Archive for March, 2007

Windows Time Zone Problems – Manual Patch Needed for Win2000 Machines

Posted on the March 15th, 2007 under Editorial by

For the past week we’ve had this strange situation where all of the XP and Vista machines kept jumping ahead by an hour. Our domain controllers for our Windows network were correct along with any older OS’es we had in the office but the XP machines and Vista machines…they just couldn’t seem to get it straight.

This turns out to be one of those times where we had it backwards. The XP and Vista machines were correct…sort of. Since Bush decided to change the Daylight Savings Time date, the information stored in the OS for when DST started was incorrect. Patches were released for XP and 2003 machines and I assume that Vista had the correct information built in already and therefore didn’t need patching. What didn’t happen, was Microsoft didn’t patch W2K, which is what our domain controllers happen to be running.

Google Earth and gCensus – Geocoding on Steroids

Posted on the March 15th, 2007 under Editorial by

I’ve played with geocoding tools and software at various times in the past for different projects. I remember an enormous amount of effort going into writing data processing routines and pretty much every detail being more involved than I originally anticipated…yeah, yeah, I know. That’s software development right?

The Experiment – Part 2 – Honeypot Statistics

Posted on the March 11th, 2007 under Editorial by

A couple of months ago, I started an experiment with honeypots. The goal was not to trap or track hackers but to gather statistics for newbies. The first step involved setting up the site and getting it listed in the search engines. That turned out to be no easy task since the best search engines actually require you to have real content on your site before you get listed in any significant way. After accomplishing this, my honeypot is now gathering statistics that are starting to be interesting. I’m still gathering these and determining a useful and interesting way of reporting them, but here is an initial dump of the keywords used to find the various honeypots i’ve set up. More to come…

Keywords % Hits
inurl passlist.txt 20.50%
powered by phpfm filetype php -username 17.60%
filetype php haxplorer server files browser 11.70%
passlist ext txt 8.80%
inurl passlist.txt filetype txt 5.80%
inurl passwd.txt 5.80%
passlist.txt 2.90%
inurl passwd filetype txt 2.90%
inurl passlist filetype txt 2.90%
ext blt screenname 2.90%
phpshell by macker 2.90%
enter ip inurl php-ping.php 2.90%
inurl accounts filetype sql 2.90%
inurl passlist.txt -hack 2.90%
phpfm 0.2.3 2.90%
inurl passlist.txt | inurl passwd.txt filetype txt 2.90%

Tracfone and SMS Email Gateway

Posted on the March 4th, 2007 under Editorial by

It took a little doing…this is not a normal topic I would post here, but the information seems so useful that I decided to go ahead. I’m not a cell phone user. In fact, I don’t really like them…if i’m at my desk or at home and my phone rings, i’ll answer it. If i’m at a movie, out to dinner or some other family outing, i don’t really want people to be able to call me. I know that i’m not the majority. Regardless, there are different technical notifications such as website service outages, etc that I would benefit greatly from getting a notification to my cell phone. For this reason, I purchased a Tracfone with 2 years of activation in advance so that I don’t pay monthly bills, no “use it or lose it” minutes, no reactivation fees, etc.

Some of you might say “I told you…” ut it turns out, the email gateway was not so straightforward…I simply wanted to send myself text messages using the ##########@messaging.tracefone.com or something similar.

You see, Tracfone outsources it network to other national providers. I don’t know the details and after some research, I found a complicated method to determine which provider and thereby which email gateway to use. After following the steps, i determined that that I was on Metro PCS. This was incorrect information. Evidently the database that was used was out of date or maybe never up to date in the first place. It just didn’t work…

But, by this time I had all the formats for the major providers and it occurred to me that there was an easier way. Ready…? Wait for it…

1) send an email to the following addresses:

3215551234@vmobl.com
3215551234@mmode.com
3215551234@tmomail.net
3215551234@myboostmobile.com
3215551234@messaging.sprintpcs.com
3215551234@messaging.nextel.com
3215551234@mymetropcs.com
3215551234@cingularme.com
3215551234@message.alltel.com
3215551234@questmp.com

Note: of course, the above telephone number is not a valid #

2) wait for a message on your Tracfone and when you receive it, send a reply. When you get the reply at the email address you sent the original message to…you know your provider and your email format!

Yes, I know…it seems obvious to me now, but it wasn’t at all obvious before I did it…I spent maybe 2 hours (15 minutes here, 10 minutes there) trying to figure this out on the assumption that it had to be there.

Hope this helps someone else! If it does, post a comment and let me know…thanks!