FamousPhil.com -- Home My Calendar Youtube LinkedIn Facebook MySpace Twitter RSS Blog Feed

Blog Navigation

Blog Home



Partners

Compiled Thoughts
Debbie's Photo Site
FamousPhil.com on FaceBook
Matthouse Hosting
Wearing Social
Partner with Us!

Latest Activity

MySQL Singleton Classes in PHP and Python

Phil gives the source code for implementing a MySQL singleton class in both PHP and Python.



Malvertising, its much worse than you may think

Posted on: July 30th, 2010 by Famous Phil

Today’s blog kind of got pushed to the top of my to do list after I finally obtained a virus that I have been trying to get now for the past year and a half!  This basically deals with a type of malware which comes from advertisements on websites you visit. For many years now, I have always wondered, how can someone walk into my room, get on my computer, and have a virus on it within 5 minutes.  After all, I haven’t gotten a virus now in at least 5 years!!!  Is it the surfing habits of people, or is it just that I don’t visit “those” types of sites.  I’m going to go into a little detail today about what I’ve found out.

At one point or another, I’d say that at least half the population that uses a computer has seen some sort of a virus.  The most popular virus as of late (I’m talking the past 2 years) is the Antivirus 20xx Virus.  Its usually labeled Antivirus 2008, 2009, or 2010 and looks like an antivirus program.  The only trick is that it isn’t.  I’ve always wanted to figure out how this virus enters the computer because I’ve seen it so much now that I’ve become an expert at removing it without tools.  I’ve also given a few lectures (as a Teaching Assistant) on viruses, but without the virus as an example, it is really hard to show how infections occur and how to prevent them.  So instead, I just gave the usual lecture about run Windows Updates, Antivirus protection, and use Firefox or Google Chrome instead of Internet Explorer.

So now, lets get into how I actually found the virus.  Yesterday, I was talking with my friend, John, about the normal crap we talk about and John brought up that he was fixing a Windows XP machine that was infected by Antivirus 2010.  He mentioned that it was a popular virus (which I already know).  Up until that point I have fixed at least 10 computers with the same infection.  The only common thing I could come up with between them (in most cases) was that the user had Yahoo! set as their homepage, Windows update was seldomly ran, and Internet Explorer was the main browser.  John also came up with very similar characteristics.

Normally I give a walk through to everyone who I repair computers for that includes click ok to any updates to symantec antivirus and windows updates, this is what that screen will look like, etc.  Contrary to popular believe, some of the biggest updates DO NOT get installed automatically for Windows.  For example, internet explorer 8 right now is considered a non vital update, so is Windows Vista Service Pack 2.  Both of these updates take a long time to install and require the user to initiate them.  To do so, the user should get in a habit of running Windows Updates monthly at the very least to manually check for these updates that don’t automatically install.

Yesterday, as a test, John left Yahoo open in Internet Explorer on his fully updated computer and he noticed that a risk was found.  After hearing that, I too ran a similar test.  I follow all of my instructions and I verified that my computer had the latest version of everything.  I managed to find a risk within 5 minutes of simply reloading the yahoo page.  This completely shocked me and confirmed what 2 of my last customers said they were doing when they got the virus (working on Yahoo Mail).  The risks that I found could easily give me the virus that I’ve looked for.  Of course, I’m a bit smarter than most and I killed the Internet Explorer window through the task manager when the risk showed up.  I will still probably restore my computer though a hard drive clone I made a month ago to verify that nothing bad did happen.

I always thought that the culprit was free porn and file sharing (emule, limewire, torrent, etc).  I have always known that free videos and music can contain malicious software on the inside encoding that can cause your computer to execute a virus installer.  I never thought that this could happen from viewing a simple advertisement.   So now that I know the culprit, is there anything you can do to protect yourself?  Of course there is.  First, I strongly encourage you to dump Internet Explorer.  I have never seen “Internet Explorer” and “Secure” used in the same sentence with correct grammar (there is no correct way to put those 2 into the same sentence truthfully).  The first step to protect yourself is to Goto http://www.getfirefox.com or http://chrome.google.com and download Firefox or Chrome, then install it.  I personally like Firefox more, but others push Chrome too.

Now comes the controversial part of the solution.  The internet is mostly ran on Advertising (sadly) meaning that there is a lot of controversy with blocking advertising.  FamousPhil is a more a hobby site so I never intend on having advertisements on this site that I don’t have full control over.  Sadly, some of the biggest sites, including Yahoo, Fox, Google, and others have malware placed within their dynamic ads (as per my testing).  It may or may not be any fault of their own (there are hackers out there), but malvertising is a major security risk.  I have always run an ad blocker (which is probably why I have never gotten anything).  My reason has always been that I’m on a slow connection and without ads, my internet is so much faster.  Therefore, I have never strongly recommended ad blockers until today, but I always put them onto comptuers that I fix for clients.  Now I feel that without ad blockers, this malware will get into the computers of innocent people.  Being a computer technician, I really hate seeing the same problem / computer over and over.

So with that said lets apply an adblocker to your browser of choice above.  To install an adblocker for firefox, simply open up firefox and goto tools -> addons.  Search for the addon “adblock plus”.  Install that addon and restart the browser.  Upon restart, you should see a screen asking what filter you want.  I am an avid fan of “easylist usa” which blocks just about everything that is advertising related.  For chrome, you want to click on the wrench (tools) and goto extensions.  Then you want to browse the gallery.  The first adblock by gundlach is the one you want to click on.  Then click the install button.  The extension will pop up a window that says install, so install it.  After that window goes away, simply exit google chrome and go back into it.  Ads should now be gone.

I really hate having to recommend blocking ads, but hopefully after enough people block ads, the advertisers will realize that their ads are doing more damage than good and will fix that.  Until then, If you want to avoid viruses and crap, I’d strongly recommend using one.

Tags: , , , , , ,
Posted in Technology
|| 11 Comments »

Online Backup: Avoiding Disaster

Posted on: July 23rd, 2010 by Famous Phil

I am delighted today to bring you a guest posting from Alexis Bonari!

Anyone who does any sort of work on their computer can tell you a hard drive crash is the stuff nightmares are made of.  While it’s easy to pass judgment on such individuals for failing to use an external hard drive, doing so is admittedly time-consuming and, in some cases, expensive.

The solution: online backup sites. For a small fee, these off-site servers back up all data stored on the computer in case of a hard drive failure.  Here are the top three such services and what they have to offer:

1. Carbonite
(http://www.carbonite.com/en/default.aspx)
For only $54.95/ year, Carbonite offers unlimited backup on their server.  No matter what your computer’s storage limit, the Carbonite system can handle it.  For security purposes, files are encrypted before being sent to the Carbonite server for storage. For ease of use, the files are automatically backed up each time the computer is connected to the Internet. Restoring the files is as simple as logging into the Carbonite website and clicking the “restore” button listed on your account.

2. MozyHome Free
(http://mozy.com/home/free)
Unlike Carbonite, Mozy doesn’t charge a fee for the first 2 GB backed up.  The system for retrieving files and backing them up is essentially the same the one used by Carbonite.  If you want to store more than 2 GB, Mozy charges $4.95/month.  This gives you unlimited data storage for only slightly more per year than Carbonite.

3. SugarSync
(https://www.sugarsync.com/)
Many experts believe that online syncing represents the future of online backup technology.  SugarSync.com is the current leader in online syncing technology. Instead of simply backing up a set of files on one computer, SugerSync notifies other computers and devices you’ve listed of any changes made. You can work from nearly anywhere in the world and have your files backed up in real-time by the Sugarsync server.  Devices supported include Mac’s, PC’s, Ipads, smart phones, and many others.

Those who sign up get a 30 day free trial.  After that, the price goes up to $10/month for 60 GB of storage.  While the limited storage and the higher price might be prohibitive for some customers, many are happy to pay extra for the ability to sync documents over multiple devices.

Bio: Alexis Bonari is a freelance writer and blog junkie. She spends much of her days blogging about Education and CollegeScholarships. In her spare time, she enjoys square-foot gardening, swimming, and avoiding her laptop.

Tags: , , ,
Posted in Technology
|| 18 Comments »

Exchange 2010 Update Rollup 4 Via Windows Updates – Caution this Update!!!

Posted on: July 14th, 2010 by Famous Phil

This is the revised version of my initial blog last night:

I always perform updates monthly on all of my servers beginning at 10:30pm Eastern Time of the Wednesday following the 2nd Tuesday of the month (to stay in line with Microsoft Updates).  I know a lot of Windows admins look at the 2nd Tuesday of each month as “Black Tuesday”, and I now have a first hand incident that has me dreading it also.

So last night, Windows Updates recommended I install Exchange 2010 Server Update Rollup 4.  I have never had issues in the past, so I quickly looked into known issues and guidance.  Nothing was listed with a Bing / Google search (I use Bing more when I’m dealing with Microsoft technologies).  Anyways, last night the updates took about an hour to install.  Once done, I rebooted as normal, but Outlook Web Access didn’t ever come back.  After some investigation, all of the exchange related services that make exchange work were disabled.  I’m not sure why this was, but I began troubleshooting lots of stuff and the I have 2 theories for what happened (I did both at the same time so it could be either one).

I first tried to remove the update rollup that Windows Update installed but was asked for a DVD that I don’t think was ever made and released by Microsoft!!!!  I also tried a system restore which lead nowhere since it doesn’t exist on Server 2008.  After this, I was considering my options, I tried 2 things at the same time which worked to fix the issue and get Update Rollup 4 installed (thankfully).

Theory 1: The updater package disabled the web service and since the web service had to be up to be updated, the updater failed to update everything successfully.

Theory 2: The previous update rollups (I had update rollups 1, 2, and 3 all installed) were interfering with the new update rollup.  So I removed all 3 previous ones then reinstalled update rollup 4.  Note that I had to uninstall all 3 of these with the broken install of rollup 4 still listed in the optional remove panel. Once I was ready to reinstall update rollup 4, only update 4 was listed in the installed updates for exchange section of Windows Updates.

Steps to fix such an error:

1. don’t panic or get impatient, this will take about 3 hours

First remove any previous update rollups from the add/remove programs in the control panel for applied updates.  Each one will take about 15 to 30 minutes to uninstall.  I started with rollup 3 and worked my way backwards.

2. get the official rollup 4 package from Microsoft’s website

3. open up an elevated (run as administrator) command prompt and change directory to the file that you downloaded

4. execute the rollup msp file – don’t do anything once the installer loads yet

5. open up the services console (under administrative tools)

6. start the updater… as soon as it is done with the stopping services text, immediately goto the services console and enable both the iis admin service and world wide web publishing service, also START them immediately.  There is about a 60 second window to do both (start the www publish service first)

7. let it install, afterwards you will need to re-enable all of the exchange related services that were running prior to the original windows update (I hope you have a good memory, for my server, it was all but the edgesync service)

8. reboot the server

9. hopefully exchange will work again, for me it did.  Apparently Microsoft released a bad update to Windows Update this past black Tuesday and it caught me off guard :P

Anyways, I hope this information is useful for other Windows Admins that are in this situation without any option but restore a complete system image and have lots of downtime while Exchange’s latest email is restored.

Posted in Hosting / Server Administration
|| 15 Comments »

© 2006-2011 All Rights Reserved
Login