Dear Google,
This is only a test and example of an issue discovered while monitoring SideWiki Comments.
If a MalFormed URL is typed a sidewiki comment can be made on the side of the page.
Many custom 404 pages will need to have special monitoring due to the number of possible malformed pages.
This could be endless.
Suggestion would be to disallow Error Pages from comments.
Just my suggestion:
To read more about my testings you can visit my forums at :
http://www.xtremecomputer.com/
Sincerely,
Murray
XtremeComputer.Com
Electronics Technician
Developer and Programmer
Tuesday, November 03, 2009
Can Under the Radar Posts have Security Issues?
TeamViewer Session Hijacking (FireWall Info)
Helpful information about "http://www.xtremecomputer.
If you are a TeamViewer user or a business that uses TeamViewer to remotely connect to computers online you should read this and follow a few simple checks to make sure what happened to me doesn't happen to you.
TeamViewer Server seems to have been hacked and the hackers are picking up on the Session ID's.
In my Case it was 2 outside connections during my TeamViewer Session with a friend.
Both attempted to access my computer and my friends computer.
Because I was running an old version of TinySoftware I noticed the connection attempt and noted who and where it was. On the remote system it was only running Sunbelt Personal Firewall which allows TeamViewer to pass without even a challenge.
If I didn't see it for myself I might not have believed it but this is what the person did while I was watching.
They moved the remote mouse to minimize the screens to display the TeamViewer information. They highlighted the Session ID and with a Right Click I saw them Copy the session ID. (It was interesting that they didn't use key commands. )
Next I pulled up Notepad and typed "WHO ARE YOU?"
They minimized it and went to the machine name.
I restarted the remote computer before they could continue.
This experience had me up in arms and deleted the TeamViewer from all my systems and emailed my friend to remove it.
The weak link is their own server which has to be the way they knew about the connected computers.
Good luck if you still use it. I would recommend getting a firewall that blocks TeamViewer that allows you to select a single IP address. With that you can control just how many others connect during your session. But unless both computers have the same firewall strength one of you might not be safe.
Monday, November 02, 2009
Google Toolbar Update from 6. to 6.3
Helpful information about "Track SideWiki Comments by UserAgent".
If you removed the Google Toolbar UserAgent entry GTB6 before you might want to take a look at where the update is located so you can remove that entry as well.
This is mostly for webmasters that are using the code to track sidewiki comments by UserAgent. This way you don't send yourself a few hundred emails.
Still I'm not sure why you would track anything by UserAgent but for those that haven't read other forum posts at XtremeComputer.Com that might be the only method of checking for SideWiki Comments.
Here's the link:
http://www.xtremecomputer.com/
Subscribe to:
Posts (Atom)