{"id":2726,"date":"2008-03-08T10:29:27","date_gmt":"2008-03-08T17:29:27","guid":{"rendered":"http:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/?p=2726"},"modified":"2008-03-08T18:47:46","modified_gmt":"2008-03-09T01:47:46","slug":"the-wile-e-coyote-school-of-mosquito-extermination-and-why-you-need-to-put-a-condom-on-your-trusting-nature","status":"publish","type":"post","link":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/2726\/the-wile-e-coyote-school-of-mosquito-extermination-and-why-you-need-to-put-a-condom-on-your-trusting-nature\/","title":{"rendered":"The Wile E. Coyote School of Mosquito Extermination — and<\/I> why you need to put a condom on your trusting nature"},"content":{"rendered":"

That headline is lousy for Googlization, but it got your attention, didn’t it?<\/p>\n

First, Russell Shaw unearthed an ugly little bug in WordPress that permits malware mechanics to hi-jack certain features of a weblog. If that sounds vague, you bet it is. I’m not going to tell you what happens, where, or how. It is sufficient to say that the exploit is possible in any currently-running hosted version of WordPress. Why did we get hit? Despite the scare stories in the newspapers, malware is almost-always devoted to some kind of quasi-legitimate commerce. Basically, the bug that bit us was trying to use our hosting and our traffic to conduct its business at our expense.<\/p>\n

Not cool.<\/p>\n

The exploit is recurrent. I can kill any particular instance of it, but since the trapdoor is in WordPress, the only way to keep this little mosquito from coming back is to keep slapping it dead — with the only alternative being to kill WordPress entirely.<\/p>\n

Enter cron, the Unix utility that will run any Unix process on the schedule you set. With luck, this exploit will be fixed in WordPress 2.5, which is due to be released shortly. In the meantime, once a minute we’re swatting that mosquito, leaving not so much as a bloodstain. Most of the time, it’s not there, of course. When it is, it has 59 or fewer seconds to suck our blood before it dies again.<\/p>\n

That much was easy, but I’ve had plenty of time to watch this little critter in action, and in consequence I’ve learned a ton about malware theory, as it were. So once every 15 minutes, cron is running a different job that combs our whole file server looking for suspicious files. And if anything else pops up, I already know how to kill it and keep on killing it.<\/p>\n

All of which leads me to say: I love<\/i> the Apache web-server technology. Where else<\/i> can you drop a ton of Acme DDT onto one little mosquito once a minute — like Wile E. Coyote at his most frenzied — without even breaking a sweat?<\/p>\n

Alright, that’s the first thing. Here’s Read more<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

That headline is lousy for Googlization, but it got your attention, didn’t it? First, Russell Shaw unearthed an ugly little bug in WordPress that permits malware mechanics to hi-jack certain features of a weblog. If that sounds vague, you bet it is. I’m not going to tell you what happens, where, or how. It is […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3,6,5,19],"tags":[],"class_list":{"0":"post-2726","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"hentry","6":"category-blogging","7":"category-marketing","8":"category-real-estate","9":"category-technology","11":"no-featured-image"},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":3009,"url":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/3009\/thats-not-a-bug-its-a-feature\/","url_meta":{"origin":2726,"position":0},"title":"That’s not a bug, it’s a feature…","author":"Richard Riccelli","date":"April 23, 2008","format":false,"excerpt":"A prank? I just thought it an interesting side effect of engenu.","rel":"","context":"In "Real Estate"","block_context":{"text":"Real Estate","link":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/category\/real-estate\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":16318,"url":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/16318\/the-end-times-are-upon-us-docusign-spam\/","url_meta":{"origin":2726,"position":1},"title":"The end-times are upon us: DocuSign spam…","author":"Greg Swann","date":"April 10, 2013","format":false,"excerpt":"From my mail this morning: That's a spoofed email -- no links back to the mothership, and a big, fat executable at the bottom. I'm betting it's WinPoison, so it probably won't hurt my iMac, but I won't be researching that question. But: Be alert. Whether it's spam, malware or\u2026","rel":"","context":"In "Group Therapy"","block_context":{"text":"Group Therapy","link":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/category\/group-therapy\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":875,"url":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/875\/apple-tv-will-present-on-line-videos-in-bug-chunks\/","url_meta":{"origin":2726,"position":2},"title":"Apple TV will present on-line videos in big chunks . . . ?","author":"Greg Swann","date":"January 9, 2007","format":false,"excerpt":"The Unofficial Apple Weblog, live-blogging from Steve Jobs' Macworld keynote address:Apple TV Price $299. I want one. Ships February. Taking orders today. \"Enjoy your media on your big-screen TV.\"Okay... This is Carmen Sandoval from today's episode of Flipper Nation -- blown up to display on the 70-inch Sony Bravia LCD\u2026","rel":"","context":"In "Blogging"","block_context":{"text":"Blogging","link":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/category\/blogging\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":140,"url":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/140\/youve-got-mail-and-egg-on-your-face\/","url_meta":{"origin":2726,"position":3},"title":"“You’ve got mail — and egg on your face”","author":"Greg Swann","date":"July 27, 2006","format":false,"excerpt":"Yet another dumb tool, LeadAlarm, this one cited by the Inman blog. The basic functionality Realtors should already be doing with server-side programming or just with rules from an email client. The \"gee whiz\" voice technology is a bug, not a feature: Voice is a lousy way to deliver data\u2026","rel":"","context":"In "Marketing"","block_context":{"text":"Marketing","link":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/category\/marketing\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2507,"url":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/2507\/what-do-you-do-about-a-3-dollar-foreclosure-you-can-take-it-in-stride-or-you-can-squish-it-like-a-bug\/","url_meta":{"origin":2726,"position":4},"title":"What do you do about a $3 billion dollar foreclosure? You can take it in stride — or you can squish it like a bug","author":"Greg Swann","date":"January 17, 2008","format":false,"excerpt":"Foreclosure is normally not a topic for amusement, but the Las Vegas real estate scene is like a brand new Hasbro game show, Monopoly.TV. The news:The developer of the $3 billion Cosmopolitan Resort & Casino says its lender, Deutsche Bank, filed a notice of foreclosure on the property for a\u2026","rel":"","context":"In "Marketing"","block_context":{"text":"Marketing","link":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/category\/marketing\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":266,"url":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/266\/realtown-thats-not-a-feature-thats-a-cockroach\/","url_meta":{"origin":2726,"position":5},"title":"RealTown: That’s not a feature — that’s a cockroach . . .","author":"Greg Swann","date":"August 30, 2006","format":false,"excerpt":"If a bug is disgusting enough, you're apt to keep grinding at it with your shoe long after it's dead. If InternetCrusade has six legs, then The Real Estate Tomato is wearing waffle-stompers. Today Jim Cronin takes on IC's recent discovery of weblogging, the coolest thing to touch their antennae\u2026","rel":"","context":"In "Blogging"","block_context":{"text":"Blogging","link":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/category\/blogging\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/wp-json\/wp\/v2\/posts\/2726","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/wp-json\/wp\/v2\/comments?post=2726"}],"version-history":[{"count":0,"href":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/wp-json\/wp\/v2\/posts\/2726\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/wp-json\/wp\/v2\/media?parent=2726"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/wp-json\/wp\/v2\/categories?post=2726"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.bloodhoundrealty.com\/BloodhoundBlog\/wp-json\/wp\/v2\/tags?post=2726"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}