Whispers & Screams
And Other Things

The Latest Referrer Spam - Semalt and Buttons For Website

So, you manage some websites, you're a fan of Google analytics or even just use a local server log analyser to view your site stats. If this is you then you cant fail to have noticed that your sites have been getting visits lately from referrer bots called semalt.com and buttons-for-website.com. There are a couple of good reasons why you shouldn't ignore this traffic. In fact you should block it from your site and if you're using an Apache web server, which most people are these days, then I'll show you how to do it for yourself.

The Semalt and Buttons For Website bots dont seem to be harmful to websites per-se however their effect on SEO should not be ignored. If your website is getting 50 or 100 hits per month from these things it will affect your overall clocked bounce rate since these bots is always bounce. This will make it seem as though visitors to your site are not finding the material they were looking for and, to the search engines, may decrease the perceived quality of your site and thereby effect your ranking.

It should be noted that Semalt is not your typical bot. Analysis shows that the company uses a QtWebKit browser engine to avoid detection. Consequently, Semalt bots can execute JavaScript and hold cookies, thereby enabling them to avoid common bot filtering methods (e.g., asking a bot to parse JavaScript). Because of their ability to execute JavaScript, these bots also appears in Google Analytics reports as being “human” traffic.

Recently, substantial evidence revealed that Semalt isn’t running a regular crawler. Instead, to generate bot traffic, the company appears to be using a botnet that is spread around by a malware, hidden in a utility called Soundfrost.

“Botnets sometimes compromise computers whose security defenses have been breached and control conceded to a third party. Each such compromised device, known as a “bot”, is created when a computer is penetrated by software from amalware (malicious software) distribution. The controller of a botnet is able to direct the activities of these compromised computers” – Wikipedia

Their Botnet involves hundreds or thousands of computers and too many IP addresses to be able to effectively bloc the crawler via IP Exclusion in Analytics. To see a list of IP addresses associated with Semalt go to this page. It will return a long list of (at least hundreds) of IP addresses associated with Semalt.

Blocking these sites like you would other crawlers/spiders in your robots.txt file may not be effective either since compliance with directives in the robots.txt file is voluntary and those who are running something Black Hat certainly do not care about complying with the wishes of others.

Buttons For Website seems to be very similar in function (alleged to be a spambot/botnet) except that it uses a different delivery method. In this case the Buttons For Website site simply offers a handy sharing tool for you to install on your website. However, by installing the supplied code, you are potentially creating a way for a person to hijack (zombify) the web browser of visitors to your site.

According to one article I found javascript hijacking can also be used for nefarious purposes. Even though the article is about using javascript to create a botnet through online ads the same principle should work just as well with a permanent installation like sharing buttons.

“Adding arbitrary JavaScript to ads is easy to do and in the experience of the researchers wasn’t checked very closely by the ad network. To make it more convenient to change the malicious script, rather than placing the script itself in the ad, they put in the script source.” – NetworkWorld

Semalt And Buttons For Website Blocking


Since potentially both Semalt and Buttons For Website traffic is going to be coming from a large number of IP addresses (Semalt from infected computers and Buttons For Website from visitors to infected sites) the option of blocking this traffic by IP exclusion in Analytics would not be effective. An alternative, which is what I have used successfully on all of the WordPRess sites that I manage, is to block traffic from semalt.semalt.com and buttons-for-website.com in the .htacces file of each site.

To do this you have to have access to the files in the root directory on your web host that make up your WordPress, Joomla or Drupal site and be using an Apache system (most hosting providers do). If you have never worked with the files in the root directory of your site and/or are not familiar with editing the .htaccess file ask your webmaster to do it for you. If you make a mistake when editing your .htaccess file, the result can make the site completely unavailable.

If you are comfortable with editing your .htaccess file then adding the following code to it should block both Semalt and Buttons For Website traffic to your site.

# block visitors referred from semalt.com
RewriteEngine on
RewriteCond %{HTTP_REFERER} semalt\.com [NC]
RewriteRule .* – [F]
# End semalt block
# block referer spam buttons for website
RewriteEngine On
RewriteCond %{HTTP_REFERER} buttons\-for\-website\.com
RewriteRule ^.* - [F,L]
# End buttons for website block


At Rustyice Solutions we use this method to block Semalt and Buttons For Website traffic on many WordPress, Joomla and Drupal sites that we manage and so far it has resulted in the total elimination of all traffic from these two sites from all of the managed websites. If you do not have a webmaster and are seeing traffic from these sources to your WordPress website we will be happy to help you with the problem. Contact me using the contact form on this site (Click Here) and I will be happy to help for a very small fee.

Continue reading
369 Hits
0 Comments

GIMP plugins that stand out from the crowd

You may well be wondering what GIMP is. GIMP stands for GNU Image Manipulation Program. Quite simply it is one of the most useful programs I have used throughout the last 10 years. Its an open source program that's ostensibly supposed to compete with Photoshop. When you compare the two programs they are surprisingly close competitors in all but one key area, price. Adobe Photoshop having moved to a subscription model comes in at about £50 per month give-or-take, GIMP on the other hand requires a one off payment of £0.00p. No brainer I'd say. On top of this, GIMP is the best open-source photo-editor out there in the marketplace. It packs in a neat set of features that can rival those of Photoshop. And that's not the end either! More than what GIMP lacks in terms of in-built features, it settles with its powerful set of plugins which are unbelievably small, and extremely versatile.

In my entire history of using GIMP, I haven't ever felt any need to consider using Photoshop. If there was something I just flat out could not do with GIMP that I'd be able to do with Photoshop then I might have considered it but I've never come across anything even close. In addition, there are a surprisingly large number of plugins for this elegant software, that can spice up your GIMP experience, especially if you're serious about your photos. I'll go on to list some of the most powerful and cool plugins for GIMP. All of them are free, and I'll provide the download links to each of them individually. Most of the effects below simply require you to download the respective files, grab the .scm script and put it inside your GIMP folder's 'Scripts' directory. Restart GIMP following each installation, and your effect is installed.

1. Photo Effects


This is really one big boss of photographic effects. It packs in a number of powerful, cool effects, neatly arranged in four categories:

Sunset at Maidan, glassified with the
Stained Glass effect.


A. Artist (Note Paper, Pastel, Water Paint, Stamp, Warp)
B. Style (Chrome Image, Cross Light)
C. Texture (Brick Wall, Patchwork, Stained Glass, Texturiser)
D. Others (High Pass)

Once installed, any of the above effects can be flawlessly applied to your photos, to make even ordinary shots look special. The merit of this plugin is that, it packs in so many cool effects into an unbelievably small sized package, 27 KB! Yeah, you read me right. ;)

Another glorious addition is the degree of end-user customizations. For example, while applying Stained Glass effect, you can choose the size of each glass-element in pixels! The Note Paper effect is something to be reckoned with. And to be honest, the textures are just way too superb.

Download: http://registry.gimp.org/node/97

2. HDR and HDR Plus plugins


These are two very powerful plugins that can add colour and life to otherwise bland shots. HDR or High Dynamic Ranging process attempts to capture and/or bring back the true colour (as it appears) to each element on the photo, thus livening it up.

Notice the original shot below:


Now, the colours obviously look a bit faded off, and it's time to apply the GIMP HDR Plus plugin. Look at the result below:


The result is clear, it's far more attractive and cool, even though the original shot did not have a good colour composition. I would say, the HDR plugin is the best if you use online Photo-sharing sites such as Flickr or Shuttershock.

Installation is very easy, just download and shift the .scm files to the scripts directory. These cool effects (HDR and HDR Plus) can be loaded from Scripts-Fu=>Enhance=>Fake HDR/Fake HDR Plus.

Download: http://registry.gimp.org/node/11776

3. National Geographic Script


This is a smooth and powerful run-once script, that can effective turn even ordinary shots into quality ones. Not that it does live upto its name, but it comes really close! As usual, nothing is better than a demonstration. Consider the photo below, shot at Duars, North Bengal (India).


Although the colour composition is okay, it still lacks some jibe, and just doesn't appear a very quality shot (it may vary, though). I took it with my Canvas 2 Android phablet, using the 8 MP shooter distilled to 5 MP. Now, let us apply the NatGeo script, and the result is shown below:


It's clear that the photo below is a far more refined and quality shot! This is the magic of the NatGeo script. It can be accessed from Filter=>Generic=>National Geographic.

Download: http://registry.gimp.org/node/9592

4. Quick Sketch


Quick Sketch is a very clear name, it digitally turns your ordinary shot into a fake painting, which is often just too marvelous to be considered a hand-drawn one though, let me warn you. However, it's very artistic, and will certainly help you amaze your friends and social contacts. Consider the photo of Jeses below:


Now, after adding the Quick Sketch effect:


Looks genuine enough! Not surprisingly, it also reduces the photo size in most cases, doing away with colours and extra graphics. It can be accessed from Scripts-Fu=>Artistic=>Quick Sketch. And it allows you to customize the blur factor too. And behold! It's only 3.25 KB!

Download: http://registry.gimp.org/node/5921

5. Blue Sky and Clouds


This is one neat little script that turns otherwise greyish or whitish sky blue, complete with fake clouds and blur. It just appears way too magical, doesn't it? Well, with the plugin, it's a breeze. Consider the photo below, an okay shot that however doesn't capture the serene bluishness of the sky:


Naturally, we'd use the plugin here. The result is shown below:


The plugin also allows tremendous customizations, and you will need a lot of time before mastering it. But even if you just accept the default settings, it'll look cool. And it's just around 5 KB in size. Access it fromScripts-Fu=>Darla=>Blue sky and clouds.

Download: http://registry.gimp.org/node/193

Continue reading
410 Hits
0 Comments

What on earth is making my home network so slow! (Part 1)

Let's face it, we've all been there. Sitting wondering why on earth a network connection that, up until 5 minutes ago had been working just fine was now all but useless. Less tech savvy individuals may just shrug their shoulders and try again later but anybody else is left wondering why. As a reader of this blog post that fact automatically places you in the latter category. So, to the problem. Could it be that somebody else in the house has started a large download? If that's the case its the easiest to solve just by asking around but the plethora of devices that are in our houses today make the job a lot more complex. For me it was a long forgotten mobile phone owned by my son, left on charge under the bed and set to auto update its code and apps that proved the final straw and drove me to come up with a solution to this problem.

Lets look at the problem in the round first of all. Homes nowadays usually have a router which connects off to the cable company or to the telephone line. These routers allow all of the devices in the house to connect to the net whether on the wireless or the wired side of life. Its not uncommon for a home network to support 10 to 20 devices not all of which will be known about by every other member of the household. Any one of these devices has the potential to bring the network to its knees for hours at an end by starting a large download. Of course the possibility also exists that somebody else on the outside has gained access to your network and it's important that this is not overlooked.

The first step in getting a handle on the situation will be to take control of your home router and secure it so that it cannot be manipulated by anybody else. Most home routers nowadays have a small, cut-down, webserver running on board which allows a management user to access the management web page. By using this web page clients can change all of the settings on the device. The page is usually accessible by both the wired and the wireless network. If you are using a Windows machine the easiest way to establish a connection to this page is to do the following:

    1. Click the pearl button and in the box which says "search programs and files" type cmd and press enter. This should bring up a window which looks like that shown on the right. Inside this window, type the command "ipconfig". The output should also resemble that shown on the right showing among other things, the address of the default gateway. Take a careful note of this address. (192.168.1.1 in this case)

 

    1. Open up a browser, type this default gateway address into the address bar and click enter. If your router is new or poorly configured you should now be looking at the control page for the device. If the device is configured properly you should now be looking at a login prompt page.

 

    1. Once logged in you will then be able to control the settings of the router.



This post is not written to be a guide for any specific router so I will keep any further instructions necessarily wide in scope.

The following bullets will link to posts that will be made available soon which examine the different aspects of this problem. Check back soon to see them when they become available.

    • Who is connected? Checking to understand which devices are connected to your router on WIFI and wired networks and establishing whether or not they should be.

 

    • What are they doing? Most routers show a basic table of transferred bandwidth as a part of their reporting. This can be used to examine the usage on your network and ascertain which devices are consuming most of the network.

 

    • Securing my router. As touched on previously, the router should be configured appropriately so that only those users whom you wish to have access are able to access both the network and the routers management page.

 

    • Customising the routers code. Home routers purchased off the shelf nowadays have woefully inadequate firmware that is frequently shown to be buggy at best and insecure at worst. Consider replacing this firmware with a fully customisable open source router such as dd-wrt or tomato.

 

    • Open source router management. (Wireshark and SNMP) Want to take the control of your home network to the max. Consider implementing network management, bandwidth management and device management.



I hope this post has proved informative as an intro to controlling your home network. Check back soon for further updates.

Continue reading
1332 Hits
2 Comments

Enhancing Oil,Gas and Power Operations - SCADA via Rustyice Satellite Solutions

Oil and gas operations are located in unforgiving environments, from the blistering cold of the arctic to the scorching heat of the deserts and the storming conditions out on the open sea. To sustain secure operating conditions in these remote areas, reliable communication is as vital to the end-user as the umbilical cord is to an unborn child.

 

Supervisory Control And Data Acquisition

Supervisory control and data acquisition (SCADA) is a unique aspect of oil, gas and power distribution operations in that it does not entail communication between people, but between machines, also known as machine–machine (M2M).

SCADA describes a computer based system that manages mission critical process applications on the ‘factory floor’. These applications are frequently critical for health, safety and the environment.

The term telemetry is often used in combination with SCADA. Telemetry describes the process of collating data and performing remotely controlled actions via a suitable transmission media. In the context of this article, the telemetry media is a satellite communications solution.

SCADA in Oil, Gas and Power Distribution Operations

SCADA is not limited to a particular aspect of these types of operations. In the Oil and Gas industry, SCADA applications can be found in upstream areas such as well monitoring, downstream in areas such as pipeline operations, in trade by managing the fiscal metering/custody transfer operations and logistics in applications such as inventory management of tank storage facilities. SCADA systems in the Power Distribution industry use RTUs and PLCs to perform the majority of on-site control. The RTU or PLC acquires the site data, which includes meter readings, pressure, voltage, or other equipment status, then performs local control and transfers the data to the central SCADA system. However, when comparing and specifying a solution for challenging SCADA environments, RTU and PLC-based systems are not equal.

PLC Systems are Sub-Optimal for Complex SCADA Systems

Originally designed to replace relay logic, PLCs acquire analog and/or digital data through input modules, and execute a program loop while scanning the inputs and taking actions based on these inputs. PLCs perform well in sequential logic control applications with high discrete I/O data counts, but suffer from overly specialized design, which results in limited CPU performance, inadequate communication flexibility, and lack of easy scalability when it comes to adding future requirements other than I/O.
With the rapid expansion of remote site monitoring and control, three critical industry business trends have recently come into focus:

• System performance and intelligence – Process automation improves efficiency, plant safety, and reduces labor costs. However, complex processes like AGA gas flow calculations and high-resolution event capture in electric utility applications require very high performance and system-level intelligence. The reality is that even high-performance PLCs cannot meet all these expectations.

• Communication flexibility – Redundant communication links between remote systems and the central SCADA application form the basis of a reliable, secure, and safe enterprise. Power routing automation in electric applications, water distribution, warning systems, and oil and gas processes all require unique communication mediums including slow dial-up phone lines, medium speed RF, and broadband wired/wireless IP.

• Configurability and reduced costs – Although process monitoring and control are well defined and understood within many industries, the quest for flexibility and reduced Total Cost of Ownership (TCO) remains challenging. In the past, proprietary PLC units customized with third party components filled the niche, but suffered from lack of configurability and higher maintenance costs than fully integrated units. Today, businesses look for complete modular off-the shelf systems that yield high configurability with a significant improvement in TCO.

At the technical level, several requirements currently influence the SCADA specification process:
• Local intelligence and processing – High processing throughput, 64 bit CPUs with expanded memory for user applications and logging with support for highly complex control routines.

• High-speed communication ports – Monitoring large numbers of events requires systems that support multiple RS232/485 connections running at 230/460 kb/s and multiple Ethernet ports with 10/100 Mb/s capability.

• High-density, fast, and highly accurate I/O modules Hardware that implements 12.5 kHz input counters with 16-bit analog inputs and 14-bit analog outputs for improved accuracy.

• Broadband wireless and wired IP communications. Recent innovations in IP devices demands reliable connectivity to local IEDs (Intelligent Electronic Devices) as well as emerging communication network standards.

• Strict adherence to open standard industry protocols including Modbus, DNP3, and DF-1 on serial and TCP/IP ports

• Robust protocols for support of mixed communication environments.

• Protection of critical infrastructure – Enhanced security such as password-protected programming, over the air encryption, authentication, and IP firewall capability.

Selecting a Satellite Communication Solution – Factors to Consider

Security

When selecting a satellite communications solution, there are numerous factors that must be considered. Enterprise applications like e-mail, Internet access, telephony, videoconferencing, etc. frequently tie into public communications infrastructure. Due to security and reliability considerations it is considered best practice to isolate mission critical SCADA communications infrastructure from public networks.

The Rustyice solution is a dedicated satellite communications network solution tailored for the SCADA applications environment. By virtue of system design, our solution offers greater security against hacker attacks and virus infestation which mainly target computers that are connected to the Internet and are running office applications.

Reliability

Due to the critical nature of most SCADA operations, a reliable communication solution is of utmost importance. The satellite communications industry is mature with a proven track record. Satellite transponder availability is typically in the 99.99 percentile range, a number far superior to that of terrestrial networks. To build on this strength, our solution utilises a miniature satellite hub that is deployed at the end-users SCADA control centre. Data to/from the remote terminal units (RTUs) are piped directly into the SCADA system. There is no vulnerable terrestrial back-haul from a communication service providers facility, which can cause the entire network to crash if cut during public works, i.e. digging.

To increase the reliability of the hub, it is frequently deployed in a redundant/load sharing configuration. This ensures that the hub is available more than 100% of the time, making it far from the weakest link in the communication chain.

Types of Connectivity

Contrary to enterprise-related communications which take place randomly, SCADA communication is quite predictable. It is a continuous process, where the SCADA application polls the RTUs at regular intervals. The outgoing poll request is a short datagram (packet) containing as few as 10 bytes. The returned data from the RTUs are also in a datagram format with the message size being from 10 bytes to 250 bytes. One could easily assume that a satellite solution based upon dial-up connectivity such as Inmarsat, Iridium or Globalstar would be ideal for this application environment. Since SCADA is not just data collection, but also entails control (which at times can be of an emergency nature), you simply cannot wait for the system to encounter a busy connection. What is needed is a system that provides an ‘always on’ type of connection, commonly referred to as leased line connectivity.

A Rustyice solution supports both circuit switched (leased line and multi drop) and packet switched (TCP/IP and X.25) applications concurrently.

Continue reading
370 Hits
0 Comments

The Chirpsounder / Ionosonde


Anybody who has ever set up a working international HF link will know it can be a tricky business. You see there's a pesky movable thing called the ionosphere which is pretty fundamental to the whole business.
Communicating with a point halfway round the planet using HF is like trying to play that old 70's children's game called Rebound. Since radio links are usually close to or distinctly line of sight links, communicating with a point on the other side of a sphere would seem like a fairly insurmountable problem. I'd think the first time this problem was solved using the ionosphere it was probably an accident caused by some early radio pioneers receiving signals for their fellow pioneers some way round the planet and beginning to wonder why and how it was happening.

The reason it was and does happen is because of a thin layer of the Earths atmosphere called the ionosphere. The ionosphere is a region of the upper atmosphere, from about 85 km (53 mi) to 600 km (370 mi) altitude, and includes the thermosphere and parts of the mesosphere and exosphere. It is distinguished because it is ionized by solar radiation. It plays an important part in atmospheric electricity and forms the inner edge of the magnetosphere. It has practical importance because, among other functions, it influences radio propagation to distant places on the Earth. This is the reason we as Telecommunications Engineers are interested in it.

The ionosphere is a layer of electrons and electrically charged atoms and molecules in the upper Earths atmosphere, ranging from a height of about 50 km (31 mi) to more than 1,000 km (620 mi). It exists because of the Sun's ultraviolet radiation which causes these gases to ionise and develop a charge. Because of the boundary between this layer and the relatively uncharged layer below, wave diffraction occurs. This phenomenon takes place at different incidences with different frequencies and, with clever utilisation of this property, the ionosphere can be utilized to "bounce" a transmitted signal down to the ground. Transcontinental HF-connections can rely on up to 5 of these bounces, or hops.

It is the process of determining the appropriate frequencies and their respective bounce points around the planet that is the focus of this post. The applied physics involved in this refraction are beyond the scope of this post but, in a nutshell, what they do produce is a spread of frequencies which bounce at different incident angles to the boundary layer such that different distant points on the surface of the planet can be reached when the bounced radio wave returns to the ground. This is shown more clearly in the diagram on the left.

Unfortunately, it is not quite as straightforward as the diagram above suggests as the strength and location of the ionosphere is always changing as day becomes night and also as cosmic radiation from the Sun changes over time. This presents those wishing to use this phenomenon with the constant problem of determining which frequencies are workable and usable between any two given points on the Earth.

The problem of determining these usable frequencies was the driving force behind the invention of the Chirpsounder (also known as an Ionosonde). The Chirpsounder, or rather a pair of Chirpsounders operate in tandem using a Chirp transmitter in one location and a Chirp receiver in another. The job of the transmitter is to transmit a sweep of radio output from one predetermined frequency to another over a given amount of time. A Chirp receiver situated close to the transmitter would if synchronised to match the sweep timings, receive all of the sweeps from the beginning to the end but the same Chirp receiver placed two thousand miles away over the Earths horizon may not fare so well. This is where the technology really comes into its own.


When a Tx/Rx pair of Chirpsounders are running a synchronised sweep between two distant locations, the receiver will receive from the transmitter only during those parts of the sweep that are conducive to a working link between the two. This information is gathered by the Chirp receiver and is used to provide the user with a graph showing frequency on the x-axis and receive delay on the y-axis. There will also often be a display of receive signal strength incorporated in the output. A sample Chirpsounder output is shown on the right.

As can be seen, there are a number of elements shown on the trace and each of these represents a successful reception of the signal from the transmitter. The more solid the line, the more reliable the link and this information, when used in parallel with the received power information can enable telecommunications professionals to choose the most appropriate frequency. Once the decision had been made the operational transmitters and receiver could be set appropriately and the operational radio channel could begin to pass its traffic using the ionospheric bounce. Quite amazing really.

Continue reading
1209 Hits
0 Comments