mt panic & the “friendly” worm

This afternoon, I did a little rearranging of my journal index page. I wanted to add the Movable Type 2.1 search feature -- mainly so I can find things in my archives -- and reorganize the side matter some (I'm not finished with it. Seems I'm never finished with it.) Went to make sure the new template worked fine -- oh man, what a mess!

I'd forgotten that I'd changed SSH to upload on in binary because I was uploading a Flash file last night. Okay, so changed that and then I reloaded the template in ascii format. Better -- but still not quite right. I needed to rebuild.

Headed for the templates page. But no matter what I clicked, I was thrown back to the login page. Over and over. Panic -- I broke it! I'd already had muchas trouble upgrading (had to do with case-sensitive cgi. I had to change the case of about 15 files or so that uploaded as lower case instead of mixed case) so I was NOT HAPPY about this. Headed to the forums, but didn't find an answer there (which left me feeling really dumb -- could I have broken it in a unique way? I doubted it, which meant the fix was so obvious anyone could fix it). I changed the permissions on the files, reloaded this and that, tried all kinds of tweaks. No dice.

AHA! I know, I'll READ THE F*ING MANUAL. Lo and behold, down there in the Troubleshooting section, there was my problem: "I keep getting the Movable Type login screen." With an answer in plain English no less. Which was: if you've set ZoneAlarm to block cookies, the thing ain't gonna work. And what had I done before I began my MT tweaking? Upgraded ZoneAlarm -- where I'd just decided to try a tracking cookie block. I untried it. Problem solved.

The "Friendly" Worm
Yesterday I got a message from a woman at the place where I no longer spend three days a week. It contained a message with a link to download a greeting card she'd sent via friend - greeting (or something like that). I have to admit, I was a bit surprised to get a greeting message from her -- but I figured she was just touching base with all us refugees or something. It wasn't until I'd clicked the link and "install" button that the alarm bells started going off -- would she really send a greeting? But neither Norton AntiVirus nor ZoneAlarm Pro protested ... so maybe it was okay ... I did LiveUpdate only yesterday ... why's it taking so long ... and what a cruddy card -- this isn't something she'd send! OH NO!

I sent her a message asking her about it, and she wrote back apologizing profusely and telling me not to install it because it is a worm, etc. etc. etc. But of course I had. Then my desktop started going haywire. Hoo boy. Here we go ... the SECOND time this week Norton failed me.

Stanley immediately started researching it; it's called, according to Symantec, friend greet or friend greetings -- and they provided removal instructions. Which wasn't easy -- uninstalling it is incomplete, I had to freaking do a liveupdate on Norton AntiVirus TWICE to get the right virus definitions, then NA could not either quarantine or remove the files until I rebooted. Then there was a bunch of registry changes I had to make because Norton could not, and though Norton warned you to clean out all the temp files in the browser cache, it did not warn you to clean out the files in the temporary download file, were I found it again today (it did not execute, fortunately).

A would say that all's well that ends well, except that my quickstart programs are still all rearranged and I'm really pissed that Norton AntiVirus failed yet again. This is one instance where virus definition updates should be automatically pushed content, rather than scheduled pulls. At the very least, Symantec should send out warnings, like McAfee does (I dumped McAfee because it kept crapping up my operating system). At any rate, Stanley told me it's time to update ZoneAlarmPro -- he's the person in charge of all this stuff, so I did what he told me to do. And that, ultimately, is why I had the MT problem.

It amazes me sometimes, the cascade of consequences.
Posted by .(JavaScript must be enabled to view this email address) on 11/09/02 at 03:01 PM
Commenting is not available in this weblog entry.

Next entry: eq - what’s yours?

Previous entry: ruins, again

<< Back to main