted in Computer Tips, General, Main, Tips and Tricks (Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , ) |  No Comments

There are more and more would-be hackers out there that are trying to attack WordPress Sites via a brute force attack on the wp-login.php file that is used on worpress sites to log in to the site.

The problem is that they do not know what are WordPress Sites and what are not so they try connecting to a wp-login.php file on almost every site. This can lead to hundreds of attempts on your non-wordpress by these hackers trying to find a wp-login.php file on your server. Check your server log and you will see all these attempts.

Now if as many people as possible added a wp-login.php to their non-wordpress site re-directing any call to that page back to the IP address that attempted to find it, then these idiots would perform a DOS attack on their own PC,
and stop them sending any more requests.

Here’s how to do it:

Create a file called wp-login.php in your non-wordpress site’s root folder with the following text in it (Your server must be php enabled):

 

 

 

 

Let’s hit back at these idiots together.
Steve

Norton have got it very wrong with WS.Reputation.1 detection

April 15, 2017 // Posted in General, Main, Uncategorized (Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ) |  No Comments

Norton's WS.Reputation.1 detection Notice

Norton’s WS.Reputation.1 detection Notice

The way Norton’s WS.Reputation.1 detection works is the most ridiculous thing I have ever seen in an anti-virus protection program.

 

If someone creates a new program or a new update to an existing program, and only a few people that use Norton have the file or it has only just been built, then Norton immediately deletes it and reports it as a threat without any checks on the file for malware.

Now if that isn’t ridiculous then I don’t know what is. It means that every new program that is first added to a user’s PC that is running Norton gets flagged as a threat for no reason at all.

Here is an extract from Norton’s write-up:

“WS.Reputation.1 is a detection for files that have a low reputation score based on analyzing data from Symantec’s community of users and therefore are likely to be security risks. Detections of this type are based on Symantec’s reputation-based security technology. Because this detection is based on a reputation score, it does not represent a specific class of threat like adware or spyware, but instead applies to all threat categories. 

The reputation-based system uses “the wisdom of crowds” (Symantec’s tens of millions of end users) connected to cloud-based intelligence to compute a reputation score for an application, and in the process identify malicious software in an entirely new way beyond traditional signatures and behavior-based detection techniques.”

They themselves say that Because this detection is based on a reputation score, it does not represent a specific class of threat , So they think that the file is not necessarily a threat, but delete it any way, just in case! DUH!  That IMO, is not the way antivirus protection should work. It should only identify a real threat that can be proven as a threat, that’s how all other antivirus programs work.

So it sees how many Norton users are using the file and when it was created to make it’s decission? DUH! That means that as it is deleted immediately by Norton, the number of Norton users will never increase so the ‘Reputation’ score will never change. So how can you increase the reputation score?

I myself have recently created a new small program and had this situation with users and have had to refund their purchases because Norton says my installer is a threat. My software is checked by an independent source before distribution with 61 different anti-virus engines and all report they are CLEAN. I have been developing small software applications for 25 years and have never had any issues with my programs they are all malware free and to have Norton now start saying they are a threat is deformation of my character and must be illegal to falsely claim a developer’s products are malicious.

This ridiculous identification is ruining the reputation of small developers as every new program they develop and set up on a PC running Norton, is immediately deleted and flagged as being a threat, when there is no threat at all. Most users will believe Norton and then never take the steps (which are not simple) to get around the Norton false detection.

This needs to be addressed by Norton Now! It is ruining the good reputation of small developers because Norton is saying their software is a risk when it is perfectly safe and no risk at all.

If you are experiencing these issues with Norton please comment below.

regards

Steve

Ransomware Operation Taken Down by Cisco

October 7, 2015 // Posted in General, Main (Tags: , , , , , , , , , , , , , , , , , , , , , , , ) |  No Comments

Computer Hi-Jacked?

Computer Hi-Jacked?

A ransomware operation that it is estimated netted $30million a year by installing ransom software on unsuspecting users computers has been disrupted by security researches at Cisco.

The Angler Exploit kit, also known as the hack-by-numbers tool is sold in underground crime forums to people who don’t want to go through the hassle of developing and testing exploits themselves. Angler has the ability to successfully infect an estimated 40 percent of the end users it targets using attack code that surreptitiously exploits vulnerabilities in browsers and browser plugins. In many cases, the security flaws have already been patched, but, in some cases the kits exploit zero-day vulnerabilities for which there is no currently available fix.

A large number of infected users were connecting to servers operated by service provider Limestone Networks. With the co-operation of Limestone and examining some of the servers they found that the single operation was targeting as many as 90,000 users a day.

“This is a significant blow to the emerging hacker economy where ransomware and the black market sale of stolen IP, credit card info and personally identifiable information  are generating hundreds of millions of dollars annually, Talos researchers wrote in a eport about the takedown.

More information at http://talosintel.com/angler-exposed/

Upgrading Windows 7 to Windows 10

July 31, 2015 // Posted in Computer Tips, General, Main (Tags: , , , , , , , , , , , , , , , , , , , , , , , , , ) |  1 Comment

The best one yet

‘The best one yet’??

My experience of upgrading from Win 7 to Windows 10:

 

‘The Best One Yet’ is Microsoft’s claim but is that really true?

Well I was all excited when I received my ‘Update is ready to Install’ message and had already read some of the claims for this important day.

  • Takes about 1 hour to update.
  • Get Cortana for Windows.
  • All your software will be available.
  • We will automatically update your Antivirus Software.
  • The best one yet.

But the problems started well before this day, as Microsoft said you will get an icon in your taskbar to claim and install your free upgrade if your current version is a legal version.

Well that failed straight away as I didn’t get my icon in the task bar. So after some checking, it appeared you had to install an Optional Update from Windows Update, (they said it was automatic), and you had to be running IE 11, mine was IE10, so that wasn’t mentioned. When I installed the optional update and IE11 I did eventually get my update icon in the taskbar. On clicking it said your computer is compatible with Windows 10 and all your software will run with Windows 10. That sounded positive.

Ok the ‘Your Upload is Ready’ button appeared, so I restarted windows to begin the install. After about 30 minutes of no apparent progress, the PC re-booted and there it was, Windows 7, as it was before. That was not expected, I expected a nice new Windows 10.

OK let’s try again.

In order to start again it had to re-download the update files (why, when it already had them), so a 2+ hour wait while it downloaded the 2+GB of files, and the ‘Your Update is ready to install’ again. So off we go.

Again after 30 minutes of what appeared to be doing nothing (but the hard drive light was going crazy), and the PC rebooted and hooray, Windows 7 again.

OK let’s check the update status, “Update failed error code –    failed code 80240020

What is this mysterious error code 80240020 (Why can’t make error messages meaningful, like ‘Could not do this or that’ instead of error Code 80240020?

Ok so it seems an issue with Windows Update so the solution might be to reset Windows Update:

So:

  • went to C:\Windows\SoftwareDistribution\Download and deleted everything in the folder (not the folder).
  • open a command prompt with run as administrator and type wuauclt.exe /updatenow and hit enter, then type exit and hit enter again.
  • Go to windows update and The Windows 10 update is downloading again!! Another two hours.

After the download, the ‘Your update is ready’ message again, so another re-boot, 30 minutes of hard drive activity, but this time a message saying ‘Windows is configuring your updates 5%….’ etc. Perhaps this is a good sign?

After about 1 hour (remember Microsoft claiming the Update will take approx 1 hour’? Well we are at about 7 hours now already, and it isn’t because I have a slow machine, I have a Intel quad core processor with each processor running at up to 3.2GHz), another auto reboot and a new screen, looks like we are getting somewhere now, a big circle in the middle of the screen shows the current progress, this stayed on 1% for over 20 minutes. Almost 3 hours and 4 reboots  later 100%, Yay ..

Another re-boot and a new welcome screen, logged in and, and, and just a black screen, better not do anything as the hard drive is doing something, goodness knows what. One hour later windows started (perhaps this is the One Hour Microsoft was talking about?

Then another message ‘We are updating some settings and apps for you’, after another 40 minutes ‘This is taking a little longer than usual – please wait’ , eventually the message changed to ‘Almost there now’ , wait, wait, wait.

Eventually a bright new windows 10 interface. (Looks pretty similar to Win 7, with a few display enhancements, perhaps that was why 7 could be upgraded and not a new install?).

Now the fun begins, remember Microsoft said , we will set up your programs for you and update your current anti-virus software? And they said my programs were all compatible with Win 10. Nuh. Windows 10 removed my antivirus software (AVG) and PC TuneUp (AVG) completely.

Tried a repair on them as they both still appeared in the Add/Remove programs, and although they both said successful, they both failed. So uninstalled both and re-installed, and eventually they are working.

I haven’t yet checked all programs, to see if they are all there, not very confident that they will be.

Ah Hah, just remembered, let’s try out Cortana or whatever it’s called, they say you must have an English System (Check), your region must be set to Uk,US etc (Check set to UK), try to access Cortana, message “You cannot use Cortana in your Region”), I live in Thailand., but my region is set to UK as is my language, and these are the requirements Microsoft says, so it looks as though it looks at your IP address and blocks it on that. So does that mean that if you have active Cortana in the UK if you take a trip to another unsupported region (by IP address) Cortana doesn’t come with you?

Then there’s the new Edge Shop – Can’t get that to work for love nor money, for free items, just keeps saying try again later.

It’s not going well is it?

Then there’s the unconfigurable display interface, the squared forms with no borders etc that are not very elegant or appealing, IMO, and no way to change them like in 7 and earlier versions.

There was another claim about Windows 10 that Microsoft made, ‘it’s Faster’ – Sorry Microsoft – I have to disagree there, it is much slower starting up that Win 7, programs load slower, Win 10 uses much more memory (and 32 bit still not able to use more than 4GB), which means the disk cache is used more and again slows things down.

So I am not that impressed as yet, and certainly think the “The best Yet’ is not a totally true statement.

I will now have a play for a few days and post again once I have fully tested it. Watch this Space!

Steve

 

 

 

 

 

Win7 – 2 ways to stop some of the hangs

September 15, 2014 // Posted in Computer Tips, Tips and Tricks (Tags: , , , , , , , , , , , , , , , , , , , , , , ) |  1 Comment

win7sDo you get hangs in Win 7 and sometimes cannot open programs or click on menu items?

Here is how to fix issues from two sources:

1. 16 Bit Programs – “16 bit programs in Win7?”, I hear you say. Yes believe it or not Windows 7 has several programs that run in 16 Bit mode, particularly some of the message pop-ups used by the system and UAC (User Access Control).

The pop-up from UAC, you know, the one that comes up to say “Do you want to let this program …….”, this often hangs and the program selected doesn’t load, and if you look in Task Manager you will see one or more copies of consent.exe (used by UAC) running but doing nothing, occasionally you may get a message to say ‘Too many 16 Bit programs are running’.

I too, was amazed when I discovered Win7 still used 16 Bit programs, I thought they all disappeared with Windows 98, or at least XP, but no Win 7 still uses them.

Because of that the 16Bit programs rely on the files and buffers settings in the config.sys file (remember that from the Windows98 and XP days). In many installations you will not find a config.sys file in the root folder, or there may be one that is set to hidden and system so you don’t see it in file explorer.

Let’s get back to fixing the hanging by UAC and the not being able to click buttons etc.

Create a new text file in notepad or the like and add the following two lines:

FILES=120
BUFFERS=1000

Then save the file with the name config.sys to your desktop.

Copy the file on the desktop and then in my computer open the root folder on drive C and paste the file.  You may get an “access denied” message.

If this happens you may want to view all hidden and system files to see if config.sys exists, if it does view it in notepad and you may see some text in it, but most likely it will either be empty or just contain FILES=20. If there is other text in there copy it and paste it into the config.sys file you just created on your desktop after the text you added, (remove the FILES=20 and leave the FILES=120 you added) and save the file.

Copy your file again and then select Start > All Programs > Accessories, right click Windows Explorer and select ‘Run As Administrator’ say Yes to the prompt. Browse to the root folder on C and paste the file you copied, you may get a ‘File exists overwrite?” this time say yes to overwrite and you new config.sys file will be in place.

Re-Boot your PC and you should no longer get the hangs when you start a program.

2. AVG Anti-virus and Constant Disk access and high disk queues in resource manager – If you are running AVG Internet Security 2014, you may have noticed that most of the time your hard disk in use light is permanently on and programs become very slow to respond and open or save files. Folders too are slow to open and icons or previews take ages to appear.

I have narrowed this down to AVG antivirus, and have found that after about 3 months following installation, something goes awry in AVG, and it starts constantly accessing the hard drive (Even when scans are not running or the PC is idle), so your hard drive is working it’s socks off and has to queue access by other programs whilst it waits for a break in AVG’s access, this makes your other programs slow and puts excessive load and wear on your hard drive which can lead to hard disk failure, not something you really want.

Here’s my fix, and it works every time for me. (make sure you have your license key ready as you will need it).

  • Download the AVG Full Installer (not the on-line installer) you can get it here http://www.avg.com/ww-en/download
  • Uninstall AVG from Control Panel > Add/Remove Programs.
  • Reboot your PC
  • Install AVG from the file you downloaded.
  • Wait for the updates to install or if they don’t start automatically, Choose Check for Updates.
  • When you see the AVG is up to date, reboot your PC.
  • Next time you use your PC once Win7 has loaded everything and settled down, watch the hard drive light, It hardly ever comes on except when loading a program, saving, or a quick flash every now and again.
  • Your hard drive will now last much longer than it would have done, and is less likely to fail.

Hope you find these useful

regards

Steve

 

 

 

Warning – Do Not Install Winzip Driver Updater

June 27, 2014 // Posted in Computer Tips, General, Main (Tags: , , , , , , , , , , , , , , ) |  No Comments

I received an email today from WinZip asking me to download FREE their driver updater program.

Being a winzip user for many years I thought I would give it a try from what I believed to be a reputable company.

However, I soon found out that they are not as reputable as I thought.

Why? I hear you ask.

1. The download was from their own site, and following the install AVG reported that one of the files in the installation pack was Malware that installs an adware program on your PC called MalSign.Systweak.44F, AVG soon fixed and removed the malware. This is not good from what should be a trustworthy supplier.

2. I ran the program to see what drivers could be out of date, The Winzip Driver Updater reported that all 23 drivers were out of date and needed updating, this seemed a little strange as my PC is relatively new and has only had all drivers installed in the past 8-9 months. I thought I would try updating one of the drivers so I could check the version etc., but I could not as the program said I had to pay for a ‘Full’ version to update any out of date drivers. I therefore decided to uninstall the program as I wasn’t going to pay for software that wanted to update all my drivers.

Once I uninstalled it, I tried windows update to see if they found any drivers out of date : Result – No drivers out of date.

Then I tried AVG’s PC Tune Up and guess what : RESULT – ALL Drivers are up to date.

Then I tried ASC’s (Advance System Care) Driver Booster and again guess what: RESULT – You have the latest drivers – no updates needed.

So it is clear to me that Winzip send you a ‘FREE’ download of a program that no matter what drivers you have, say they are all out of date just to get you to buy a version that allegedly updates those ‘out of date’ drivers’.

This is clearly a scam and not what you would expect from what seems to be a reputable company. They clearly are NOT reputable and this type of practice should be able to be punished in law some way, as it is misleading, makes false claims and  promises and is in my opinion,  fruadulant.

You have been warned – don’t get caught out. Use AVG Pc Tune Up or ASC Driver Booster (FREE) instead.

Steve

 

 

 

 

 

SEO Principles

May 24, 2014 // Posted in General, Main, Tips and Tricks (Tags: , , , , , , , , , , , , , , , , , , , , , , , , ) |  No Comments

Google

Google

Search Engine Optimisation is key to your site being found on the Internet.

SEO is your way of improving your website’s ranking in Google, Yahoo, and Bing. The more time and possibly money (if employing an external management  company) you spend on SEO, the more chance you will have of being the first search result listed by Google – which is the ultimate goal of any website and to be easily found by your potential customers.

The simplest technique is by altering the text, or ‘content’ on your website. To do this you must first understand your website’s target audience, who are they and what words will they type into Google when they are looking for this particular service or product?  There are of course many possibilities, and it is important to investigate those options and compile a list of your best appropriate keywords and phrases.

Once your keywords and phrases have been researched, your content can then be re-structured effectively so that it is ‘optimized’ and SEO friendly. You can have professional help with this, so talk to an SEO specialist company about what they would recommend. Other important actions include linking, (both internally – from your own site, and externally – other websites providing good linksto yours preferably from PR3 or higher sites) and implementing meta-tags, sub-headings, and website descriptions on all of your web pages. Content is king, so your success will be determined by the quality and relevance of your page content.

Important SEO principles  like ‘Black Hat’ and ‘White Hat’ SEO strategies. These two are very different  and it helps to understand the differences between them before talking to an SEO company about tactics for your website so you can make the right decisions.

‘White Hat’ SEO companies will use or recommend good design, good relevant content and appropriate linking. These will achieve longer lasting results and ranking.

‘Black Hat’ SEO companies, on the other hand will use underhand and inappropriate tactics to get fast results but at the expense of long term strategies and a sustainable website. They will hide bulk keyword text by using a background colour the same as the text so the text doesn’t display, or use font-colours to do the same or very small font sixes so that the text is not readable by humans. This will result in an immediate increase in ranking initially in some cases, but it won’t be very long before the search engines start imposing penalties on those sites and may even remove them from their search results completely.

So if you choose to use an external SEO company, be aware of these two types of SEO companies and ensure you choose the right one.

Keep up to date with what search engines are considering when ranking web site pages and adjust your content accordingly regularly to keep your site high in the rankings.

Also make sure you re-submit your site map to search engines regularly, and every time you make major changes to your site to keep your search results accurate and not link to now non-existing pages or content.

 

 

Santa has been and gone and you have a new device.

January 2, 2014 // Posted in Computer Tips, General, Main (Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ) |  No Comments

santagiftsYes Santa has been and gone and the festivities are now over.

 

You may have gotten a new device from Santa, but he forgot to include some very important items.

So if you did get a new device, a laptop, home PC, tablet, phone or other mobile device don’t forget to add the following important items:

  • Set up a master pin code or password so that if your device gets stolen or lost, the person that currently has it in their possession cannot use it easily.
  • Install anti-virus and anti-spam software to protect your device. I have tried many different AV programs over the years and I have found the best to be AVG Total Internet Security, it doesn’t add too much overhead to your system, always appears to install correctly first time, is updated automatically very regularly to keep you protected, and gives full protection. On Mobile devices the AVG solution is also very effective and adds additional feature which I will cover a little later.
  • If your new device is a mobile one with GPS, install location software, AVG’s mobile solution has this facility and will allow you to find out where your device is if it is lost or stolen.
  • Again if your device is mobile install remote wiping and locking software, so if your device goes missing you can set it to sound alarms if  someone attempts to use it, you can lock the device and even delete everything on it by issuing a command over the internet. These features are also available in AVG’s mobile solutions.
  • Many mobile devices allow purchase within Apps, make sure you turn these off so that you do not accidentally make purchases.
  • Check your privacy settings in all devices, laptops,PC’s and mobile devices, and make sure you are not sharing something you do not want to.

Protect yourself, as your device will not do it for you without the right additions.

Happy New Year and enjoy your new device safely.

Steve

 

 

Is the Internet doomed as we know it?

December 31, 2013 // Posted in General, Main (Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , ) |  No Comments

Computer Crash

Is the Internet breaking apart?

 

The reason I ask this question is based on four important facts.

  • China’s Great Firewall segments the Chinese Internet so that the chinese have great difficulty accessing anything outside China.
  • Russia has now planned legislation so that Russian Internet users cannot access foreign services.
  • In November Germany  said that all communications between the German authorities would be fully enforced to stay within the country.
  • Brazil have also announced plans to create an alternative Internet channel so as not to go through the United States.

The Internet appears to be breaking up into national sectors. In addition, probably driven by the US’s interception and recording of personal transmissions over the Internet (spying in effect), more countries are considering restrictions within their national boundaries.

Countries appear not to want their information and citizens comments to be available outside their own countries any more, and with countries and continents now making restrictions to how the Internet can be used within their countries seems to be adding to the velocity of these actions. So this could be a killer for some businesses that get a lot of their income from sales outside their home country, if they are not allowed access to those customers any more their businesses will surely suffer.

You will be aware of the EU legislation, which initially insisted on explicit acceptance of cookies on EU targeted web sites, later watered down to implied acceptance. This created considerable confusion and concern from countries outside the EU, who wanted to reach the EU customers, but were not sure if they had to comply with the cookie legislation, hell, there was even more confusion within the EU as no one was clear on exactly what was required or expected. There are still many sites that do not comply with the legislation that should, but I have not yet heard of one warning or prosecution by the authorities. So what was that cookie stuff all about?

So over the coming year or years, I think we will see more of the Internet breaking up into national segments.

Then there is some other issues that will affect the Internet going forward.

The number of Cyber Attacks on big financial organisations are increasing and that’s likely to continue, with additional attacks on government organisations rising too.

Hacker’s lives are being made easier too, with more and more sensitive data being committed to the ‘Cloud’ it is without doubt more accessible to the devout hacker. In addition there are  hundreds of staff that are managing this ‘Cloud’ data in individual organisations. How do we know whether one or more of them that has access to this data, is not extracting it any selling it on or using it themselves for personal gain?

IMO it is best to keep data such as this securely in-house where it can be monitored and controlled effectively rather than store it on third party servers, where you really have no control at all, just their word that it is safe.

Phishing is also on the increase and no-one seems to be able to stop it or spamming.

So what is the future of the Internet for 2014?

Will it be anything like it is now in 2015?

 

 

 

Who is Google sharing your info with?

December 31, 2013 // Posted in General, Main (Tags: , , , , , , , , , , , , , , , , , ) |  1 Comment

Google

Google

I ask this question for one reason.

 

A short while a go, I was searching online for a Code signing certificate and was also looking at the hosting options currently available to see if there were any exceptional deals.

That was fine, did some searches and found some of what i was looking for.

Then I went into Facebook, now call this a co-incidence if you like, but I do not think there was any co-incidence at all. Google is sharing my information with Facebook!!

How do I know this?

Because now when I go into Facebook, I keep getting bombarded with adverts for SSL certificates and Hosting companies, and no there is no co-incidence about it, as I had never had an advert for SSL or Hosting on Facebook before, until I searched on Google for them.

If Google are sharing your browsing and search history with Facebook, what and with who else are they sharing?

Be aware and careful out there.

Steve

 

%d bloggers like this: