Page 2 of 3 FirstFirst 123 LastLast
Results 21 to 40 of 56

Thread: Web site compromised?

  1. #21
    ŠAriŽ
    Guest

    Re: Web site compromised?

    On Thu, 23 Apr 2009 15:11:49 -0700 (PDT), Kompu Kid wrote:

    > * I found also a My hosting services told me that an infection on my
    > personal computer is probably where the injection of suspect codes
    > have started. He says the virus on my computer used the ftp link I
    > have to the web hosting site.


    LOL
    --
    A fireside chat not with Ari!
    http://tr.im/holj
    Motto: Live To Spooge It!

  2. #22
    DGB
    Guest

    Re: Web site compromised?

    ŠAriŽ wrote:
    > On Thu, 23 Apr 2009 15:11:49 -0700 (PDT), Kompu Kid wrote:
    >
    >> * I found also a My hosting services told me that an infection on my
    >> personal computer is probably where the injection of suspect codes
    >> have started. He says the virus on my computer used the ftp link I
    >> have to the web hosting site.

    >
    > LOL


    Can you/will you expand on your comment, ŠAriŽ ?

    Thanks

  3. #23
    Doc
    Guest

    Re: Web site compromised?

    Kompu Kid <deguza@hotmail.com> wrote in news:da2c3ba5-46fc-4b8d-a28f-
    e3de6b8918f3@k19g2000prh.googlegroups.com:

    > On Apr 22, 9:22*am, John Holmes <nospam.13i...@gmail.com> wrote:
    >> Kompu Kid "contributed" in alt.hacker:
    >>
    >> > (I am not giving the actual URL)

    >>
    >> Don't expect any help then.
    >>
    >> --
    >> <snip>

    >
    > I did not want anybody getting infected, that's why I did not give it
    > out.


    If you're posting a message in a hacker forum with a warning that you
    think the site might be compromised, then the people who look at it are
    forewarned.

    Not posting the URL is stupid. People who can do low-tech stuff like
    telnet to the server and download the page for analysis can't do that if
    they don't know where it is.

    It's like telling someone you think you have an STD, but not going to the
    doctor to really find out.



    Doc.

    --
    The bigger the humbug, the better people will like it.
    - Phineas Taylor Barnum.

  4. #24
    Doc
    Guest

    Re: Web site compromised?

    Kompu Kid <deguza@hotmail.com> wrote in
    news:239c28cf-07a7-4dab-b02c-5a4da6c0a840@z8g2000prd.googlegroups.com:

    <snip>

    > Any recommendations for a news reader for the XP environment? If it
    > matters, I use Firefox in addition to chrome.


    I still like X-News.

    http://download.cnet.com/Xnews/3000-...-10026377.html

    Really should download and try the latest version, but the one I have just
    works - no attempts to execute code or render pages, so very safe.


    Doc.

    --
    The bigger the humbug, the better people will like it.
    - Phineas Taylor Barnum.

  5. #25
    Larry Thomas
    Guest

    Re: Web site compromised?

    Yet another name for a boy chasing insecure BoaterDave.

    "DGB" <DGBisnotr@al.com> wrote in message news:gsrpc3$d8e$1@aioe.org...
    ŠAriŽ wrote:
    > On Thu, 23 Apr 2009 15:11:49 -0700 (PDT), Kompu Kid wrote:
    >
    >> * I found also a My hosting services told me that an infection on my
    >> personal computer is probably where the injection of suspect codes
    >> have started. He says the virus on my computer used the ftp link I
    >> have to the web hosting site.

    >
    > LOL


    Can you/will you expand on your comment, ŠAriŽ ?

    Thanks


  6. #26
    Big Bad Bob
    Guest

    Re: Web site compromised?

    Kompu Kid so witilly quipped:
    > Hello All:
    >
    > A website I manage seems to have a problem when I tried to access it
    > today with Chrome browser.
    >
    > Chrome gives the following warning:
    >
    >
    > "Warning: Visiting this site may harm your computer!
    > The website at www.XXXX.YYY (I am not giving the actual URL) contains
    > elements from the site beebest.cn, which appears to host malware –
    > software that can hurt your computer or otherwise operate without your
    > consent. Just visiting a site that contains malware can infect your
    > computer.


    <snip>

    > How can "elements" from beebest.cn can be on this site? What "do"
    > elements mean in this case?


    usually cross-site scripting and/or embedded objects (IFRAME, etc.).
    Descriptions of what those terms mean are worth a google if you don't
    already have a good understanding of why it's a problem.


  7. #27
    John Holmes
    Guest

    Re: Web site compromised?

    Kompu Kid "contributed" in alt.hacker:

    > On Apr 22, 9:22*am, John Holmes <nospam.13i...@gmail.com> wrote:
    >> Kompu Kid "contributed" in alt.hacker:
    >>
    >> > (I am not giving the actual URL)

    >>
    >> Don't expect any help then.
    >>
    >> --
    >> <snip>

    >
    > I did not want anybody getting infected, that's why I did not give it
    > out.
    >
    > Deguza


    I'll second Doc.

    Most of the regulars here know what they're doing. FYI, my system will
    not get infected by just browsing to a compromised website.

    --
    <snip>



  8. #28
    ~BD~
    Guest

    Re: Web site compromised?

    John Holmes wrote:

    > I'll second Doc.
    >
    > Most of the regulars here know what they're doing. FYI, my system will
    > not get infected by just browsing to a compromised website.
    >


    Hello John :)

    Please will you explain how/why *your* system will not be so infected
    yet other folk may be?

    Might it simply be because you aren't using Microsoft Windows?

    --
    Dave

  9. #29
    John Holmes
    Guest

    Re: Web site compromised?

    ~BD~ "contributed" in alt.hacker:

    > John Holmes wrote:
    >
    >> I'll second Doc.
    >>
    >> Most of the regulars here know what they're doing. FYI, my system will
    >> not get infected by just browsing to a compromised website.
    >>

    >
    > Hello John :)
    >
    > Please will you explain how/why *your* system will not be so infected
    > yet other folk may be?
    >
    > Might it simply be because you aren't using Microsoft Windows?
    >
    > --
    > Dave
    >


    As a matter of fact, I'm using WinXP for my daily use. My 5 workstations
    and 4 wireless laptops (some XP, some Slackware) are all behind 2 Windows
    2008 DC's running ISA server and Forefront. That setup keeps my local
    network free of mal/spy-ware, viruses and other nasties. The servers are
    really in use as servers, i.e. nobody touches them but me and no websites
    are ever visited on them.

    I hope my answer satisfied you.

    --
    <snip>



  10. #30
    ~BD~
    Guest

    Re: Web site compromised?

    John Holmes wrote:
    > ~BD~ "contributed" in alt.hacker:
    >
    >> John Holmes wrote:
    >>
    >>> I'll second Doc.
    >>>
    >>> Most of the regulars here know what they're doing. FYI, my system will
    >>> not get infected by just browsing to a compromised website.
    >>>

    >> Hello John :)
    >>
    >> Please will you explain how/why *your* system will not be so infected
    >> yet other folk may be?
    >>
    >> Might it simply be because you aren't using Microsoft Windows?
    >>
    >> --
    >> Dave
    >>

    >
    > As a matter of fact, I'm using WinXP for my daily use. My 5 workstations
    > and 4 wireless laptops (some XP, some Slackware) are all behind 2 Windows
    > 2008 DC's running ISA server and Forefront. That setup keeps my local
    > network free of mal/spy-ware, viruses and other nasties. The servers are
    > really in use as servers, i.e. nobody touches them but me and no websites
    > are ever visited on them.
    >
    > I hope my answer satisfied you.
    >


    Thank you for your response, John

    With every post, I learn more. I had never heard of 'Slackware' before,
    but have now visited http://www.slackware.com/index.html and now know!

    I'm well outside my comfort zone but did look here, too:-
    http://www.petri.co.il/rename-window...ontrollers.htm

    I also note that "Vulnerabilities in Microsoft ISA Server and Forefront
    Threat Management Gateway (Medium Business Edition) Could Cause Denial
    of Service (961759)" Ref:
    http://www.microsoft.com/technet/sec.../ms09-016.mspx

    With equipment as described you are obviously not a simple hobbyist like
    me. I'm delighted to learn that *you* cannot be infected simply by
    visiting a specific URL like millions of folk in my position. It must
    give you a real sense of superiority! ;)

    --
    Dave

  11. #31
    John Holmes
    Guest

    Re: Web site compromised?

    ~BD~ "contributed" in alt.hacker:

    > John Holmes wrote:
    >> ~BD~ "contributed" in alt.hacker:
    >>
    >>> John Holmes wrote:
    >>>
    >>>> I'll second Doc.
    >>>>
    >>>> Most of the regulars here know what they're doing. FYI, my system
    >>>> will not get infected by just browsing to a compromised website.
    >>>>
    >>> Hello John :)
    >>>
    >>> Please will you explain how/why *your* system will not be so
    >>> infected yet other folk may be?
    >>>
    >>> Might it simply be because you aren't using Microsoft Windows?
    >>>
    >>> --
    >>> Dave
    >>>

    >>
    >> As a matter of fact, I'm using WinXP for my daily use. My 5
    >> workstations and 4 wireless laptops (some XP, some Slackware) are all
    >> behind 2 Windows 2008 DC's running ISA server and Forefront. That
    >> setup keeps my local network free of mal/spy-ware, viruses and other
    >> nasties. The servers are really in use as servers, i.e. nobody
    >> touches them but me and no websites are ever visited on them.
    >>
    >> I hope my answer satisfied you.
    >>

    >
    > Thank you for your response, John
    >
    > With every post, I learn more. I had never heard of 'Slackware'
    > before, but have now visited http://www.slackware.com/index.html and
    > now know!
    >
    > I'm well outside my comfort zone but did look here, too:-
    > http://www.petri.co.il/rename-window...controllers.ht
    > m
    >
    > I also note that "Vulnerabilities in Microsoft ISA Server and
    > Forefront Threat Management Gateway (Medium Business Edition) Could
    > Cause Denial of Service (961759)" Ref:
    > http://www.microsoft.com/technet/sec.../ms09-016.mspx


    Would you be surprised that I'm aware of that and my servers have been
    patched and therefore not vurnerable to those attacks?

    >
    > With equipment as described you are obviously not a simple hobbyist
    > like me. I'm delighted to learn that *you* cannot be infected simply
    > by visiting a specific URL like millions of folk in my position. It
    > must give you a real sense of superiority! ;)


    It doesn't. There must be thousands of guys (or even girls) around
    knowing more than I do.

    ;-)

    >
    > --
    > Dave
    >




    --
    <snip>




































  12. #32
    Todd H.
    Guest

    Re: Web site compromised?

    John Holmes <nospam.13inch@gmail.com> writes:

    > ~BD~ "contributed" in alt.hacker:
    >
    >> John Holmes wrote:
    >>
    >>> I'll second Doc.
    >>>
    >>> Most of the regulars here know what they're doing. FYI, my system will
    >>> not get infected by just browsing to a compromised website.
    >>>

    >>
    >> Hello John :)
    >>
    >> Please will you explain how/why *your* system will not be so infected
    >> yet other folk may be?
    >>
    >> Might it simply be because you aren't using Microsoft Windows?
    >>
    >> --
    >> Dave
    >>

    >
    > As a matter of fact, I'm using WinXP for my daily use. My 5 workstations
    > and 4 wireless laptops (some XP, some Slackware) are all behind 2 Windows
    > 2008 DC's running ISA server and Forefront. That setup keeps my local
    > network free of mal/spy-ware, viruses and other nasties.


    As far as you know.

    Proving a negative is very difficult.

    --
    Todd H.
    http://www.toddh.net/

  13. #33
    erewhon
    Guest

    Re: Web site compromised?

    >> http://www.microsoft.com/technet/sec.../ms09-016.mspx
    >
    > Would you be surprised that I'm aware of that and my servers have been
    > patched and therefore not vurnerable to those attacks?


    Of course you were vulnerable. The bug existed since day 1 of the o/s
    release. It's been exploitable since then. The fact you have now patched it
    only shows you have closed the door after the horse has bolted.



  14. #34
    Doc
    Guest

    Re: Web site compromised?

    comphelp@toddh.net (Todd H.) wrote in
    news:84zle4zhym84y6tozhym__84ws98zhym@yahoo.com:

    > John Holmes <nospam.13inch@gmail.com> writes:
    >
    >> ~BD~ "contributed" in alt.hacker:
    >>
    >>> John Holmes wrote:
    >>>
    >>>> I'll second Doc.
    >>>>
    >>>> Most of the regulars here know what they're doing. FYI, my system
    >>>> will not get infected by just browsing to a compromised website.
    >>>>
    >>>
    >>> Hello John :)
    >>>
    >>> Please will you explain how/why *your* system will not be so
    >>> infected yet other folk may be?
    >>>
    >>> Might it simply be because you aren't using Microsoft Windows?
    >>>
    >>> --
    >>> Dave
    >>>

    >>
    >> As a matter of fact, I'm using WinXP for my daily use. My 5
    >> workstations and 4 wireless laptops (some XP, some Slackware) are all
    >> behind 2 Windows 2008 DC's running ISA server and Forefront. That
    >> setup keeps my local network free of mal/spy-ware, viruses and other
    >> nasties.

    >
    > As far as you know.
    >
    > Proving a negative is very difficult.


    Exactly.

    Hence why I pointed out using an unusual, but old, tool like telnet to
    download page content. It will never execute any content in the page, and
    you have to read the page content and explicitly request copies of
    ancilliary pages. No danger. Relying on any sort of 'malware firewall'
    leaves you open to something zero-day.

    Doc.

    --
    The bigger the humbug, the better people will like it.
    - Phineas Taylor Barnum.

  15. #35
    ~BD~
    Guest

    Re: Web site compromised?

    John Holmes wrote:
    > ~BD~ "contributed" in alt.hacker:
    >
    >> John Holmes wrote:
    >>> ~BD~ "contributed" in alt.hacker:
    >>>
    >>>> John Holmes wrote:
    >>>>
    >>>>> I'll second Doc.
    >>>>>
    >>>>> Most of the regulars here know what they're doing. FYI, my system
    >>>>> will not get infected by just browsing to a compromised website.
    >>>>>
    >>>> Hello John :)
    >>>>
    >>>> Please will you explain how/why *your* system will not be so
    >>>> infected yet other folk may be?
    >>>>
    >>>> Might it simply be because you aren't using Microsoft Windows?
    >>>>
    >>>> --
    >>>> Dave
    >>>>
    >>> As a matter of fact, I'm using WinXP for my daily use. My 5
    >>> workstations and 4 wireless laptops (some XP, some Slackware) are all
    >>> behind 2 Windows 2008 DC's running ISA server and Forefront. That
    >>> setup keeps my local network free of mal/spy-ware, viruses and other
    >>> nasties. The servers are really in use as servers, i.e. nobody
    >>> touches them but me and no websites are ever visited on them.
    >>>
    >>> I hope my answer satisfied you.
    >>>

    >> Thank you for your response, John
    >>
    >> With every post, I learn more. I had never heard of 'Slackware'
    >> before, but have now visited http://www.slackware.com/index.html and
    >> now know!
    >>
    >> I'm well outside my comfort zone but did look here, too:-
    >> http://www.petri.co.il/rename-window...controllers.ht
    >> m
    >>
    >> I also note that "Vulnerabilities in Microsoft ISA Server and
    >> Forefront Threat Management Gateway (Medium Business Edition) Could
    >> Cause Denial of Service (961759)" Ref:
    >> http://www.microsoft.com/technet/sec.../ms09-016.mspx

    >
    > Would you be surprised that I'm aware of that and my servers have been
    > patched and therefore not vulnerable to those attacks?


    No, not at all! I'd have been surprised and concerned if you had *not*
    already applied that patch. I used same simply as an example to show you
    that I had investigated (just a little bit!) why you felt so very safe!

    You have, of course, considered that your equipment may have been
    compromised *before* you applied said patch? ;)


    >
    >> With equipment as described you are obviously not a simple hobbyist
    >> like me. I'm delighted to learn that *you* cannot be infected simply
    >> by visiting a specific URL like millions of folk in my position. It
    >> must give you a real sense of superiority! ;)

    >
    > It doesn't.


    That's good!

    There must be thousands of guys (or even girls) around knowing more than
    I do.

    Oh yes - I'm sure there are!
    (but unfortunately, many of them will be the 'bad guys'!)

  16. #36
    Kyle T. Jones
    Guest

    Re: Web site compromised?

    comphelp@toddh.net (Todd H.), my dear, dear friend, there was this time,
    oh, 4/23/2009 6:17 PM or thereabouts, when you let the following
    craziness loose on Usenet:
    > "David H. Lipman" <DLipman~nospam~@Verizon.Net> writes:
    >
    >> From: "Kompu Kid" <deguza@hotmail.com>
    >>
    >>
    >>
    >> | UPDATE:
    >>
    >> | * I found also a My hosting services told me that an infection on my
    >> | personal computer is probably where the injection of suspect codes
    >> | have started. He says the virus on my computer used the ftp link I
    >> | have to the web hosting site.
    >>
    >> | * In addition to the script I gave earlier, I found on some pages
    >> | another piece of code that had an "iframe" html command. The iframe
    >> | was referring to a chinese site "betwager". I am not able to write the
    >> | full code and the site. Google won't let me post it.
    >> Crosss-Posted to the other groups.
    >>
    >> As for your hosting company, they could be wrong are just passing the blame to you.
    >> Chances are MORE likely that you use an application on the server with vulnerabilities and
    >> malicious actors have exploited them to add malicious code to your site.

    >
    > Much agreed. PHP is so pourous that it's much more likely to be a
    > direct attack on your site rather than some convoluted "trojan on your
    > computer that modifies local html and then magically knows what FTP
    > client you're using, reuses its cached password for the site and loads
    > the modified html onto the remote site."
    >
    > The target audience for such a client side sploit is so small it
    > wouldn't be worthwhile.
    >
    > visit http://www.securityfocus.com/vulnerabilities
    >
    > and for each of the following, chase down what vulns there are for it
    > for the version of each your site is running
    >
    > Web server version (apache whatever likely)
    > php version on the server
    > what php forum script you're using / version
    >
    >
    > And see what vulns are in each for the versions you have, and that'll
    > wittle down the "how" in what happened perhaps.
    >
    >


    I have often heard comments such as this about PHP - yet, aside from the
    ..asp methods, isn't a LAMP or WAMP setup still pretty much ubiquitous,
    using PHP to run the back-ends? I guess what I'm asking - if you're
    scripting the back end to some website, and security is a main concern,
    which language would you recommend?

    Cheers.

  17. #37
    Craig A. Finseth
    Guest

    Web site compromised?

    In article <gt4o5g$aad$1@news.eternal-september.org>,
    Kyle T. Jones <seriously?@youvegottabekidding.net> wrote:
    ...
    >I have often heard comments such as this about PHP - yet, aside from the
    >.asp methods, isn't a LAMP or WAMP setup still pretty much ubiquitous,
    >using PHP to run the back-ends? I guess what I'm asking - if you're
    >scripting the back end to some website, and security is a main concern,
    >which language would you recommend?


    The language matters much less than the quality of the programmer. If
    you have a high-quality programmer, go with the language that person
    recommends.

    Having been programming in many languages for over 35 years, I have
    yet to see a language that can keep a programmer from doing a bad job.

    Craig


  18. #38
    ŠAriŽ
    Guest

    Re: Web site compromised?

    On Fri, 24 Apr 2009 11:07:05 -0400, Larry Thomas wrote:

    > Yet another name for a boy chasing insecure BoaterDave.
    >
    > "DGB" <DGBisnotr@al.com> wrote in message news:gsrpc3$d8e$1@aioe.org...
    > ŠAriŽ wrote:
    >> On Thu, 23 Apr 2009 15:11:49 -0700 (PDT), Kompu Kid wrote:
    >>
    >>> * I found also a My hosting services told me that an infection on my
    >>> personal computer is probably where the injection of suspect codes
    >>> have started. He says the virus on my computer used the ftp link I
    >>> have to the web hosting site.

    >>
    >> LOL

    >
    > Can you/will you expand on your comment, ŠAriŽ ?
    >
    > Thanks


    To which one of you nym-shifters?
    --
    A fireside chat not with Ari!
    http://tr.im/holj
    Motto: Live To Spooge It!

  19. #39
    Gandalf Parker
    Guest

    Re: Web site compromised?

    "Kyle T. Jones" <seriously?@youvegottabekidding.net> contributed wisdom to
    news:gt4o5g$aad$1@news.eternal-september.org:

    > I guess what I'm asking - if you're
    > scripting the back end to some website, and security is a main concern,
    > which language would you recommend?


    Either use a language that is unlikely to be used by crackers,
    or be an expert at the most popular languages in use,
    or higher an expert at the most popular languages in use,
    or pay for all your code from someone you can sue.


    Gandalf Parker
    --
    A popular package might mean its good but it doesnt mean its secure.
    In fact, quite the opposite.

  20. #40
    ŠAriŽ
    Guest

    Re: Web site compromised?

    On Mon, 27 Apr 2009 11:57:20 -0500, Kyle T. Jones wrote:

    > I have often heard comments such as this about PHP - yet, aside from the
    > .asp methods, isn't a LAMP or WAMP setup still pretty much ubiquitous,
    > using PHP to run the back-ends? I guess what I'm asking - if you're
    > scripting the back end to some website, and security is a main concern,
    > which language would you recommend?


    I'd recommend that a) you get a real education in what you are doing or
    b) hire someone who has one.

    Problem is, you won't know who to hire so get the education.
    --
    A fireside chat not with Ari!
    http://tr.im/holj
    Motto: Live To Spooge It!

Similar Threads

  1. Re: web site up but can't ping?
    By James Egan in forum ms.public.windows.networking.wireless
    Replies: 0
    Last Post: 11-14-08, 02:55 AM
  2. National Geographic Magazine's My Shot web site...
    By Indy in forum Digital Media and Photography
    Replies: 1
    Last Post: 06-28-08, 02:49 PM
  3. Cannot Get To A Web Site With Fios
    By contractor22 in forum Wireless Networks & Routers
    Replies: 2
    Last Post: 11-02-07, 07:30 AM
  4. Companies to pull ads from Coulter's Web site
    By knightmare in forum General Discussion Board
    Replies: 5
    Last Post: 03-06-07, 10:35 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •