Jun 242009
 

Few days ago I had problems with the sites I am playing. The reason of the problems was a vulnerability in the Firefox not in Windows so it was a little bit harder to find and understand.
So,  Thunderbird was so kind to allow download of a malware. It is added by the W32/Zotob-I worm. This infection, when started, it connects to a remote IRC server where it waits for commands to execute. I installed the TCP view from sysinternals.com and I have take a look at what is happening. My infection script start to open a lot of ports and listen to be connected to remote attacks. In one of this session, a ftp connection was up and some passwords was stolen. From here to have the sites modified was piece of cake.
To clean this issues I installed TCPView ( sysinternals ) which is a useful tool to see what connections are in use on the computer.

After I have installed Hijack This from TrendMicro.com to see what processes are starting at Windows boot. In the same time TrendMicro’s tool is able to clean the suspect entries and give explanations about every program started by the system.
The worst thing in all this adventure is that a site I am maintaining for a friend was down few times and this, you can imagine, is not a good vote for my expertise. Bellow is an example on how it looks the screen for this job in action.
Good Luck and  safe websites 🙂

SERVICES.EXE:712    TCP    192.168.2.2:2028    206.46.232.11:25    ESTABLISHED
SERVICES.EXE:712    TCP    192.168.2.2:2030    216.39.53.2:25    ESTABLISHED
SERVICES.EXE:712    TCP    192.168.2.2:2035    217.72.192.149:25    LAST_ACK
SERVICES.EXE:712    TCP    192.168.2.2:1830    216.18.67.184:25    FIN_WAIT2
SERVICES.EXE:712    TCP    192.168.2.2:2012    64.12.138.120:25    LAST_ACK
[System Process]:0    TCP    192.168.2.2:1996    61.9.0.187:25    TIME_WAIT

Jun 112009
 

This days I am dealing with some infected files in my sites. I have seen thet this bot is inserting two iframes in files containing in their name “index”,”default” or “home”. On this blog the files infected was /index.php, /wp-admin/index.php, /wp-admin/index-extra.php, wp-includes/default-filters.php and /wp-content/themes/../index.php . All this files were containing the two iframes pointing to the two .cn sites. Looks to be a vulnerability on the server as far as all sites hosted at the same IP were modified.

So the fastest method to repair is replacing the infected files containing the malicious code inside with some clean files from default installation or open with an editor and clean manually. After it, has to be secured the website by adding a .htaccess file with the rules to block the malicious visitors and of course install some useful plugins as firewall and file monitor.

The plugin WordPress-Firewall is available to download here


Later on I will post a model of a .htaccess file

Jun 022009
 

The author of this article is Aniruddha Badola and I decided to republish it as far as describe better than me the reality about SEO.

As a small or medium business owner, you may want to advertise and promote your website as economically as possible. In recent years, Search Engine Optimization (SEO) has emerged as one of the surest and cheapest way for long-term business promotion. A typical business owner is not expected to be knowledgeable about SEO and its benefits.
Even if an owner knows what it means SEO, he/she is not sure how to choose an ethical SEO who can get the job done at the best rates and within timeline. Choosing a SEO consultant or company for your website can be a tiring and overwhelming experience. Every SEO specialist will boast about adopting latest path breaking SEO techniques, testimonials from clients and gurantees of #1 placement on Google. But how you as a non expert select a genuine SEO consultant? Listed below, are few pointers on how to detect a fake SEO consultant.

1. #1 Google ranking for Website: If any company guarantees you that they can place your website on number one position on Google for your keywords then take my advice – RUN in the opposite direction. Its obvious this company is desperate to get business and is willing misleads you to get your hard earned cash. No company can make such claims. Google’s algorithms are one of the best kept secrets. What SEO companies can do is optimize and promote the website according to widely known principles, intelligent guess work, best practices and lot of hard work. At most a company can claim that they can acquire good ranking like top 10 on Google. But even then, verify their past track record to guess on how the fared with other clients.

2. Very Low Prices: Many companies charge ridiculously low amount of money for quite a lot of service. As an astute business person, you can intelligently deduce that any work that requires hours and hours of hard work, research and analysis by a team of experts cannot come cheap. Most of the times, specialists from various fields like programmers, content writers, SEO analyst, link builders etc. pool their resources to make a site successful on Google and obviously SEO services cannot come as cheap as many companies charge.

3. Secret and Proprietary Technique That Cannot be Revealed: I don’t think we should even elaborate on this. As the owner of the website, you should be aware of what’s happening to your site and what steps are been taken to optimize and promote it.

4. Recommending Black Hat Techniques: Lot of companies recommends shady tactics known as black hat practices to get your site up in search engines. Not only these practices have very short term benefits but they can be very counter productive because search engines eventually catch website following these shady practices. Many websites big and small have been heavily penalized for using these techniques. So play safe and avoid these SEO companies like plague.

5. Using Outdated Techniques: Once upon a time, techniques like reciprocal link exchange, keyword stuffing etc. were used to get good rankings. Google and other search engines have wisened up and rank a site for its worthiness and not just back links and keyword stuffing. Choose a company that will recommends steps to make your site useful & relevant and not take short cuts.

If you keep these tips in mind while choosing a SEO company for your website then it’s very much possible that you will finally select a SEO company that knows their job and can handle your website promotion very well.

================================================

Courtesy of Author: Aniruddha Badola

Enovabiz Solutions is a professional Search Engine Optimization Company Offering SEO Consultancy and Online Marketing Services to realtor and real estate agents all over the world.

 Posted by at 05:53  Tagged with: