Rita Mae Brown once said that insanity is “doing the same thing, over and over again, but expecting different results.” I suppose insanity might also mean expecting people to apply critical thinking skills to anything.

I’ve been poking through MT.Net‘s logfiles and I’m pleased to see so many searching for the Thomas Jefferson Bank Quote. As of today, MT.Net is the third Google result for those search terms. That’s all fine and good. What drives me up the wall is when I go to the pages linking to the quote, in many cases the linker is presenting the quote as fact, not even reading that I’ve debunked it! Um, did anyone read the post? What kind of fool would link a quote to a post that clearly says the quote is bogus?

No wonder America is falling behind the rest of the world when it comes to using our noggins.

No account of my weekend system administration adventures would be complete without acknowledging the outstanding customer support provided by my blog host provider, VPSFarm.

I emailed VPSFarm’s customer support first thing Saturday morning requesting they shut down my server. This was completed for me in a matter of minutes, and Vinay at VPSFarm sent prompt replies to my emails throughout the entire weekend (even close to midnight). He even provided a tarfile backup of my system. In short, Vinay and VPSFarm went above and beyond the call of duty – far beyond the meager amount of money I spend would justify.

Its easy to be a friend when times are easy, but when the chips are down you find out who your friends really are. Vinay Selvaraj and VPSFarm are the real deal. If you’re looking for an Xen-based Linux box you’d be stupid to look anywhere else.

Bravo Zulu, VPSFarm!

I’ve been working all weekend to seal up the leaks in MT.Net. I feel I’m at a point where things are pretty much back to normal. Passwords have been changed, databases scanned, files examined, and all possible patches have been applied. I went far beyond simply fixing WordPress: updating the operating system was long overdue, so I did the whole nine yards.

Lessons learned? Whenever strange behavior presents itself, don’t stop hunting until you’re sure you’ve found it all. Sometimes this means ruling every possible thing out, as its very tough (and also very foolish) to say “I’m secure.” Only time can answer that.

If you run a WordPress site, fire up a MySQL session and run this query:

select * from wp_users where user_login=”WordPress”;

If you find a “WordPress” user, delete it. It doesn’t belong there.

delete from wp_users where user_login=”WordPress”;

Also, you should not have entries in your user table with invalid dates. Delete any users that this query brings back:

select * from wp_users where user_registered like “%0000%”;

I found this page to be useful for the final cleanup.

If you’ve got an MT.Net account (for posting comments, for instance), please take a moment to change it.

Its been a busy weekend here at MT.Net. I’ve been cleaning up the MT.Net webhost after some script kiddies went wild with an exploit. I have a hunch the kiddies attacked an exploit in the Bad Behavior plugin, as the only blogs on my site that were running the BB plugin were the only ones that got pwned. There was a time when the BB plugin started acting funky and needed an upgrade, and it BB would be an obvious target for the bad guys. Fortunately I had copious backups. (I find it interesting that the BB website is offline at the moment.)

If y’all see anything out of place, give me a holla. Its possible I missed something.

Its been nine wonderful years. Happy Anniversary, my love!