The first thing we need to understand is what is being attacked; as the post subject implies, it is primarily Joomla being attacked as the software has had a series of 9 vulnerabilities released since the 1st of September of which a number of more in depth attacks have formed around. The intended purpose of most of these attacks is to taint web sites with injected javascript, that code takes advantage of a number of client side browser vulnerabilities that if not patched or stopped by an antivirus can cause further issues for web site visitors.

Now, at a glance you might be thinking that if someone fails to patch web site software then it is there own problem, how does this affect me? That is where the dl() function comes into play, the dl() function is essentially a dynamic loader for php modules or 3rd party extensions. To simplify this a bit, the dl() function when enabled allows anyone to add extensible features onto php, generally these are all well to do features but if someone so desires they can create a dynamic loader module with malicious intent.

The scenario we are looking at is that attackers have gained entry to vulnerable web sites, primarily through joomla then they upload a series of malicious scripts including a dynamic loadable module for php that once enabled through dl() has the ability to inject javascript code into pages. The code usually finds itself placed before the body tags and executes its payload on a visitors first visit to a site, a cookie is then set that expires every 2hours then the payload executes itself again on a new visit.

This attack though had far reaching implications, only affected 4 servers on our network (denver, dantooine, alderaan, chewbacca) of which only about half the sites on the given servers or in some cases less were being tainted by the attack. As alarming as this situation is, we need to stress that no content was actually modified on sites except the joomla sites themselves that were compromised.

The way we have come to deal with this situation is a layered approach, we have first and foremost made increased efforts to identify compromised sites on our servers and suspend/remove them. The next step was to cut off the enabling function of the attack, which is the dl() function. This function was actually something we used to disable on servers for its malicious implications but over time that procedure was phased out in the interest of allowing users to install custom dynamic loadable modules from their home directories such as ioncube. However, now that ioncube is standard server-wide on all servers, there is little in the way of other commonly installed packages that depend on dl(), php.net has even went as far as to declare dl() deprecated as of php 5.3.

With dl() disabled on servers, the effects were immediate and all reports of tainted sites stopped, now when I say stopped I do not just mean that that lightly. We literally sat around all evening bashing the f5 key on our keyboards trying to get the javacode injections to reappear on sites, between myself, Bill and Dick we must have done over 6 hours of combined keyboard kungfu in this effort. It was with great relief that we were not seeing anymore reports or issues ourselves first hand but it was still not quite enough to actually be confident that we had done enough.

We are continuing to be extra vigilant with compromise assessment on the servers to prevent any further malicious content from being injected into sites, in addition to this we have on some servers started to use suPHP as a basis for new php security standards. Essentially, by using suPHP we enforce php code to run as the user who executed it instead of as the web server but it goes beyond that by enforcing strict permissions on content and not allowing anything to run above mode 755 (such as world writable data) and also making sure that executed content is owned by the user. This might seem problematic however since the code is now executing as the user, there is no longer a need for data to be set to mode 777 (world writable) or its ownership set as the web server user, which reduces support issues and vastly increases security. The suPHP changes are something we have only rolled out to about 6 servers so far but the support issues it has generated are minimal for the advantages it provides, in the future we will be looking to roll this change out to more servers on a slow but steady basis.

That is where we are at, if you have any questions or concerns regarding this blog or the topics discussed please feel free to comment or head to the TCH forums for further dialog.

Update: Authorize.net is now back online. You will be able to make payments. We will update you if this or any other changes arise.

At this time we do not have a estimated time for when normal network conditions will return.

We will keep this site updated as this unplanned outage moves along.

We are very sorry for this issue and are working to correct the networking issues as quickly as possible.

Thank you for your understanding during this outage.

TotalChoice Hosting

April 24, 2009 4:24 PM
All services have now been returned to normal. We had a core router crash due to a failed supervisor card, however it did not switch over smoothly. The router was brought back online, switched to the backup supervisor card, and then a replacement card was installed.

We apologize for the inconvenience and thank you for your patience.

As a Team Mom/Mother of three little leaguers and an avid Astros’ fan, I know this gnawing urge for a WIN all to well. I have seen the hurt of defeat in a child’s eyes and the smile of victory on their faces. I’ve watched as they have picked themselves up out of the dust just as the Umpire shouts out “Safe”. I’ve followed the ball as it flew into outfield and fell perfectly into the Left fielders glove, when they were only inches away from second base. They have learned to overcome the losses and bask in the glory of the game that is Baseball.

When they are not on the field themselves, we are perched in the stands of  Minute Maid Park, the home of Houston Astros’. We are a loyal Astros’ family, and attend as many games as we can. Each year we spend Mother’s and Father’s day with these guys. Today, April 6, 2009, is Opening Day of the 2009 Series. The Astros’ will go head to head with The Chicago Cubs.

Roy Oswalt, who has been with the Astros’ since 2001, will be pitching the opening game. This year’s 40 man roster will consist of new and old faces of the organization. Lance Berkman and Hunter Pence, my favorites, will be with us once again and are currently part of the active roster. We are all looking forward to another exciting season.

So whether it be a Little League field or Minute Maid Park, as they say “Let me root, root, root for the home team”.

PLAY BALL!!!

I personally think it is a conspiracy between my wife and my doctor to torture me, although they claimed to only be concerned with my health. Despite my paranoia,  I decided they had a legitimate point and sadly drank my last Dew a few weeks ago.

Well it only took a couple a of days before the crankiness set in and the throbbing pain of what my doctor so lovingly called “caffeine withdrawal headaches”. Caffeine headaches? Really? The paranoid side of me started to wonder what they really put in Mountain Dew? I shook off that crazy thought and eventually came to my senses, put away my tinfoil hat, and begin to look for an alternative fix.

As I frantically rummaged through the kitchen, I came across an old dusty coffee pot hidden in the back of the pantry.  Eureka, a source of caffeine with no sugar, I can’t possible go wrong here!  I never have been a big coffee drinker but that was about to change!  Since we only break out the coffee pot for company, it took a bit more rummaging before I was able to find what I needed.  One stale can of coffee-it will have to do for now, paper filters, and one coffee cup from the “good dishes” I am not allowed to use. I never understood why we needed a set of “good dishes” just for company, but I digress.

Intent on curing my headache with as much caffeine as possible, I quickly begin the task of setting up the coffee pot. Within a few minutes the kitchen was filled with the smell of fresh brewed coffee. Stale coffee or not, the aroma was overwhelmingly intoxicating, which only intensified my craving. While it only took a few minutes to brew-it felt like an eternity- with every drip of the coffee pot slowly torturing me. I wonder what Attorney General Eric Holder would have to say about that?

The coffee pot then began to gurgle as if it was dying, signaling me that I could finally have a hot cup of caffeine coffee. It wasn’t the greatest cup of coffee, it was very bitter tasting but it was serving its purpose and it didn’t take long for the effects of the caffeine to kick in. As started on my second cup,  I could feel my heart rate increase and the throbbing in my head begin to fade away. I had soon emptied the entire pot(8 cups)and happily found the way to my office.

I am sure all that coffee was not good for me, but I was feeling so much better that it didn’t really matter. It also made for a very productive day-I think-as I bounced off the office walls from my caffeine high. I was now talking nonstop as I was fielding the phone calls that seemed to come in one after another. I do apologize to the brave souls that called me that day, you must have thought I was crazy and I  hope you can forgive me for rambling on. I can’t say that I didn’t enjoy this day and the energetic feeling the coffee provided, but I knew it was going to wear off soon-resulting in that typical caffeine crash.

This all occurred about 6 weeks ago and I am still starting my day with a pot of coffee and  just a bit more self control.  It doesn’t seem very wise to replace one vice with another, so I have been considering cutting back on the coffee too.  Although, I doubt that will happen any time soon.  Some would say I just have an addictive nature but I prefer to think that if you enjoy something-then enjoy it as often as you can.

I need a refill…

One of the great benefits of hosting with TotalChoice Hosting, is being a true part of our family.  I can not express how many times a confused client has approached me inquiring about an account upgrade.  Just recently I have been helping a client with a large amount of shared hosting sites make some choices on how to upgrade.

Mike Ford, owner of newyorkmustangs.com , has been a happy TCH client for over 5 years.  During this time Mike has grown from one shared hosting account to over ten shared accounts.  Each time adding a new account with a smile. Mike was ready to order his 11th account, however this time, he approached TCH asking about his options.

TotalChoice offers many upgrade options.  I explained to Mike that moving into a reseller account would be the next logical step.  This would allow Mike to host unlimited domains within the allotted disk and bandwidth space.  I explained that a reseller account was still on a shared server. However, Mike really wanted to have full control.  He wanted to add as many domains to his account as humanly possible.  I explained to Mike, that a fully managed dedicated server was the way to go.

After a few days of back and forth questions, Mike looked around and shopped the competitors.  In the end, Mike choose to host his new dedicated server at TotalChoice Hosting.

Thank you Mike! I know you will be pleased with your new server!

Check out Mike Ford’s website at

http://www.newyorkmustangs.com

Happy Hosting!

Causes of recessions

Currency crises
Energy crisis
War
Underconsumption
Overproduction
Financial crisis

A currency crisis, which is also called a balance-of-payments crisis, occurs when the value of a currency changes quickly, undermining its ability to serve as a medium of exchange or a store of value. It is a type of financial crisis and is often associated with a real economic crisis.

An energy crisis is any great bottleneck (or price rise) in the supply of energy resources to an economy. It usually refers to the shortage of oil and additionally to electricity or other natural resources. An energy crisis may be referred to as an oil crisis, petroleum crisis, energy shortage, electricity shortage or electricity crisis.

In underconsumption theory, recessions and stagnation arise due to inadequate consumer demand relative to the amount produced.

Overproduction is the accumulation of unsalable inventories in the hands of businesses. Overproduction is a relative measure, referring to the excess of production over consumption. The tendency for an overproduction of commodities to lead to economic collapse is specific to the capitalist economy.

Effects of recessions

Bankruptcies
Credit crunches
Deflation (or disinflation)
Foreclosures
Unemployment

Bankruptcy is a legally declared inability or impairment of ability of an individual or organization to pay its creditors. Creditors may file a bankruptcy petition against a debtor (“involuntary bankruptcy”) in an effort to recoup a portion of what they are owed or initiate a restructuring.

A credit crunch is a reduction in the general availability of loans (or credit) or a sudden tightening of the conditions required to obtain a loan from the banks. A credit crunch generally involves a reduction in the availability of credit independent of a rise in official interest rates.

In economics, deflation is a persistent decrease in the general price level of goods and services.[1] Deflation occurs when the inflation rate falls below zero percent.

Foreclosure is the legal and professional proceeding in which a mortgagee, or other lien holder, usually a lender, obtains a court ordered termination of a mortgagor’s equitable right of redemption.

Unemployment occurs when a person is available to work and currently seeking work, but the person is without work.  The prevalence of unemployment is usually measured using the unemployment rate, which is defined as the percentage of those in the labor force who are unemployed

Lets all just hope that we can pull out of this mess and get back to producing the best products and labor in the world.

My fixation with baking began in third grade. I came home from school to find the Fairy tale world of Hansel and Gretel in the form of a cake. This was my birthday cake. It had a graham cracker house held together with icing and candy cane posts. The roof was covered with candy and a gumdrop chimney. There were licorice lined windows and a brown sugar path leading to the house. This was the greatest thing my nine year old eyes had ever seen. I knew then that one day I would make my own sweet creations.

I learned all I could from my mother and family members that were willing to put up with me. I continued to bake as I grew older. I helped my mother make cakes, pies, cookies and candies. But my passion lies in cakes. There is no limit to what you can do with a simple cake recipe and a few extra ingredients. I think of a cake as my canvas and icing my paint. I am no “Ace of Cakes”, but I enjoy the building and creativity of making a cake. I have made cakes for baby showers, weddings, anniversaries, retirement, birthdays and other occasions. It is an unexplainable feeling to know that you have contributed to someone’s special day.

I recently made a cake for my Daughter’s softball opening day. I made a baseball diamond in the center of the cake. I then placed four Marzipan cover Styrofoam balls on each corner. These were made to resemble softballs. Each girls name was written on the cake. The cakes were auctioned off to help the league with regular maintenance of the field. I was so excited when my cake went for $175.00. The team was overly excited when the gentleman who purchased the cake returned it to them. We were all able to enjoy the cake.

My son’s birthday was this last weekend and of course, I had to pull out the cake pan.  He loves John Deere tractors. I was able to find a small John Deere toy tractor to build a cake around. I air brushed the grass on the cake and placed a fence and trees on this area. The rest of the cake was covered with brown sugar and combed to resemble plowed field. The tractor was placed in the field.

I recently discovered a Firefox Add-on called FoxTab, and I love it! Therefore, I decided to share this with you. As some of you might not know about it yet. The latest version just recently updated on February 8, 2009, but it first surfaced back in September. With the raving customer reviews and over 700,000 total downloads, FoxTab is really catching on with the Firefox installed user base.

Because I use FireFox as my default browser, I find this add-on to be the coolest one yet, and much helpful while working with multiple open tabs. It is a breeze to install and get started with. Once you hit install and restart the browser a FoxTab icon appears in the browser toolbar, between the home button and the URL line. A user can select and deselect open tabs, by using a mouse or a keyboard arrows keys.

There is also an alternative to Alt-Tab shortcut, for a quick tab switch between all open tabs. This is where a user has an advantage of selecting a desirable tab at first try, due to a full display of all open tabs.

There is also an option to Filter your open tabs, by clicking on a “folder” icon on the bottom left and then selecting a group of tabs from a common domain.

For example, if I have 10 tabs open and 3 of them are TCH site, TCH blog and TCH forums, buy selecting the TCH group, FoxTab will isolate those 3 out of all 10.

The FoxTab display size is also adjustable to a users preference, and it has 5 different layout options to choose from. If it is something that user does not wish to have it is easily to uninstall.

I think all these futures make the FoxTab a great Add-on for any FireFox user, allowing them to browse with a breeze. Try it out.

https://addons.mozilla.org/en-US/firefox/addon/8879

Happy Surfing!

Collection has been ongoing for about 2 years now.

If you would like to add to our collection, please feel free to mail us your penguin.