As my readers know, I spend a lot of time digging through error logs, preventing attacks, and reporting results. Occasionally, some moron will pull a stunt that deserves exposure, public humiliation, and banishment. There is certainly no lack of this type of nonsense, as many of you are well-aware. 3G Blacklist Even so, I have to admit that I am very happy with my latest strategy against crackers, spammers, and other scumbags, namely, the 3G Blacklist. Since implementing this effective […] Continue reading »
Hmmm.. Let’s see here. Google can do it. MSN/Live can do it. Even Ask can do it. So why oh why can’t Yahoo’s grubby Slurp crawler manage to adhere to robots.txt crawl directives? Just when I thought Yahoo! finally figured it out, I discover more Slurp tracks in my Blackhole trap for bad spiders: Continue reading »
![[ Macintosh Keyboard ]](https://perishablepress.com/wp/wp-content/images/2008/fx-shortcuts/fx-shortcuts_01.jpg "Firefox Keyboard Shortcuts")
As my browser of choice, Firefox provides all the functionality I need for web design, application development, everyday surfing, and much more. With a handful of choice extensions installed, Firefox is a lean, mean “get-it-done” machine. Plus, I am always looking for new ways to boost productivity and increase efficiency. Of course, an excellent way to do this involves learning and using as many mouse and keyboard shortcuts as possible. Over the past few years, I have collected oodles of […] Continue reading »
![[ Can’t Log IN to LinkedIn ]](https://perishablepress.com/wp/wp-content/images/2008/misc-chunks/linkedin-cant-log-in.png)
This is great. A couple of weeks ago I twittered that I had canceled my LinkedIn account. Without going into detail, suffice it to say that my original account signup information was no longer valid and the LinkedIn support staff was unable to even locate my account, let alone reset my password or provide login access. I know the account was there, but no matter what I tried I could not login. So, without being able to update my information, […] Continue reading »
Monitoring your computer’s Internet activity is a powerful tool, enabling you to: keep an eye on background processes reveal viruses and other malware expose unauthorized access monitor running programs log process activity ..and much more. The best part? It’s super-easy. Here’s how I do it on Win XP: Open the command prompt and type “netstat -n 5 > scan.txt” After a minute or two (or any amount of time), press Ctrl+C to stop monitoring Type “scan.txt” to open the log […] Continue reading »
This unfeatured post provides information for (re)establishing wireless Internet access from AT&T/Cingular Data Service (via WAP or MEdia Net) for the HTC/AT&T 8525 mobile device. Or something. This information is useful if you are unable to connect to the Internet and receiving error messages similar to the following: Error: Your Internet connection is not configured properly. Please verify your settings in Data Connections. Note: Use of the following settings enables the AT&T 8525 to access MEdia Net (WAP) pages using […] Continue reading »
I need your help! I am losing my mind trying to solve another baffling mystery. For the past three or four months, I have been recording many 404 Errors generated from msnbot, Yahoo-Slurp, and other spider crawls. These errors result from invalid requests for URLs containing query strings such as the following: https://example.com/press/page/2/?tag=spam https://example.com/press/page/3/?tag=code https://example.com/press/page/2/?tag=email https://example.com/press/page/2/?tag=xhtml https://example.com/press/page/4/?tag=notes https://example.com/press/page/2/?tag=flash https://example.com/press/page/2/?tag=links https://example.com/press/page/3/?tag=theme https://example.com/press/page/2/?tag=press Note: For these example URLs, I replaced my domain, perishablepress.com with the generic example.com. Turns out that listing the plain-text […] Continue reading »
![[ Photo: Bob Barker waves at you ]](https://perishablepress.com/wp/wp-content/images/2008/blacklisted/2008-05-31.jpg)
Welcome to the Perishable Press “Blacklist Candidate” series. In this post, we continue our new tradition of exposing, humiliating and banishing spammers, crackers and other worthless scumbags.. Just under the wire! Even so, this month’s official Blacklist-Candidate article may be the last monthly installment of the series. Although additional BC articles may appear in the future, it is unlikely that they will continue as a regular monthly feature. Oh sure, I see the tears streaming down your face, but think […] Continue reading »
![[ 3G Stormtrooper ]](https://perishablepress.com/wp/wp-content/images/2008/blacklist-3g/blacklist-series_00.jpg)
In the now-complete series, Building the 3G Blacklist, I share insights and discoveries concerning website security and protection against malicious attacks. Each article in the series focuses on unique blacklist strategies designed to protect sites transparently, effectively, and efficiently. The five articles culminate in the release of the next generation 3G Blacklist. Here is a quick summary of the entire Building the 3G Blacklist series: Continue reading »
As you know, HTAccess files are powerful tools for manipulating site performance and functionality. Protecting your site’s HTAccess files is critical to maintaining a secure environment. Fortunately, preventing access to your HTAccess files is very easy. Let’s have a look.. Continue reading »
![[ 3G Stormtroopers ]](https://perishablepress.com/wp/wp-content/images/2008/blacklist-3g/blacklist-release.jpg)
After much research and discussion, I have developed a concise, lightweight security strategy for Apache-powered websites. Prior to the development of this strategy, I relied on several extensive blacklists to protect my sites against malicious user agents and IP addresses. Over time, these mega-lists became unmanageable and ineffective. As increasing numbers of attacks hit my server, I began developing new techniques for defending against external threats. This work soon culminated in the release of a “next-generation” blacklist that works by […] Continue reading »
![[ 3G Stormtroopers (Red Version) ]](https://perishablepress.com/wp/wp-content/images/2008/blacklist-3g/blacklist-series_05.jpg)
In this continuing five-article series, I share insights and discoveries concerning website security and protecting against malicious attacks. Wrapping up the series with this article, I provide the final key to our comprehensive blacklist strategy: selectively blocking individual IPs. Previous articles also focus on key blacklist strategies designed to protect your site transparently, effectively, and efficiently. In the next article, these five articles will culminate in the release of the next generation 3G Blacklist. Continue reading »
![[ 3G Stormtroopers (Team Aqua) ]](https://perishablepress.com/wp/wp-content/images/2008/blacklist-3g/blacklist-series_04.jpg)
In this continuing five-article series, I share insights and discoveries concerning website security and protecting against malicious attacks. In this fourth article, I build upon previous ideas and techniques by improving the directives contained in the original 2G Blacklist. Subsequent articles will focus on key blacklist strategies designed to protect your site transparently, effectively, and efficiently. At the conclusion of the series, the five articles will culminate in the release of the next generation 3G Blacklist. Continue reading »
![[ 3G Stormtroopers (Deep Purple) ]](https://perishablepress.com/wp/wp-content/images/2008/blacklist-3g/blacklist-series_03.jpg)
In this continuing five-article series, I share insights and discoveries concerning website security and protecting against malicious attacks. In this third article, I discuss targeted, user-agent blacklisting and present an alternate approach to preventing site access for the most prevalent and malicious user agents. Subsequent articles will focus on key blacklist strategies designed to protect your site transparently, effectively, and efficiently. At the conclusion of the series, the five articles will culminate in the release of the next generation 3G […] Continue reading »
![[ 3G Stormtroopers (Green Machine) ]](https://perishablepress.com/wp/wp-content/images/2008/blacklist-3g/blacklist-series_02.jpg)
In this continuing five-article series, I share insights and discoveries concerning website security and protecting against malicious attacks. In this second article, I present an incredibly powerful method for eliminating malicious query string exploits. Subsequent articles will focus on key blacklist strategies designed to protect your site transparently, effectively, and efficiently. At the conclusion of the series, the five articles will culminate in the release of the next generation 3G Blacklist. Improving Security by Preventing Query String Exploits A vast […] Continue reading »
![[ 3G Stormtroopers (Blue Dream) ]](https://perishablepress.com/wp/wp-content/images/2008/blacklist-3g/blacklist-series_01.jpg)
In this series of five articles, I share insights and discoveries concerning website security and protecting against malicious attacks. In this first article of the series, I examine the process of identifying attack trends and using them to immunize against future attacks. Subsequent articles will focus on key blacklist strategies designed to protect your site transparently, effectively, and efficiently. At the conclusion of the series, the five articles will culminate in the release of the next generation 3G Blacklist. Improving […] Continue reading »
