Malicious ****** - Be Careful - Page 3 - SailNet Community

   Search Sailnet:

 forums  store  


Quick Menu
Forums           
Articles          
Galleries        
Boat Reviews  
Classifieds     
Search SailNet 
Boat Search (new)

Shop the
SailNet Store
Anchor Locker
Boatbuilding & Repair
Charts
Clothing
Electrical
Electronics
Engine
Hatches and Portlights
Interior And Galley
Maintenance
Marine Electronics
Navigation
Other Items
Plumbing and Pumps
Rigging
Safety
Sailing Hardware
Trailer & Watersports
Clearance Items

Advertise Here






Go Back   SailNet Community > Welcome to Sailnet > Announcements and Suggestions Box
 Not a Member? 


Reply
 
LinkBack Thread Tools
  #21  
Old 04-12-2010
hellosailor's Avatar
Plausible Deniability
 
Join Date: Apr 2006
Posts: 10,560
Thanks: 2
Thanked 83 Times in 81 Posts
Rep Power: 10
hellosailor has a spectacular aura about hellosailor has a spectacular aura about
tager-
Every time I've checked, CERT and SANS and all the other top-level names say that UNIX systems are attacked on an equal basis with Windows. "However, linux does get less " You may get less of one thing or another, but every time you conect to the internet, there are folks scanning the DSL IP pools, the cable IP pools, and even the dial-up IP address pools, looking for machine to hack into. Wrong OS for that hacker? No problem, they'll sell you IP address to someone who can use it and work with your OS. This is big business, probably on a par with sex slavery and drugs. The ****** kiddie next door is the least of the problems.

Of course a lot of the problems can be stopped if the neophyte in front of the computer just read up and engaged security options. That means no Adobe Flash Player (a security risk conveniently packaged with entertainment options), no active ****** technologies, and a whole batch of "NO!" options engaged in most browers. And nuisances like UAE enabled in Vista and Win7 systems.

Or there's the easier solution: Get hacked, run a zombie, and get shut down by your ISP. Some folks are screaming bloody murder about that--but I'd just as soon see those folks simply banned from the internet for a year or two. That might get their attention and stop their "reckless driving" habits.
Reply With Quote Share with Facebook
  #22  
Old 04-12-2010
smackdaddy's Avatar
Last Man Standing
 
Join Date: Aug 2008
Posts: 13,032
Thanks: 82
Thanked 76 Times in 70 Posts
Rep Power: 9
smackdaddy is a jewel in the rough smackdaddy is a jewel in the rough smackdaddy is a jewel in the rough
Quote:
Originally Posted by johnnyandjebus View Post
Hello all

I am currently running google chrome for my browser, and it came up with the following msg when I tried to visit sailnet. Any reason to be concerned?

Just got the same warning screen in Chrome after hitting "New Posts". Here's the offending site:

rek.twilightparadox.com

Same as the one in the pic above.
__________________

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

S/V Dawn Treader - 1989 Hunter Legend 40
Reply With Quote Share with Facebook
  #23  
Old 04-13-2010
JohnRPollard's Avatar
Moderator
 
Join Date: Mar 2007
Location: Chesapeake
Posts: 5,680
Thanks: 0
Thanked 2 Times in 2 Posts
Rep Power: 10
JohnRPollard is a jewel in the rough JohnRPollard is a jewel in the rough JohnRPollard is a jewel in the rough
Quote:
Originally Posted by smackdaddy View Post
Just got the same warning screen in Chrome after hitting "New Posts". Here's the offending site:

rek.twilightparadox.com

Same as the one in the pic above.
I've now had that same warning window pop up several times on Safari.

Folks, I have sent an urgent note to Admin to take a look at this. Hopefully we'll here back soon. Apologies.
__________________

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

Pacific Seacraft Crealock 31 #62

NEVER CALLS CRUISINGDAD BACK....CAN"T TAKE THE ACCENT
Reply With Quote Share with Facebook
  #24  
Old 04-13-2010
Banned
 
Join Date: Mar 2010
Posts: 394
Thanks: 0
Thanked 0 Times in 0 Posts
Rep Power: 0
SW329xl is on a distinguished road
Quote:
Originally Posted by JohnRPollard View Post
I've now had that same warning window pop up several times on Safari.

Folks, I have sent an urgent note to Admin to take a look at this. Hopefully we'll here back soon. Apologies.
Just got this message for the first time. It appears to be very intermittent. In refreshing the same page/thread, the warning disappeared. The bad ****** is not called directly by the page, but appears to be getting pulled in through another ****** that the page pulls in. I did not get a chance to isolate what ****** is pulling in the bad one, but my first guess (just a guess) would be some ad unit that runs periodically. Second guess would be the damn visistat code, and they have an infection in a single server within their cluster. Third guess, you have one server in a cluster which is infected in your own environment.
Reply With Quote Share with Facebook
  #25  
Old 04-13-2010
administrator's Avatar
Administrator
 
Join Date: Jan 2000
Location: maryland
Posts: 1,888
Thanks: 3
Thanked 17 Times in 9 Posts
Rep Power: 10
administrator has disabled reputation
there are only two servers in our cluster. both are scanned daily for any viruses and are clean. The problem occurs from scumbags posting messages with nasty links.

I will tighten up the registration process over the nest few days to check a database of known spammers before they're allowed to register.

this should correct the situation and at the same time we'll remove the visitat code to see if that helps at all.
Reply With Quote Share with Facebook
  #26  
Old 04-13-2010
JohnRPollard's Avatar
Moderator
 
Join Date: Mar 2007
Location: Chesapeake
Posts: 5,680
Thanks: 0
Thanked 2 Times in 2 Posts
Rep Power: 10
JohnRPollard is a jewel in the rough JohnRPollard is a jewel in the rough JohnRPollard is a jewel in the rough
Thanks, Admin!!
__________________

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

Pacific Seacraft Crealock 31 #62

NEVER CALLS CRUISINGDAD BACK....CAN"T TAKE THE ACCENT
Reply With Quote Share with Facebook
  #27  
Old 04-14-2010
Banned
 
Join Date: Mar 2010
Posts: 394
Thanks: 0
Thanked 0 Times in 0 Posts
Rep Power: 0
SW329xl is on a distinguished road
Quote:
Originally Posted by administrator View Post
there are only two servers in our cluster. both are scanned daily for any viruses and are clean. The problem occurs from scumbags posting messages with nasty links.

I will tighten up the registration process over the nest few days to check a database of known spammers before they're allowed to register.

this should correct the situation and at the same time we'll remove the visitat code to see if that helps at all.
Cool. You might want to look at using Akismet or Mollom to filter postings as well. They are incredibly effective at stopping spam and malware from getting into the system. It looks like there is an existing plug in for Akismet. I know there have been requests for a Mollom plugin (my personal preference), however I don't think one exists yet.

Akismet Anti-Spam - vBulletin.org Forum

When I viewed the same page twice, I would get malware warnings only some of the time. In the past that has pointed to something that rotates naturally such as ads or servers in the cluster, however it could certainly be just the nature of the malware in this case as well.

In any case, thanks for the work cleaning it up and locking the bad guys out. Fighting this stuff is always a pita and rarely recognized.
Reply With Quote Share with Facebook
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

 
Posting Rules
You may post new threads
You may post replies
You may post attachments
You may edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On



All times are GMT -4. The time now is 03:39 AM.

Add to My Yahoo!         
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.1
(c) Marine.com LLC 2000-2012

The SailNet.com store is owned and operated by a company independent of the SailNet.com forum. You are now leaving the SailNet forum. Click OK to continue or Cancel to return to the SailNet forum.