Kittens…

So, I had told myself that if I still had the kittens at twelve weeks, they are going to the shelter.

They are now 12 weeks old.

I still have them.

The shelters are full.

It’s kinda a tough situation. I can be kicked out of my apartment for having more then 2 cats, so I can’t put up signs for the kittens all over the place.

I posted to some sites last night, I think I may be able to give one away at this point. The person asked for current pictures. I took this video last night about 1am.

And because a picture is worth a thousand words….

and because I like to talk…

Good bye bank

Banking woes.

When I moved to Florida, I couldn’t cash my paycheck – no bank. I had an account with a Wisconsin bank.

So I picked a new bank. I tried to pick a big one, one that had branches everywhere. This way, if I needed to do some banking, there is likely to be one nearby.

I do most of my banking online, so having a convenient branch, like on the way home to work, etc, isn’t that big of deal for me.

This proved to be handy when I moved to Illinois. The closest branch to me is the town south of me, so about 10 miles or so. I have been there twice. Once, right after moving, and once fairly recently to open a second checking account so I can separate my monthly expenses from my discretionary money. (let me tell you, this helped me budget MUCH better). When I was there last, they said they where opening up a branch quite near to me.

One small problem. My bank doesn’t exist anymore.

Yesterday, JP Morgan Chase bought Wamu from the FDIC.

They say not to worry. Everything will be fine. I will start seeing Chass branding where I am used to seeing Wamu branding. They say my paycheck is safe and sound, I can still write checks, and my debit card should work line normal.

Today, my debit card was very slow to ring up for lunch.

I guess that means I won’t be getting my new local branch office. No matter, there is a big, fancy Chase office at the corner of my block where I live. Can’t get much closer then that! They say I will be able to use it starting sometime next year. I am not likely to need going into a bank before then anyhow.

They say not to worry. I don’t think I will. My debit card still worked today.

However, I think I am going to get a bit more cash on hand, just to be safe.

HACKED!!!!

A friend’s website was hacked recently. It wasn’t a big deal for him, as it was a testing/playground site anyhow. The site was simply homepage defaced. The site was due to be drezzed and rebuilt anyhow.

I was concerned because it was a Joomla website. My sites at work are Joomla sites.

I tracked down how it was hacked for him. It took me an hour.

It was hacked out of Turkey – no legal recourse for him.

Basically, it turns out there was a bug in the password reset code that allowed them to reset the admin password.
http://www.compassdesigns.net/joomla-blog/Admin-Password-Reset-Vulnerability-in-Joomla-1.5.html — OHPSS!!!

It is interesting to note that they used google for finding websites with the vulnerability – their search was http://www.google.com/search?hl=tr&q=inurl:%22com_user%22+hello&start=40&sa=N

The steps that I took to figure this out. I had my friend dump the website and send it to me. The dump was the full filesystem for that website, a full MySQL dump of the database(s) for the site, and all the log files for that site. At this point he could start doing what he needed to do to rebuild the site.

When I got this zip file, I opened it and went to the logs. I just scrolled through the log to see if anything obvious stood out. Nothing at the initial glance.

Thinking it was a remote file include problem, I started looking for URLs that could have been included. This wasn’t it, but it did lead me to a spot where I recognized the name of a foreign file – an MP3 that the hackers uploaded.

I then grabbed their IP address and looked at the first instance where they interacted with the system. I found the google search and the click through to the password reset page.

At this point, I did a google search of my own and found the hack.

A note on their behavior during the attack:
They started at 7:37 am our time, and where done by 7:49.
They checked the site again at noon, and again at 10:15pm. I guess they wanted a good laugh at how long it took before the site got fixed.

The moral of this story is that if you use open source software, make sure you keep it updated. With the ability to google search for pages that are running a known piece of code, an aweful lot of websites can get hacked between the time a vulnerability is know until a fix is released and until you get that fix installed.

By the light of the harvest moon

by the light of the harvest moon
Tonight is the harvest moon. It’s a crisp, cool, night. It’s finally a comfortable 68 inside, and 52 outside right now. Cool enough that you can see ‘steam’ from the storm sewers.
my apartment complete at night
The leaves are going to seriously start thinking about turning color here soon I think.
kitten reading the mail
These demon kittens need to go. They are keeping me up all night. Actually they are quite precious – they need to be precious somewhere else besides on top of me.
two orange kittens
They are getting so big! Somebody quick, take them home while they are all precious like.

Posted by Picasa

IMTS

Today was the first day of the biggest trade show my company is part of. IMTS – International Manufacturing Technology Show.

My gosh is it a big show. I got a chance to wander around half of the hall we are in. It would take all week to see everything in all the halls.

I went there to be on site to make sure that the automatic lead routing stuff I have been working on for the last 6 months worked ok.

I never got a chance to try it.

One of the computers went down, and so I spent half a day trying to get that working again. I gave up. Not sure what’s wrong with it. It’s under warranty. The manufacturer can figure it out.

I spent the other half of the day customizing the stuff I wrote for this show so that it’s more useful to the people who end up following up on the leads. First, I had to turn all on sorts of extra security so that my work with the server is 100% encrypted. I don’t want some bored 16 year old sitting on the lakefront sniffing the wifi packets and getting access to my stuff.

I am laying here in bed, getting ready to work on it some more tonight. We found a bunch of little stuff as I was tweaking it for the show today. I want to get some of this stuff ticked off the list while it’s quite and 29 people aren’t coming through the door every minute.

It’s going to be a long night.

WordPress Appliance - Powered by TurnKey Linux