A strange thing has happened the last couple days since running WD.
4 times in the last 3 days I’ve been attacked by a trojan horse while my FTP session in WD was open.
Since I have been behind a NAT router (satellite connection), I’ve never had a hit on my software firewall - was actually thinking of abandoning it! Anyway, the NAT (network access translation) router is supposed to act like a hardware firewall (so I’m told).
So…during a couple sessions of WD upload, my software firewall (NIS) pops up with an attack of a specific trojan horse coming from my own FTP server???
I had a chat with my web host. First they said it was probably a “false alarm” (sorry, the threat of a trojan is a treat to me). They then go on to say that "no one should use FTP - is totally un-secure - even your user name and password are passed as plain text that anyone can get.
I realize that this has really nothing to do with WD’s FTP. Just wondering if anyone has had a similar problem, and if there is such a way to FTP securely.
Hi
you should also be using a firewall
Zonealarm is very good
they have a free version too
see
I do have a SFTP version of my FTP upload program, but its quite tricky to set up, and your server needs to be able to handle sftp (there are all sorts of permissions problems)
the password is starred out in the logs wd produces
but, yes, i guess the ftp session could be spied on to get your password…but i dont know about it being passed as plain ol text!
looking at your web site: http://www.sterlingrun.com/weather2/wx.htm
to get the problem with the border around the summary image fixed, please download the latest version of wd and use that, or restart wd…
also, the large size weather dials:
to fix that
try:
setup, use large screen size
then click on Yes
then restart wd
let me know
also, you migth want to tick to create and upload the screen image…
i recommed you use the customise internet and file creation setup…
there you set the times to create each file and the times to upload each file
and then you can inser the html code into the default web files, datahtm0.txt or datahtm3.txt, to display those images
or you can use the custom web page option (you can set times to create and upload a custom web file)
i.e, create a file called wxloca.html in the folder webfiles (there is a sample custom web page included in the download)
and then put in the html code needed , and put in and use the custom tags, as found in the file owntemplate.txt, where you want weather data to appear (or use the create/edit a custom tag file, see under control panel, where you can select from a list of tags to insert)
Brian, in regular ftp the username and password do get sent in plain text - but the chance of someone grabbing them directly from an ftp session is remote.
I’m afraid that everything in ftp is passed as plain text, unless the file you are up/downloading is encrypted of course. Yes, the username and password are passed in plain text too, so in theory anybody sniffing the wire could get hold of your logon credentials. But that would only let them get access to the ftp server, not your WD “client” end.
Whew…
First, thanks Brian for taking a look at my site.
I must say that I am still on the trial version. Don’t worry, you’ve got me hooked now - will be purchasing and downloading the newest version next pay!
I did have “use large screen size” for a while now - but did as you said and restarted - now have normal size dials.
I’m still playing with the colors of my screen - don’t want to upload that yet.
And thanks for the advise on using custom internet and file creations - I’m just not ready for that yet - one thing at a time! I’ve literally spent hours each day the last week playing with WD - I need to understand one aspect before I move on to another. I’m saving your suggestions for later use.
niko - here are the two trojans that were blocked:
Ahhh - my logs must refresh each day…I wrote one down:
Port of Doom Trojan Horse
Can’t remember the exact name of the other one.
Using Direcway - not Starband
Thanks though - made for some interesting reading - always learning.
I know that my firewall is working, and haven’t had another hit in over 24 hours now. Just going to wait it out some - I know I’m protected in the meantime.
…furthermore, it appears that NIS identifies the attacking trojan only because there is something trying to connect on a port used by that trojan - in other words the id is pretty suspect.