It'll Never Fly

You may (or may not) have noticed this site (and my sister site, rjmaguire.com) have been really slow as of late. I was trying to do some extensive logging about those hacking attempts I reported before, so I installed a new add-on in my Web server to do so. I never actually got it to work, but it didn’t seem to be doing any harm, so I left it installed and turned on.

A word to the wise, trust documentation. The help for my add-on said not to leave it on for extended periods of time, and that it’s really only meant for short periods of debugging traffic. Well, I read that and chose to ignore it, thinking of course that I knew better.

Well, it’s turned off now, and things are much snappier than they were.

I still don’t know what it was doing, because I never did get any output from the darn thing. Apparently, it was just spinning its cycles, spewing its data into the /dev/null’s of the world.

My non-blogging site, rjmaguire.com, that mainly hosts my genealogy stuff, was hacked recently. The perp found an underground published security hole in the 3rd party genealogy software I use called TNG: The Next Generation. I found a message on their support forums that describes how to close the hole and now it has. I’ve also replaced the damaged file (as they at least were kind enough to only do a minimal amount of damage).

I don’t blame the author of the software or the PHP programming language. It was an easy mistake to make. I still intend on using the software (and upgrade to the newest version even). It was my own fault for not keeping a closer eye on the server logs and on the TNG mailing list to notice that this kind of thing was going on.

I haven’t actually been able to pinpoint the exact day or time when the hack occurred. The first attempts began in mid-March. I don’t think the hack actually occurred until just a few days ago, when I noticed the page on my site was posted in a Spanish-language forum as a badge of honour as it were. Thankfully, the kids trying this stuff out aren’t really that bright, as witnessed by a lot of failures to even copy and paste correctly.

One of them actually managed to copy a couple of executables that looked like IRC server software or something, but was undoubtedly stopped cold when it had no chance of running on my server’s architecture.

Read the rest of this entry »

• Theocacao: Objective-C, Ruby and Python for Cocoa
  Interesting blog post about Cocoa language bridges, and how people might want to hold out for Objective-C 2.0.
  (tags: apple programming cocoa ruby python objectivec article blog)

• Mac vs. Unix line breaks
  Handy tips for converting text files between various line break formats (i.e. carriage returns and/or line feeds)
  (tags: apple mac osx programming text tips unix)

• Agent44: The Artwork of Jake Parker
  There is some pretty amazing stuff on here.
  (tags: illustration art blog artist portfolio comics toread)
• Wander
  Blog for Andrew Wilson
  (tags: artist illustration art blog toread)
• BlueSky Studios Challenge
  Different artists’ takes on the same picture or theme.
  (tags: illustration art blog toread)
• Stuck In Customs » Blog Archive » Nuclear Winter in Chernobyl
  Photos from Chernobyl
  (tags: photography russia blog nuclear)
• lushlush: Bizarre sign
  Explanation lower down in the entry.
  (tags: funny weird)
• Ruby on Rails Cheat Sheet – Cheat Sheets – ILoveJackDaniels.com
  Handy cheat sheet for Ruby on Rails
  (tags: ruby rails reference programming)