Skip to main content

Posts

ASPY.a - Malware Source Identified as Blackhat Control Panel Developer

I've spotted a trojan/shell exploit that targets ASP.NET named ASPY.a making the rounds again recently. By no means a 0-day or brand new bit of malware, ASPY.a has been around for about 2 years . It takes advantage of vulnerable ASP scripts, uploads itself to a web server and in unpatched systems that lack sensible permissions policies and the latest updates, it can grant remote attackers administrator access. Microsoft Security Essentials will catch it, however I've seen at least one version of Symantec that does not completely remove compromised files - with Symantec server-level compromise was prevented, but the website itself remained controllable. So why am I writing a post about a 2 year old piece of malware? The story here is that the circulation appears to be driven by a developer based in Russia that sells "server control panel" (панель управления сервером, управление) software for novices tasked with IIS-based website management. The name of the company is...

Merger Alert

Freelancer.Com, a clearinghouse for employers to higher developers and technicians for one-off jobs that need fixin' based in Tampa Florida, acquired competitor vWorker last week. Both companies are privately held. vWorker was founded in 2001 as RentACoder.com. For Freelancer, this could be a great purchase. Dismal credit-strapped economies provide significant advantages for companies that are cash-rich and that (gasp!) create wealth by serving customers that do not need to rely on the fleeting good graces of investors, bankers and taxpayers. Let's see if this is the beginning of an acquisition phase for the company. Combined with a growing base of employers with diverse employment needs that fear the commitment of new hires, a few key acquisitions and a smart marketing campaign could pay off big for Freelancer.Com. Full disclosure: I've worked for Freelancer in the past (however I have not done so for over a year, and I was not paid for this post, or any other post on ...

Scheduling Application Pool Recycles in Windows Server 2008 and 2012

TimeSpan[]Array and the TimeSpan Collection Editor The process for scheduling an application pool to recycle at specific times in Windows Server 2008 and 2012 is a bit different then in previous versions. Launch IIS Manager, expand application pools and highlight the application pool to modify. Under the Actions menu on the right hand side, select Advanced Settings. Scroll down to the Recycling section and expand it. You are looking for the TimeSpan[]Array entry of Specific Times section, highlighted in the example above. Click the three dots to the right of this entry. Click the Add button under the Members window on the left hand side. This will produce a new value in the Properties window. click the new value and modify it using a 24 hour / military clock standard . Select OK and you're all set!

Thank You!

When I started this site 6 months ago, I expected it to be a sort of notebook for quick fixes of server and router problems. I had hoped to use this as a place where the solutions to IT brain ticklers could be posted in case I forgot them and needed them later. Because almost all of my friends work in the same industry I do, it quickly became a place where I could refer people I knew who were in a bind and in return I post fixes they come across. Other than letting a few close friends and family know about the site and bugging them for feedback and ideas every now and again, or sending out the occasional twitter/linkedin post,I haven't really told anyone about it. I certainly haven't marketed the site or engaged in any sort of 'search engine optimization'. That's why I don't quite know what to make of the sheer number of visitors to the site. At this point, the count is in the tens of thousands, with traffic doubling every single month. Here is what the traf...

List of Windows Activation Keys for KMS

Includes Keys for Windows Server 2012, Windows Server 2008, Windows 8, Windows 7 and Vista This list of keys for KMS can be a real hassle to find in Microsoft's online documentation, so provided here in the hopes of saving you some time. Please note that these are not stolen product keys and as such publishing them is a time saver for administrators managing large deployments of fully licensed Microsoft products  - so if you are a thief or an Internet police person, sorry to disappoint but you've made it to the wrong site. Click this link for an article with more information about KMS, activating Windows Server 2012 Licensing, and upgrading your KMS Server from 2008 to 2012 . WINDOWS SERVER 2012 Windows Server 2012 Core BN3D2-R7TKB-3YPBD-8DRP2-27GG4 Windows Server 2012 Core N 8N2M2-HWPGY-7PGT9-HGDD8-GVGGY Windows Server 2012 Core Single Language 2WN2H-YGCQR-KFX6K-CD6TF-84YXQ Windows Server 2012 Core Country Specific 4K36P-JN4VD-GDC6V-KDT89-DYFKP ...

This Week in Links: The Computer Fraud and Abuse Act as Explained by Errata Security, and More Fun With the Federales

In a missive to the estimable Jean-Baptiste Leroy, portly Founding Father Benjamin Franklin once wrote, speaking of the longevity of America's fledgling constitution, "[...] in this world nothing can be said to be certain, except death and taxes." It is with the utmost respect then, that I would slightly plagiarize that hackneyed turn of phrase for use by the engineers, owners and managers of the data center: for us, the only two certainties are spam and visits from Federal law enforcement. This noble profession of ours sits at the crossroads of just about every human activity worth snooping; banking, business big medium and small, healthcare. Criminals both notable and otherwise post their exploits and those posts find their way routed to our n+1 powered, humming homes away from home. Confessions vary from the moronic - as a videotaped confession with a stolen camera surely was  - to the barbarous - as the flurry of terrorist attack and recruiting tapes surely are. ...

McAfee, I Hardly Knew Ye: Zillionaire Security "Expert" Flees Law Enforcement In the Midst of Murder Investigation

I wish I was making it up. For those who haven't heard, here is the story: John McAfee's neighbor has a gunshot wound in the back of his head. John McAfee is not surrendering to the police for questioning. John McAfee has a long history of doing drugs and having sex with young girls and reporting both exploits on the internet in livid detail (this *is* the computer industry we're talking about here) and every 30 minutes or so, John McAfee is blogging at http://www.whoismcafee.com/ to keep us all posted as to life on the lam and confirming his innocence. http://www.wired.com/threatlevel/2012/11/threatlevel_1112_mcafee/ http://www.vice.com/read/john-mcafee-bath-salts-belize-murder-fugitive-gregory-faull http://www.cbsnews.com/crimesider/?keyword=john+mcafee&tag=contentMain;contentBody In no way should this post be construed as claiming guilt or innocence for Mr McAfee. John has a unique lifestyle, but then again the police in Latin America have a unique style of jur...