Archive for the ‘Web’ Category

I have been having trouble with my internet connection lately. Over the
past couple of weeks internet would come and go on my asus
build windows 7 machine that is my personal computer. It culminated with my
losing internet yesterday for three to four hours. Over the previous
weeks all I had to do was a simple reboot to regain internet. Very
annoying but a simple fix. Yesterday was a totally different matter. I
must have rebooted a dozen times or more trying to reconnect. Thinking
that I might have a hardware issue I went up to a storage building and
carried in a box of network cards. Surely one of these would fix my
problem. After no luck there I decided to try a wireless card and still
will not connect to the internet. It would however connect to the
network. So I then knew it had to be a software issue but where would I
begin to look. I With the wireless card still in place and connected to
the network but no internet I once again ran network diagnostics. This
time it came up with a named error. Now we might just be getting
somewhere. I found out I had a 651 error. We might just be getting
somewhere but where I did not know. It was time to leave that machine
and jump onto my laptop. After some diligent searching and reading I
found some information and a list of  possible culprits.
* The raspppoe.sys file has become
corrupted. RASPPPOE.sys is an acronym for Remote Access Service Point-to-Point
Protocol over Ethernet. This is a windows driver that many broadband
service providers use for authentication when connecting to the
internet through a broadband modem.

* Possible problems with the Local Area
(LAN) card driver.

* There may be a conflict with the modem
driver and
your operating system.

I felt confident the latter two were not the problem. So lets see what
we can do with the raspppoe.sys file. What I then found out was you
need to replace this Windows 7 driver with the same driver but from a
windows Vista machine. Armed with this knowledge I then found the
needed raspppoe.sys file. I am placing a link to it below
so you will not need to do your own search. You will need an unzipping program like
win rar to open the file though. To make this fix you will need to be
in administrator mode (something I strongly urge you not to do for
normal surfing, work and play). You will most likely need to be able to
view hidden files and folders. To do this you will again need to be in
an administrator account. Then:


Open Folder Options
by clicking the
Start button Picture of the Start button, clicking Control Panel,
clicking Appearance and Personalization, and then clicking Folder


Click the View tab.


Under Advanced
settings, click Show
hidden files, folders, and drives, and then click OK.

Once we have this done we can begin our search for the raspppoe.sys
file. The full path there is C:/Windows/System32/drivers. Once I found
the raspppoe.sys file I attempted to rename it and even with me in
admin mode it refused to allow that so I made a copy of it. and placed
it in a new folder that I named old-raspppoe.sys. I then pasted the
vista version of the raspppoe.sys file  into my drivers folder.
It was at this point I saw that my back up was a mute point as one of my
options was to paste the new file in place and rename the old file
raspppoe (2).sys. No problem there. I backed out of the folder, then
closed all my open pages and rebooted my computer. This time I was all
hooked up. Sweet! I shut her down one more time, removed the wireless
card and pci  NIC, placed the cover back on and booted her up.
Everything was back to normal with only the piles of pulled out hair to
be swept up, LOL. I hope this helps if you run into the same problems with your win 7 machine.

A new method of phishing attack is starting to rear its head up to try and gain sensitive information from unsuspecting users. This new method goes back to the warning I have given out for years now. Do not have a sensitive page (ie, your bank, paypal..etc) open while browsing. What this new threat does is it will attack a vulnerable website and injects a javascript code into the site. When you visit the now infected site and have a window open to your bank it causes a popup to come up that tells you that your session has timed out and you need to relog in. Make sure you log out of sensitive sites before browsing. If you have a website make sure you are secure and check for any changes in coding. That is what happened to this site and some others I am hosting. It wasn’t a threat to capture your information but we did get attacked by the yahoo counter script. The first things we noticed was the fact that our rss feeds were broken. Then doing a source search we found yahoo counter starts at the bottom of the page before the closing body tags. I do not know what the exact code is that this one places into websites but will attempt to find it. I feel as a responsible website owner I should try to stay on top of the situation and even moved my sites to a more secure server.

Here is what explains about the sophisticated attacks:

“An in-session phishing attack occurs while the victim is logged onto an online banking application and therefore is much more likely to succeed. A typical attack scenario would occur as follows. A user logs onto their online banking application to perform some tasks. Leaving this browser window open, the user then navigates to other websites. A short time later a popup appears, allegedly from the banking website, which asks the user to retype their username and password because the session has expired, or complete a customer satisfaction survey, or participate in a promotion, etc. Since the user had recently logged onto the banking website, he/she will likely not suspect this popup is fraudulent and thus provide the requested details.”

To protect themselves from in-session phishing attacks, Trusteer recommends that users:
1. Deploy web browser security tools
2. Always log out of banking and other sensitive online applications and accounts before navigating
to other websites
3. Be extremely suspicious of pop ups that appear in a web session if you have not clicked a hyperlink

I’ve been busy yet again moving things on servers. I was not happy with the one I first intended to move everything onto when I found out that you can not have folders or files with write permissions (666,or 777). That and the fact that I still have not gotten all the releases for my other domains to move and remove the yahoo counter script from them as I migrate servers. I did find 9 instances where we had missed getting it all off the server and therefore out of the files. A couple of readme.html files and7 places where the entire code was not removed. Thank goodness for TextCrawler it has been a life saver. This script, that begins; “Yahoo! Counter starts” is either placed into js,htm, html or shtml pages that I have found so far. It is more complex code that is placed into php pages but it then generates the same code that can be found by viewing the pages source code. I tried in my last post to insert an image of the code, but that fails to give you a good idea of what to look for when removing it from your site. I am reluctant to post it online but will gladly share it with anyone who needs help and asks for it. The code is rather lengthy also so to place it into a post would lose you my readers. I tend to get lost in that much code myself. One of the easiest ways to remove it is to copy the entire text into TextCrawler. Then use a comment something like this and replace the code. This will work for all your web pages and takes only a few minutes. If you do not have that many infected pages you might wish to open them up individually and remove the code from each of them. But if you have something like a gallery I had been testing that ended up with over 3000 files infected I doubt you want to fix each file. I am not even going to replace them I am going to drop them when I move everything else. You can not even delete folders full of the infected files off your webserver as they are chmodded to 444 and the ownership is changed from your account to HTTPD. Without fixing that the only recourse is to delete them individually then replace them. A lot of work that my soon to be completely former host IX Webhosting will not help with or even acknowledge is their fault. You can get them to change ownership and even chmod the files back to 755 but if you do not get it fixed right away it will change back. Even if you do get everything fixed back but leave it on their server it puts the bad code back into your pages, or at least it did mine that way. If you need any help, or just want to vent over IX’s lack of help shoot me a line or comment. I’ll help what I can.

I have been very busy the past week moving to a new server for my hosting company. I ran into a snag with my old provider when they allowed a rather insidious script to be injected across all of my sites. It slips in and changes permissions on files. It masquerade itself as a yahoo counter but attacks all your files and will break your rss feeds. If it attacks your wordpress blog the easiest way to deal with it will be to delete everything and start anew. Make sure you save your wp-config.php files information but not the code. But if you have a custom theme you can’t do that and will need to crawl every  page with a text crawler like TextCrawler to search your files or you would be searching individually for days. Depending upon plugins you will have a couple hundred or so files that will be infected the code looks like this;

!--Yahoo! Counter

<!--Yahoo! Counter

This is not all of the code but if you need it just let me know and I will hook you up with a copy to use for searching your site with. So far all the php files have had one code and the html files have had the code that is generated into the webpages that starts “<!–Yahoo! Counter” without the ” marks. I have cleared this one and Brainfoggles and have a couple more to go so I can migrate to the new servers clean of infections.

I was watching NCIS last night as I usually do and just had a feeling that something wasn’t just right and popped online to see how my friends were doing. It must have been a psychic feeling cause sure enough my friend Connie over at Brain Foggles was having trouble with her new blog Conniesview. It had stopped displaying and was reporting an error instead of showing a page. We had this error ;
Parse error: parse error, unexpected ‘<' in /wp-includes/post-template.php on line 734
She of course was panicking so I jumped right on it. I host her blog and give her hands on support something we plan on being able to do for others who wish to blog but have no knowledge of being a web/blog master. A quick search showed it was being discussed on the message boards of wordpress support. The post-template.php file was only supposed to have 733 lines of code instead of the 734 it was reporting though in dreamweaver it showed about 6 lines or more of apparently undecipherable code. A quick ftp of the now fixed page had her up and running in no time. Everything was lovely once more, or so I thought until I checked this blog and it to was reporting the exact same error. wow quick fix or so I thought. After fixing the file I got another error in the comment mailer plugin, seeing as how I don’t use it anyhow I simply deleted it ,and once more the world is revolving and everything rosy again. If you have problems with yours or need some help maybe this will help you out. I did post the fix on wp support forums too in case you need to look.

I kept myself occupied pretty much of the morning by making a change in my sidebar. I wanted a double head over the left and right columns and had to work it out to get it to display correctly. Jenn over at Everyday Randomness pointed me in the right direction telling me that I needed to mod the sidebar.php page in my themes directory. Of course it was a little more involved than simply adding a few lines of text. I had to add a division to the page plus add a division to the style sheet also. Not too bad but I sure am glad I know how to cut and paste. Its easier to copy then mod some code rather than writing it from scratch. You can see the result of a few hours of off and on work by looking at my ad on the right. I have been hosting websites for friends for some time now and intend to expand hosting to blogs also. Let me know if I can help you, or any input you might have. Thanks.

I have been busy moving a good friends blog and a customer of my file-house hosting to her own domain name that matches her blog Brain Foggles. It was quite a learning experience for me as I had never done it before. First off I did a little research on the web and said to myself that shouldn’t be too much trouble. Well I underestimated the difficulty and the little knowledge I had gained as it was not quite enough. First thing I ran into was the plugin I had found to expidite moving a blog from site to site would not work as the database is too large. I had attempted to move it using the Velvet Blues Update URL’s plugin, but ran into a snag right away as I was limited to a 2mb file and this one was just short of 4mb’s. Plus I was creating a new database as we did not want the old site to go down at all until we had the new site up and running. So I exported the Mysql database onto my computer and uploaded it as the new database for the new site. That was pretty straight forward but where I had trouble was renaming all instances of the old domain to the new domain. I found a great blog site that helped me a ton. My Digital Life had the information I needed to work with the Mysql database. It made life so much easier and I can’t thank them enough. Alright now I have I said to myself but once more my hopes were dashed like a ship against the rocks. I had an error with the php code. It was Warning: array_keys(): The first argument should be an array in */wp-includes/widgets.php on line 676, (*= your root directory). This I found out was a common occurence when moving blogs and was caused byt the text widgets. So back to the Msql database into the options table hunting the text widgets line. Once there you remove everyting in the table and woooo hoooo its working minus the text widgets. So I am back off to the old site to get the text widgets text. It all goes in one at a time making sure none of them break the instal and we are done. I feel confident now that I can move pretty much any WordPress blog onto my hosting server as long as I have access to the old blogsite. Now I find out she has a contest running and wants to hold off the move for 3 more days. Oh well I know what I am doing now so it shouldn’t be the big deal it was when I started.

A new bill, co-sponsored by Rep. John Conyers (D-MI),and Zoe Lofgren (D-CA) would make ISPs who fail to provide service in a non-discriminatory manner subject to anti-trust violations. The legislation requires Internet service providers to connect with the facilities of other network providers on a reasonable and nondiscriminatory basis. It also requires them to operate their networks in a reasonable and nondiscriminatory manner so that all content, applications and services are treated the same and have an equal opportunity to reach consumers. Any ISPs that do not follow these net neutrality rules would be subject to antitrust enforcement. The legislation has been praised by on line and consumer rights groups. “Americans have come to expect the Internet to be open to everyone,” Conyers said. “The Internet was designed without centralized control, without gatekeepers for content and services. If we allow companies with monopoly or duopoly power to control how the Internet operates, network providers could have the power to choose what content is available.” You may say we do not need any legislation to insure that the internet remains open as it is mostly today, but large providers are already wanting to charge big providers a fee so their content flows fast and is not hampered or restricted. Right now the internet is neutral with your blog content available to everyone at the same speeds. What would happen to your blog and its readers if the large ISP’s slowed down access to your blog to others simply because you did not have the money to fork over for premium service. I can understand tiered service levels for your access but not to the content on the web. If yahoo took forever to load and google zipped right along you soon would quit using yahoo’s services. Small content providers such as bloggers could not afford premium access so their pages could be intentionally slowed down in favor of larger sites. That is what net neutrality is all about.

I am a Charter Communications customer and very happy with them. They give me great service for my Internet with it constantly speeding along with my connections. I connect to web pages with my charter connection with blazing speed. Well right now they have great opportunity coming up with an auction with no reserve for Charter High-Speed Internet for Life. Imagine how cool that would be. You would have Charters great high-speed Internet for the rest of your life without another bill for it – ever. This will be a no reserve auction starting at just ten dollars. All you need to do is register and bid and you could be the winner of this fabulous package. I don’t know how much it will go for but I intend to attempt to win it for myself if possible. All you need to do is to register with Charter so you can become a bidder. All you need to do is fill out their online form. If you preregister now you even have a chance to win a Nintendo? Wii?. The winner will receive a Nintendo Wii Console, Wii Stand, 5 Sports games ( Boxing, Baseball, Tennis, Golf and bowling), 1 Remote Controller, 1 Nunchuk Controller, 1 Sensor Bar, 1 Wii AC Adapter, 1 Wii AV Cable. Click Here for a Chance to Win a Nintendo? Wii?! Visitors will have the chance to bid on Charter High-Speed? Internet for Life. To register you must be in a Charter serviceable area and qualify by zip code. Only visitors able to receive Charter High-Speed? Internet services at their residence will qualify to bid. Bids start at $10. For complete Auction and Sweepstakes Rules follow this link.

I don’t know how many of you use Internet Explorer or visit sites like MySpace or FaceBook and use their plugins. Myself I do not have anything on those sites and never use Internet Explorer for anything other than checking a web page to make sure it displays properly in IE and Firefox (my choice of browser).

According to the Washington Post‘s Security Fix blog, cyber criminals are populating the Internet with Web sites designed to exploit several recently-discovered security holes in a half-dozen widely used ActiveX plug-ins for IE 6 and 7, most notably the one offered by Facebook and MySpace to help users upload photos. The sites, advertised via links in email and instant message spam, also ‘probe for other vulnerable IE plug-ins, including two recently discovered from Yahoo! and one for QuickTime (this one attacks a vulnerability Apple patched just last month). The sites also throw in an exploit against a six-month-old IE flaw.’

If you use any of those plugins for IE you really need to deactivate the plug-ins with a GUI tool that?SANS Internet Storm Center has released. Actually my advise would be to dump Internet Explorer all together and down load a copy of Firefox. Once you go to it you will never want to use IE again. I have been a user of it since before it ever got its name and love it.