An Exciting Morning

Good Afternoon Friends,

If you’ve visited any of the multitude of sites hosted by Weigold Enterprises today, you may have noticed either a very slow response or a simple time out.   It turns out that we’ve been the victim of a distributed denial of service attack directed at a number of the domains we support and originating from locations around the world including numerous from China, Russia, England and even a couple from the United States.    We’ve been working all morning to identify and block the sources of the attack and we’ve made significant progress.    We believe our servers are back operating at capacity at this point.    As part of the corrective action we’ve taken, we’ve further tightened our “lock out” specifications, blocked additional address ranges known for inappropriate activities and added more real time monitoring capabilities.

As you can probably imagine, it’s been an exciting morning.  We don’t expect to prevent another such attack on our services, but with the additional effort and capability we’ve installed, we hope to prevent another such attack from becoming a serious disruption to our customers.    Thanks for everyone’s patience as we worked through this issue.

Steve

Security Patches – February 2011

As we were reading over the descriptions from Sophos of the latest security patches released this week from various vendors, we were struck by one Microsoft patch in particular.  Apparently a flaw was discovered in a particular type of font that would allow remote code execution.  All it would take to exploit this flaw would be to craft a malicious font and get users to view a website showing the font.  You can read the details of this specific vulnerability here.   You may also be interested in Microsoft’s description of the patch.

That’s it.   You view the website, it shows the font.  The malicious font, rendered by your browser, causes bad code to run.    If that’s not enough to make your blood run cold, it should be.  Imagine if some malicious site were tied into some facebook scam like the recent “facebook stalker” one, or how about the “number of profile views” one.    Perhaps a specially crafted email fooling you to go to a malicious page.

This is another perfect example of why you need to be diligent about updating your virus and malware software often and making sure your software security updates are done.   Make sure automatic updates is turned on.  Set it to prompt you with updates if you don’t want it installing automatically.   Don’t ignore that icon though.  Watch for updates from your other software vendors and install them.

Windows isn’t the only one with security flaws.   Adobe has released critical updates affecting it’s reader product this round too.

WP Sentry Support

Well friends, it would seem it’s the end of one era and the beginning of another.   WP Sentry author Pete Holiday has decided that he will no longer be supporting or developing his awesome plug in.   Here’s the excerpt from his site:

Update 1/26/2011: I spent some time at the beginning of this month looking into what it would take to update WP Sentry for the latest WordPress version, during the course of that exploration, I discovered that due to a drop in the number of blog posts I write, combined with my decreased desire for them to be private, I have no personal stake in the plugin any more, and there are things I’d prefer to spend my time doing. As a result of these realizations, this plugin has been discontinued. No further support or development will be done.

We certainly understand Pete’s position, but we also don’t want to see support for his awesome plug in to go away.   So, we’ve been in contact with Pete, and he’s agreed to let us take over support!

Update 2/8/2011: While I will no longer be working on WP Sentry, an enterprising user — Steve Weigold — will be taking over development and support. You can find more information on his WP Sentry site. The existing WP Extend repo will be transferred to Steve, so existing WP Sentry users shouldn’t have to make any changes to continue to receive WP Sentry updates in their dashboards.

As we support and further develop (as needed) the WP Sentry plug in, we’ll be making updates and posting information both here on our site and in the forums on WordPress.org.

Here are some links you might find helpful:

WordPress.org – The main WordPress Site

WP Sentry Plug In Site – The actual plug in page on WordPress.org.  This would be where to download the latest release.

WP Sentry Support Forums – Forums on WordPress.org tagged for WP Sentry

WP Sentry Category Listing – A listing of all of our posts here on WP Sentry

WP Sentry Original Site – Pete Holiday’s original WP Sentry site.   Unfortunately as of a recent check, Pete has removed his site, so we’ve removed the link.

support@weigoldenterprises.com –  If you’d like to email us about WP Sentry, please use this email address.

WP Sentry Revision History

As we’ve indicated elsewhere, Weigold Enterprises is going to be continuing support and development of the awesome WP Sentry plug in for WordPress originally written by Pete Holiday.  Here is the current revision history.  Note that version 0.8c and prior were created and supported by Pete.  Version 0.8d and later were created and supported by Weigold Enterprises.

Revision History:

  • Version 0.9
    • Revised = vs == typos in admin menu handling.
    • Updated compatible WordPress version information
  • Version 0.8d:
    • Updated support and contact information
  • Version 0.8c:
    • Not provided
  • Version 0.8c:
    • Checked compatibility with WP version 2.8.4
    • Fixed a warning issued when using in_array with a null variable.
    • wpgetarchives now displays private posts.
    • Mass-edit screen now uses permalink URLs.
    • Pages and Recent Comments replacement widgets updated
    • Added: ability to export a list of users
    • Added: Sentry column to user admin screen
    • Added: Catalan localization (Thanks to Mr. Robert Antoni)
  • Version 0.7.2:
    • Fixed a bug that kept child groups from working properly.
  • Version 0.7.1:
    • Fixed a bug which would expose comments on private posts in the Comments RSS feed if certain preview settings were enabled.
    • Added a Russian translation, courtesy of Denis.
  • Version 0.7:
    • Modified user-listing drop-downs for WordPress MU compatibility.
    • Added a German translation of WP Sentry. Thanks, Franz.
    • Added filtering to private page permalinks.
    • Added a column to the posts and pages edit screen to show Sentry permissions.
    • Patched in a change by MrPete fixing the issues with future-dated private posts.
    • Adopted recommendations from Alexey to replace feed URLs with Feed Key URLs and to enable private comments rss feeds.
    • This version is compatible with WordPress 2.71 beta-1
  • Version 0.6.92: Fixed an issue where feedkey sometimes did not work properly.
  • Version 0.6.91: Fixed a security hole which showed entire private posts in RSS under some circumstances.
  • Version 0.6.9:
    • Fixed a typo on the post deletion screen.
    • Changed the groups database table to allow for more users per group.
    • Added a hook to user deletion so that deleted users are also deleted from their respective groups.
    • A few changes were submitted by MrPete:
      • Display users given access (count and ‘all’) even if user-update form is disabled when editing page.
      • Some text changed for clarity
      • Users may now be set in the default access screen.
  • Version 0.6.8:
    • Fixed a bug in Feed Key which caused syntax errors when resetting keys. For real, this time.
    • Changed the method used to authenticate a user’s private feeds. Should resolve several issues with this functionality. (Thanks, Alexey)
  • Version 0.6.7:
    • Fixed a bug in Feed Key which caused syntax errors when resetting the keys.
    • Disabled Magpie RSS caching for private feeds.
    • Added a setting to disable the user list on the post/page edit screen.
  • Version 0.6.6:
    • Fixed a problem with group creation on some systems.
    • Added error checking to group creation that I thought I had added in 0.6.0.
  • Version 0.6.5:
    • Fixed a bug where setting the permissions on a sub-page didn’t work.
    • Patched in a number of changes made by Pierre de La Morinerie (KemenAran):
      • Added a replacement Tag Cloud widget
      • Comments no longer visible for previewed posts
      • Made a few back-end improvements to the code
  • Version 0.6.1:
    • Now contains a Dutch localization thanks to a helpful user. (Added 12/18)
    • Fixed problem where access controls weren’t showing up on the page add and edit screens.
  • Version 0.6:
    • Now compatible with WordPress 2.7 (RC2).
    • Implemented private RSS feeds using Feed Key.
    • WP Sentry is now available in French (Thanks, Regis!)
    • Replacement widgets may now be disabled
    • Added a new menu section for general Sentry options
    • ASM Select has been implemented for all multiple select boxes used by the plugin.
    • Private post title modification has been moved to the ‘General Options’ menu
    • Fixed an issue with ordering in the page list widget
    • Added CSS classes to replacement widget lists
    • Fixed issue with private post title renaming for German WP users
    • Changed the way boxes are added to the post and page edit screens.
    • Fixed a problem with errors not being reported correctly in the group management section.
    • Post listing replacement widget disabled as it appears that WP 2.7′s version functions properly.
  • Version 0.5.1: Fixed a bug which was displaying titles inappropriately.
  • Version 0.5:
    • Uploaded to WordPress Extend for easy maintenance
    • Added the ability to assign permissions to posts en masse.
  • Version 0.4:
    • Added support for private pages.
    • Added a sentry-aware replacement for the Pages widget.
  • Version 0.3:
    • Default groups for new users added.
    • Default groups for new posts added.
    • Ability to change the private post title prefix and postfix added.
    • Ability to delete groups added.
    • Reorganized the administration screens.
    • Major preview functionality added.
    • Changed syntax so the plugin is compatible with PHP 4.x systems.
    • Tested for WP 2.6
  • Version 0.2: Fixed a bug that prevented the creation of new users.
  • Version 0.2: Added the ability to allow all registered users to view a post.
  • Version 0.1: Initial release.

Virus software is not low maintenance!

Hi Friends! Thanks for visiting. Having just gotten off the phone with a client trying to solve email problems and finding that her problems are probably just a symptom of virus infestation, I felt moved to write.

Virus software is not low maintenance!

Please remember that. Virus and malware software needs to be checked, maintained and updated. Regularly. Often. Yes, I know there are automatic updates. That does not mean that they always work, or that they are set correctly. Automatic updates also do not protect you from software updates that require some manual intervention.

In this client’s case, she was using the free version of AVG. Good software. We recommend and use it. One of her problems though was that she was using version 8 from back in 2009. Any of you currently using AVG are probably aware that they are on version 10 something and stopped supporting anything older back in December! “Doesn’t it update automatically?” She asked? Well, that depends. Virus definitions do. Some, but not all software updates do. If your virus software provider makes a major software update, it may require some manual intervention on your part. In the case of AVG Free, the update to AVG Free 2011 did require some manual install work.

Did you ignore all those pop up messages that indicated that support for the older versions was ending?

As if that wasn’t enough of an issue for this client, she also uses Spybot Search and Destroy. This of course is another good program we use and recommend. As part of the over-the-phone troubleshooting I asked her: “When is the last time you ran a Spybot scan”. “Last week” she says. “Great!” I replied. “Did you update the definitions?”

“Update? Definitions?” came the response. Uh-Oh.

Spybot, like some other malware programs requires that you manually check for updates. You should pretty much be doing that prior to running a scan. Running a scan with outdated virus or malware definitions is almost as useless as not running the scan at all.

Another issue we’ve seen is the computer users that think they are immune because of what they do or don’t do online. Wrong.

If you think your computer is protected from viruses and malware simply because you think you are a diligent computer user, I’ve got news for you. If you are reading this, your computer is just as susceptible as anyone else’s. If you don’t want to accept the responsibility of making sure your machine is protected with up to date scanning software and making sure regular scans are being made, then you should unplug your network connection. Without up to date software and definitions and regular scans, your computer is at risk, whether you believe it or not.

Wondering about our recommendations?

  • Good quality virus software, set for automatic database updates if available.  Preferably one that integrates with browsers and email and checks links and emails.
  • Automatic weekly scans at minimum. For active machines, daily.
  • Weekly or more often, check the results of the automatic scans for issues, verify current definitions, etc
  • Weekly or more often run a scan with an alternate problem then your regular anti-virus program. Not all programs catch all issues. Make sure the definitions are up to date on the alternate program too!

I hope you found this useful!  Remember, virus and malware software is a bit like a seat belt.  If you aren’t proactive about using it, you probably won’t realize it isn’t protecting you until a crash.

Safe computing!