Tag security settings

WordPress Brute Force Attack Underway

One of the largest distributed brute force attacks on WordPress installations ever seen is currently going on, as reported by Mark Maunder of Wordfence Security on his blog. You can read the full post here. The attempts at hacking are running 30 times more frequently than average.

A brute force attack is when an attacker tries many times to guess your username password combination by repeatedly sending login attempts. A distributed brute force attack is when an attacker uses a large number of machines spread around the internet to do this in order to circumvent any blocking mechanisms you have in place.

If you have a WordPress-based site, I highly recommend that you pay close attention to it until these brute force attempts have waned.  If you suspect that you’ve been hacked, and need help recovering, you can always contact us here at Diamond Mind Web Design.

Facebook, Privacy, and You! (Part 2)

Today we will focus on the Facebook security setting that deals with Active Sessions.  Each time you log in to Facebook, a “session” is started, and certain information is recorded: date, time, approximate location, and device being used to log in. Note that the word “approximate” could really be replaced with “best guess at” for reasons we’ll discuss below. Now, unless you physically log OUT of a session, it will remain open for quite some time.  And each device that you use (phone, tablet, computer) will result in a new session being started, again for reasons we’ll discuss in a moment.

So… it’s quite possible for any one Facebook user to have several, even dozens, of sessions open at the same time.  Don’t believe it?  Why not check your account right now? Simply click the little drop-down arrow in the upper right corner of your (computer) screen, then click “Account Settings”.

Next, click “Security” on the left hand side of the next screen. The last setting will be Active Sessions, and will show where you are currently logged in, as well as the number of other active sessions currently associated with your account.

Click the Edit button to the right, and voila!  There are all your Active Sessions, displayed for your enlightenment.  Surprised?  I was, the first time I looked, particularly when one of my locations was Joplin, and another Tulsa, OK.  So, how do we account for all of these sessions?

When you sign in to Facebook, a small text file called a “cookie” is placed in your browser’s cache by Facebook’s software. Each physical device you use receives its own cookie. This cookie identifies you to Facebook, and remains until you log out, at which time the software automatically deletes it.  Guess what happens when you close your browser without logging out? The cookie stays. And stays. A little checking shows that the cookie will not expire by itself for TWO years.  For the tech-oriented, even clearing your browser cache (and thus deleting the cookie from your system) will not close a session.  In fact, there are only two ways that you can close an active session.

The first, obviously, is by logging out of Facebook each time you open it, from each device that you use.  Not just closing your browser or app, but actually clicking or tapping the words “Log Out”. Of course, logging out means you’ll have to log back in every time you need to use Facebook, and who wants to do that? To be truly security-conscious, you should, especially if you have logged in from a public location via wi-fi.  But there is another, easier way — simply do as we have already done to pull up your Active Sessions, then click “End Activity” next to each session.

This method is actually more secure than simply logging out, as it allows you to monitor your log-in locations as well, and identify anything that looks suspicious.  As we’ve discussed (and will do further shortly), location accuracy can be hit-and-miss, but if you notice a session that says your location is Papua, New Guinea, or something equally ridiculous, you can safely assume that your account has been hacked. End that session, and immediately change your Facebook password.

Now, a friend of mine who lives in NYC recently updated her status, and Facebook displayed her location as New Brunswick, CAN — roughly 600 miles away as the crow, or Canada goose, flies. Not very accurate, true, but probably not an indication of a hacked account. So, how did that happen?  Facebook approximates location through your device’s IP address (a unique set of numbers that identifies each device attached to a network), and, as it happens, there are many factors that can affect your IP.

Let’s start with the obvious: mobile.  When you log in to Facebook from your smartphone (over your cell network, not wi-fi), your signal is picked up by the closest tower, and, depending on cell traffic at the time, could be routed through several other towers until it is officially logged. Which means your location could be pegged incorrectly by a wide margin.  Example:  My cell phone, on the desk next to me, currently shows as logged in to Facebook from Olathe, KS!

Next, consider wi-fi.  Of course, if you’re logging in from a restaurant halfway across town, the session that results should still show the same city name, right? Not necessarily.  Think about this — if the restaurant is part of a chain, and the chain franchise controls all of its network traffic by routing T-1 lines (big data pipes) from a central location… then your log-in at Panera in Springfield could show you as being in St. Louis!  That’s just an example for illustration purposes — I have no idea if Panera’s data goes through StL. 🙂

Okay, but what about the good old PC sitting at my house, connected to my cable company’s network — that will always be accurate, right? Not so fast! My own IP address changes two or three times a year, solely due to network updates by my Internet access provider. And oftentimes when such changes occur, the location assigned to a particular IP isn’t updated in the system right away, and could reflect another locale altogether, even one that is hundreds of miles away! I would guess that is the likely cause for the sudden displacement of my New York friend.

If you’re curious, you can mouse-over each location in your Active Sessions list to see what the IP address is for each.  And yes, you should monitor your sessions on a routine basis, and end those that are not actually being actively used. Remember to always log out of Facebook (or any other app, for that matter) if you have logged in from a public wi-fi location.  If you see anything that you feel isn’t right, change your Facebook password — it’s always better to be safe than sorry (and you should change it regularly, anyway).

That’s it for this post!  Sorry for the incredible length, and thank you if you have read this far.  We’ll return next time with another post that’s more concerned with privacy than security.  (And a new look for the blog!) In the meantime, Happy Thanksgiving from Diamond Mind Web Design!

Facebook, Privacy, And You! (Part 1)

Control Your Facebook PrivacyOdds are, you have a Facebook page, or if you don’t, someone in your immediate family does.  After all, more than 150 MILLION Americans use the site (as of June 2012), and in October, Facebook topped the 1 BILLION mark worldwide. That’s a lot of people, which also means a LOT of information being shared, in large part unintentionally public.

Did you know that, according to a recent Huffington Post online poll, over 25% of Facebook users don’t know how to change, or even view, their privacy settings?  Nearly another 10% almost never look at, or make any changes to, their settings.  That means 1 in 3 of us have little or no control over how the information we post to Facebook is shared, or seen by others.

Tomorrow, we will be starting the first in a series of posts designed to help you take charge of how you share your information on Facebook. For the most part we will be covering Facebook’s privacy settings, though we will also touch base on some security settings as well.  We’ll be using screenshots whenever applicable, and will try not to force our readers to hold a PhD in computer lingo just to understand what’s going on!

One important caveat: The information in these posts is good today. Due to the frequency with which Facebook updates their operating system, we cannot guarantee that it will be good a month from now, or even tomorrow!  It is up to you, once you have become familiar with how privacy settings work through these posts, to assume the responsibility of reviewing them on a fairly frequent basis.

Facebook’s creed is “More sharing!” so it’s very unlikely that any changes they make will work to add more protection to your privacy, despite what they might publicly state.  Never the less, Facebook is still a valuable means to connect with friends past and present, and a useful tool for business as well.  Like any tool, it is safest when used correctly. So, stay tuned!  Tomorrow’s post will be on Active Sessions, or, why your status update shows you are in Tulsa when you’re really in Springfield!