Email Harvesters

Good Sign I missed the story about brothers convicted of harvesting emails the first time. Well, I noticed a followup.

Back around 2001, the CIO received complaints about performance for the web server. So, I went log trolling to see what the web server was doing. A single IP dominated the HTTP requests. This one IP passed various last names into the email directory. Some quick research revealed Apache could block requests from that IP. That calmed things down enough for me to identify the owner of the IP. The CIO then bullied the ISP to provide contact information for the company involved.

Previous little adventures like this landed me a permanent job, so I jumped at similar challenges.

Well, a few years later, it happened again. This time my boss had made me develop a script for the dissemination of the anti-virus software package to home users. Basically, it used email authentication for verification if someone could get the download link. So, I applied the same technique to the email directory. Well, this upset some people who legitimately needed email addresses. So the human workers would provide email addresses to people with a legitimate need.

I’m glad since I’ve left, VSU no longer looks up email addresses for people. (I thought some of the requests questionable.) Also, my little email authentication script was before LDAP was available to the university. I think the new solution much better.

One the more vocal complainers about my having stopped non-VSU access to the email directory was my current employer. We apparently list email addresses for employees freely. Which makes me wonder how much spam we get is due to the brothers described at the beginning of this story? Or other email harvesters? Just hitting the send button potentially exposes the email address.

No worries. I’m sure Glenn is protecting me. 🙂

Tale of Defeating the Crazy Woman

Babies are fascinated by me. When the two of us are in a room, they often find me the most interesting thing in the room. Usually, it is mutual.

So, a mutual friend of a friend, Mojan has a fantastic blog. The past year or so has been about being pregnant and most recently figuring out how to be a parent for the first time. Well, a crazy woman set up a ‘blog” which hotlinks images from Mojan’s blog and falsely represents the child in the photos. Ick. I offered to help with this identity theft issue.

Once upon a time, I was annoyed with people taking images from my last employer’s web site. Since I was the campus web designer, I created an image which said, “All your image are belong to VSU.” Also, as the web server administrator, I figured out how to defeat hotlinking with .htaccess by using mod_rewrite to give them my annoyance rather than their content. For the next couple days I watched the perpetrators try and figure out what was wrong. The hate mail I got was fantastic! I recommended Mojan do the same. When she agreed, I went researching to do what I did once upon a time. This is the .htaccess file I recommended she try.

# Basics
Options +FollowSymlinks
RewriteEngine On

# Condition is true for any host other yours
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mojansami\.com/ [nc]

# What to change gif, jpg, png to which target. In this case does not exist.
RewriteRule .*\.(gif|jpg|png)$ http://mojansami.com/images/stolenpic.jpg [nc]

My directions were not all that specific. So the next thing I know, her site is sporting an Internal Server Error. *headdesk* She used Dreamweaver to create the .htaccess file and upload it to her site. She reported the file she uploaded disappeared. Eventually, it did occur to me to look for the error.log and see what it said. The log complained about DOCTYPE in the .htaccess file in the home directory. A file which did not show in the FTP listing. So, replacing the bad .htaccess file with a blank one fixed the Internal Server Error.

The .htaccess file in the right place, of course, resolved the issue with the crazy woman hotlinking.

Nothing can fix the pain of another person committing identity theft against you or your loved ones. I really hope Mojan doesn’t become discouraged and abandon blogging entirely. Between moderation and authentication she might find a better balance.

Do you have any stories of online identity theft?

A Well Dressed, Smokin’, and Woodsy Team

The Valdosta State Blazers have another shot at the Football Division II National Championship. This is an impressive feat for new coach David Dean who replaced Chris Hatcher. Chris defected to Georgia Southern to coach I-AA. I hope they win. I’ll be watching the game at home.

Game is at noon on ESPN2. Or drive fast to Florence, AL.
🙂

RE 2007: Birds of a Feather: Luminis

Kathy Kral, University of West Georgia

  • Luminis IV CPIP connector: Clayton, Augusta, West GA.
  • Issues with IMS when allowing IMAP from outside the Luminis application? VSU no issues with IMAP and POP allowed outside. Augusta initially restricted but opened up access without advertisement. Mention on one of email lists Blackberries fail to do a close with connection resulting in stale sessions accumulating.
  • Mailbox sizes: West GA 10MB, Augusta 40MB for students and 125MB for faculty, Valdosta 250MB.
  • Makarand Kulkarani, Sungard – Created a replacement so mailbox is Gmail. This is a professional service engagement. Engagements start at 90 hours with unused hours un-billed. When GCF connectors are built Training similar, typically 48 hours.
  • Name changes are a pita.

Jesse Lyman built a Luminis to Vista 4 single-sign on connector to handle multiple institutions.

Connotations of a Pronoun

Ezra Freelove, Information Technology

“When she saw that the web address was wrong on letterhead, she helped us correct the problem. Thank you, Ezra!
Valdosta State University I Caught You Caring

I do recall an occasion while at VSU in which I noticed a memo telling people to go to an address using “www.” when the host didn’t support that as an alias of the host. So I contacted the DNS folks and got new aliases so it would work.

Why she? It suggests whomever wrote this knows very little about me.

Viruses, worms pose threat

Here is an article on computer viruses for which I was interviewed for the Spectator, the university student news paper.

Lindsey Giddens
Staff Writer

Nathan Justin / The Spectator — Ezra Freelove, assistant webmaster for Microcomputing and Network Services, explains viruses

Viruses are running rampant and are extremely contagious. But these viruses don’t attack your immune system–they attack your hard drive.

The term virus is used to describe viruses, worms and trojans. Viruses programs designed to use your computer to attack others can be malicious if they show up on your computer. Viruses that have been found locally have been NIMDA, SIRCAM, MAGISTR and ETHAN, a virus that affects Word files.

Usually these viruses are picked up through e-mails, downloads, infected floppy disks and hacking. They can cause minor problems such as a few system glitches or can be harmful enough to reformat your hard drive, overwrite the hard drive boot sector, delete files or render computers inoperable.

According to Ezra Freelove, assistant webmaster for Microcomputing and Network Services, viruses have not been a major problem for VSU.

All of the approximately 2600 computers on campus have Officescan software installed.

“It scans the file and looks for patterns Trend has provided,” Freelove said. “It tries to clean the file, but if it is not cleanable, it quarantines the file or deletes it.”

Officescan is regularly updated on computers around campus. “Usually when a new virus is found, within six to seven hours, anti-virus software is available for it,” Freelove said. “The only situation (that might pose a problem for students using on-campus computers) is when a virus is so brand new that the anti-virus software hasn’t been released to counter it.”

According to Freelove, it is uncommon for viruses to spread so quickly that they don’t have an anti-viruse soon enough to counter it.

“Over the past year, there have only been about four that have spread that fast, NIMDA being one of them,” Freelove said.

Microcomputing and Network Services take care of all the computers on campus. Students who have viruses but live off-campus can call the Help desk at 245-4357. A help desk technician will walk the student through what to do to get rid of the virus.

The most important thing to do to ward off viruses is to make sure you have anti-virus software on you computer.

“Most computers come with Norton Anti-Virus already installed, but it’s usually a 30 day trial, and no one keeps it updated,” Freelove said. “You need to make sure you register it and keep it updated.”

Also, for those who do not have anti-virus software, Information Technology offers PC-Cillin to VSU staff, faculty and students. Visit http://www.valdosta.edu/antivirus/pccillin/ and enter your GRITS account and password. For more information on viruses, what’s out there and how to avoid or get rid of them, contact the help desk 245-4357, on the web at http://www.valdosta.edu/antivirus/index.shtml or email at antivirus@valdosta.edu.