Digital Choke Daynotes

 Monday, May 16, 2005       mail    link   the story

Two problems greeted me at work this morning. The first was complaints from users about the dozens of German spam mails that cluttered up their inboxes over the weekend. I looked at a couple of samples, and found they were just messages without any viral attachment.

What was unusual was that McAfee hadn't issued an update since Friday. This email (Sober.P, if you are interested) was quite prolific over the weekend. McAfee had a 'generic' "Sober" detection, but that didn't seem to work. Which stands to reason, since the messages didn't have any attachments. They just had some German text along with a link.

McAfee released an update by about 9:30am this morning. And the SurfControl software updated their spam definitions about the same time, so the number of Sober messages dropped down. At least, the complaints from the users dropped.

There is some interesting fallout from this incident in the way that the Sober series works. Still digesting all the implications, so perhaps will write more on this another time.

The other problem had to do with user shares on the new development web server, along with some internal DNS resolution errors. The DNS resolution was fixed quickly, and I'm doing a bit more research on the user shares problems.

I went back to my mother-in-law's house to work on the garage door problem. A couple of the rollers are broken. I haven't been able to find a replacement roller with the correct sized shaft. It's an older door, and the shaft diameter is smaller than what I've found in the local hardware stores and 'big box' home centers.

As a temporary fix, I took some rollers from the other door, which is not used much. And I put some lithium grease on the rollers and tracks. So that door is working OK, and I'll keep searching for the correct rollers. I understand that you can find almost anything on that "Interweb" thing.

 Wednesday, May 18, 2005       mail    link   the story

Yesterday's project at work continued with the web server. One page has files that can be downloaded. The files are PDF or DWG (AutocadZ) files. When you click on the link for the PDF file, you get the "save" dialog box so you can download the file. But the "DWG" link gave an error.

Turns out that Win2003 Server handles MIME types differently. Prior versions had a default "any file type" availability. This can be a security risk, so the "wildcard" file type was not included in Windows 2003 Server. And since the "DWG" file was also not in the MIME list, that file type couldn't be downloaded.

We thought there were some "rights" problems with the folders or files, but that wasn't the case. We just needed to add the "DWG" MIME type, set if for "application/octet-stream", and all was well. Along with gaining an additional tidbit of knowlege.

There were some other minor issues that needed resolving, but the project is working well.

On the security front, there is a interesting and detailed look at how "phishing" works, along with the use of "bot" networks to host phishing sites. I found the link on the SANS Internet Storm Center (http://isc.sans.org), in the diary for today. Here's the link to the actual report. Interesting techniques are being used for the automation of the attacks, and hiding the phishing web site. Many times, the phishing web site is hosted on multiple compromised computers or 'bots'.

There are a lot of links to additional information in the main report, including the analysis of the phishing traffic. Some of it is a bit geeky, but interesting reading. There is a lot of information to digest in those reports, but they are quite thorought. An interesting project.

For those of us on the "left coast" (of the USA), earthquakes are possible. So the US Geological Service has come up with a daily earthquake forecast map for California. Here's the link.

And have you ordered your PalmOne "LifeDrive" yet? It's a PDA with a 4GB hard disk, Wireless (801.11b, with only WEP encryption, though), Bluetooth, and a nice color screen that can display portait or landscape mode. Tempting.

 Friday, May 20, 2005       mail    link   the story

Continuing with the web servers yesterday and today. Mostly some fine-tuning, along with documenting settings, and instructions for the web team on how to connect to their content.

We're using the "Serv-U" FTP server program from Rhinosoft. Good product, pretty easy to set up, and their email support is fast and accurage. They have varying levels of products based on the number of user connections and FTP sites, but the price is still reasonable. You can download a 30-day evaluation, with full features. No limit of any of the features, other than a minor evaluation reminder screen when you start up the administration program.

I've used their FTP Voyager (FTP Client) for years without any problems. Both products are recommended.

I got a new book "Inside the Spam Cartel". I've read just the first couple of chapters, but so far it is an interesting read of how spam works ... and how profitable it can be. If you don't mind being a spammer, you can make some serious money with it. Your initial investment might be $10K, but you can easily make much more than that with just a couple of mailings.

As I have said before, spamming only works because people click on the links. Just getting people to click on a link can bring in revenue. Buying a product, even if it's signing up for a paid web site access of some sort, makes you more money.

I'll let you know how the rest of the book is. But so far, it is fairly interesting.