Tech Support Nightmares and Cyberscreams

Mitnick - Art of InvisibilityThe past month or so has been a whirlwind ride through some technological peaks and valleys. It began with an enlightening read of Kevin Mitnick’s book The Art of Invisibility. This was a great plane ride book, and I managed to finish the book in the stretch of about 4-5 days. For those who don’t recognize the name, Mitnick made himself famous in the 1990s for his computer hacking exploits, skills which had him on the run from the law for a while. Now he’s a professional security consultant, as well as author–and pretty enjoyable one at that. You can read all about his life here. There was even a fascinating documentary made about him that I actually owed a copy of on VHS many years ago called Freedom Downtime, that I believe I came across from some article or ad in 2600.

I ran across his book after some prompting from a series of extremely annoying script kiddie hacks to a server hosting some of my websites, including this one, from a mix of Chinese and Russian, and Ukranian IPs. You know, the ones where they insert a single php file into your root web files they suddenly you have an endless supply of auto-generated 1 byte image files in a self-replicating Images file! Or where someone tries to hack your Google webmaster account and upload their own google html authentication files. I knew something was fishy when I suddenly had 19 ftp accounts in my Cpanel. It was a good wake up call that my security protocols had gotten too lax. Reading through Mitnick’s book was also a good refresher on some of the more recent techno-security updates and changes, especially having to do with smartphones and all the amazing ways that so-called “smart phones” are actually a hackers wet dream.

Samsung RantIronically, because I’m an (intentional) techno-Luddite when it comes to smart phone technology I’m still running an old Samsung Rant like the one pictured here. Seriously, it’s so old the phone plan with Sprint I have doesn’t even exist any more, and when this phone eventually breaks and needs replaced I doubt I will be able to keep this old grandfathered plan. It’s so old that this is the 2nd cell phone I’ve ever bought, with an original contract that expired in 2011! Yes, the 0 button only half works, and the space button is erratic, but it is a real trooper to have held up this long and gone through some serious abuse!

Anyway, my point was that I was laughing about all the app exploits and hacks these new iOS and Android smart phones are vulnerable to. I don’t even have data or pictures enabled on my account, and while there are some basic exploits still open on an old phone like this, I’m not worried about someone stealing any of my login or password info via my phone apps. On the downside, when people send me funny animated emojis in a sms all I see are a few .,. characters on the screen.

So from reading Mitnick and cleaning up some annoying script kiddy hacks I decided to do a deep dive audit on household and online security. As part of that I decided to upgrade from the free SSL to a Positive SSL with a static IP, which was all well and good. So far no problems. But for a while I’ve noticed the load time was a bit slow, and I’ve played around with various online caching plugins (W3Total Cache, etc), but was never really pleased with the outcome. So I decided to look into a CDN services to try to help load pages faster. I’d used Cloudflare for a brief period but was not impressed, but this was 4-5 year ago. And since my host offered a basic CDN service through Sitelock I figured I would give that a try. 

 

Big mistake! For the next week I had the BSOD, and I don’t mean Windows. The Bypass Sitelock of Death!

After attempting in setup a basic Sitelock CDN with my site it effectively crashed everything, rendering my site unreachable for the better part of the past 2 weeks. For reasons that are still not entirely clear to me, the basic Sitelock CDN service through my host don’t work with a fixed IP SSL, and so I found myself in an endless loop where the CDN pointed to someone else’s domain (sorry about that adamsinfosecurityblog), and replacing the @ and www records in my DNS configurations with three different Sitelock ips. After 6, yes 6, different tech support chats over the course of a week with many nice (and probably Indian) but mostly useless technicians (Arekal, Iril, Bipinchandra, Sandhya, Vaishnav, and Daksha) I was finally able to isolate the problem (thanks Daksha, you’re a winner!).

Apparently the free CDN could not be removed by technical support, it had to be removed by billing support, and thus every time the first 5 technical support people told me that” everything should be up and running again in 4-8 hours” and that “the problem is no fixed” it DNS settings were automatically reverted back by the CDN. I guess this is a case of the right hand (tech support) not talking to the left hand (billing). I even had one tech who told me he “fixed” the problem proceeded to try to sell me an $800 upgrade to a “special” Cloud hosting package that would save my money and solve all my problems (but oddly wasn’t listed on the host’s website)! To add insult to injury, there is an admin interface to control Sitelock CDN service with a “remove Sitelock CDN/Firewall” option in the menu, but ha ha, this just tells you it can’t be removed when clicked!

Finally this morning the billing dept was able to resolve and remove the CDN on my account, and lo and behold, the site is back up and running again, SSL in tact, but CDN free. I think it will take a lot of background research before I decide to play with a CDN setup again. Now I can get back to my readings on Kali Linux, VMs and spearphishing! Anyway, that’s it for this week’s exciting installment of Adventure in the Internets!