Online Security

ipHouse Dot Logo

What’s the deal with DNSChanger Malware?

The FBI will be shutting down the temporary DNS servers that they set up to support Internet users that were compromised with DNSChanger malware. Anyone still using those DNS servers will be unable to resolve host names, which will effectively render them unable to do pretty much anything online until they clean up their infected system.

On November 8th 2011, the FBI, in conjunction with NASA-OIG and Estonian police, arrested several criminals operating under the company name “Rove Digital”. Rove Digital had been distributing DNS changing viruses (TDSS, Alureon, TidServ and TDL4). They then routed victims through their own DNS servers in order to direct traffic to junk ads. They infected around 4 million users, and made a reported $14Million before getting shut down.

With such a large number of compromised users relying on Rove Digital’s DNS servers for their Net access, the FBI decided to temporarily leave the DNS servers up and running to give people time to clean up their infected systems. Because people have been slow about cleaning up their computers, the FBI extended their original March deadline to Monday July 9th.

If you would like to verify that your computer is clean, you can go to for a list of safe sites that you can use to check. Should you find that you have a compromised computer, they have good resources available to help you clean up your system.

ipHouse Dot Logo

Virtual Phobias

Paraskevidekatriaphobia is the fear of Friday the 13th. To mark the date this year, I thought I’d look at some other phobias of the modern computing world.

Fourofourophobia – The fear that the web page you were looking at just yesterday and need again today will not be found.

Keanuphobia – The fear that, if computers and servers can be virtualized, perhaps the whole world has been virtualized and you’re just a digital construct living a digital life. For some people, this is less a phobia and more wishful thinking that they could learn kung-fu with a phone call, if only they knew the right number.

Memephobia – The fear of lolcats, cheezburgers, badgers, zombies, and Rick Astley. Not an altogether irrational phobia, but never gonna give you up, never gonna let you down.

Technonephophobia – The fear that the cloud is actually a cloud in the sky, constantly watching you and tracking your movements from above. It’s not, of course. It’s probably a poor metaphor, anyway.

Txtofobia – The fear that you have, or will, completely lose the ability to spell words normally. Kthxbai.

Virtualiphobia – The fear that your virtualized servers might disappear without a trace, as if they’d never existed. In actuality, our vmForge cluster is extremely reliable and has built-in redundancy. Your servers aren’t going anywhere unless the hardware node fails and High-Availability automatically kicks them over to another node. For even more protection, LogicMonitor provides a calm reassuring voice (with charts) that everything’s fine, and CrashPlan provides scheduled backups of your data.

ipHouse Logo

Apache SSL Clustering with a Basic Load Balancer

Recently I had a bit of a conundrum – I wanted to offer web-based FTP access to my friends who host on my personal cluster but I didn’t want to run a web server on that centralized machine. (disclosure: I have a vmForge VDC from ipHouse so I can rapidly prototype as needed)

Long story short, I decided to use relayd to answer on the outside interface for port 80 on the IP assigned to the file-server, and use phpWebFTP (looks ugly, works well) on my webcluster. I, however, wanted to use SSL for this server, which brought up its own challenge. How do I tell my Apache front-ends to serve up a different cert for this IP address. After some experimentation, I discovered the right process.


Log like a paranoid Lumberjack!

Ok, so maybe I’m a touch paranoid, but I like logging. I also like monitoring, and statistics. I like to know what’s going on, when and how. I don’t mind a little noise, as long as I can quickly assess what’s happening with my servers.

What is a WiFi Controller?

WiFi controller solutions have become pretty popular for Enterprises lately. Some of the benefits of why you would want them are.

  • Centralized management over several to many access-points.
  • Unified access policies.
  • Ease of deployment.
  • Rogue AP scanning for PCI/DSS compliance.
Go to Top