Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 16 Apr 2014, 15:25
All times are UTC - 4
 Forum index » Taking the Puppy out for a walk » Misc
Virus warning from www.puppylinux.com/manuals.htm
Moderators: Flash, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 6 of 10 [138 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 Next
Author Message
proxy

Joined: 09 Mar 2008
Posts: 2

PostPosted: Sun 09 Mar 2008, 14:02    Post subject: Servage  

i had problems recently with servage with exploit Iframe trojan found on my websites : here i wrote about it on my blog
http://www.proxyutza.com/2008/03/07/exploit-iframe-trojan-infection/
Back to top
View user's profile Send private message 
wingruntled

Joined: 20 Feb 2007
Posts: 287
Location: Great Lakes

PostPosted: Sun 09 Mar 2008, 15:55    Post subject:  

The general consensus of servage is. You get what you pay for (sarcasm) and most of the time it’s less of what they claim and more of what they refuse to acknowledge. The TYPES of some sites that they host draws a very clear picture really.
Back to top
View user's profile Send private message 
BarryK
Puppy Master


Joined: 09 May 2005
Posts: 7047
Location: Perth, Western Australia

PostPosted: Sun 09 Mar 2008, 19:49    Post subject: Re: Servage  

proxy wrote:
i had problems recently with servage with exploit Iframe trojan found on my websites : here i wrote about it on my blog
http://www.proxyutza.com/2008/03/07/exploit-iframe-trojan-infection/

I got that too. I was getting the top-level index.html files in each of my domains repeatedly compromised. On other occasions it was the index.html or index.php files in each directory, and on other occasions also other html files. In other words, it seems to be different exploits at different times.

My trouble started after I installed WordPress, which you also have. I upgraded WordPress to latest version, but perhaps that was too late. I did repeatedly upload my files and I changed my control panel password.

Right now we are watching my site to see if it gets compromised. This last time, as well as re-uploading the files, and removing all scripts as well as WordPress, I also changed both control panel and ftp passwords -- I haven't changed the ftp password before, as I didn't see how anyone could discover it.

Anyway, it's interesting that we have WordPress as a common factor, and maybe Servage is not the culprit.

Anyway, if my site gets hacked this time, I'll know it is Servage's fault. So we are all waiting with bated breath (perhaps the hacker is reading this too, unfortunately -- I'm getting paranoid!).

_________________
http://bkhome.org/news/
Back to top
View user's profile Send private message Visit poster's website 
jamesbond

Joined: 26 Feb 2007
Posts: 1875
Location: The Blue Marble

PostPosted: Sun 09 Mar 2008, 21:39    Post subject:  

Unfortunately I have to break the bad news - puppylinux.com index page is hacked again here at 12:38pm AEDT - which is is only a few hours after Barry's last post. It contains the drugs link again ... Shocked

Sample below:

Code:

<small>No part of this page is to be reproduced anywhere else. I have found
that there is a problem where parts of my web pages are being inserted
at other sites, then not updated, whereas I am updating my pages
regularly. This is not a desirable situation, so please just link to my
pages.</small></div>
      </td>
    </tr>
  </tbody>

</table>
<br>
</body></html>
<font style='position: absolute;overflow: hidden;height: 0;width: 0'>
<a href="http://csulb.edu/~jbanuelo/aaa/new/vi/tmp.php?q=buy-standing tall.htm" title="buy standing tall">buy standing tall</a>
<a href="http://csulb.edu/~jbanuelo/aaa/new/vi/tmp.php?q=buy-standing tall-online.htm" title="buy standing tall online">buy standing tall online</a>
<a href="http://csulb.edu/~jbanuelo/aaa/new/vi/tmp.php?q=buy-standing tall-online-standing tall.htm" title="buy standing tall online standing tall">buy standing tall online standing tall</a>
<a href="http://csulb.edu/~jbanuelo/aaa/new/vi/tmp.php?q=standing tall-buy.htm" title="standing tall buy">standing tall buy</a>
<a href="http://csulb.edu/~jbanuelo/aaa/new/vi/tmp.php?q=where-to-buy-standing tall.htm" title="where to buy standing tall">where to buy standing tall</a>
<a href="http://csulb.edu/~jbanuelo/aaa/new/vi/tmp.php?q=buy-standing tall-now-online.htm" title="buy standing tall now online">buy standing tall now online</a>
... and others follow (a very long list)

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13
Back to top
View user's profile Send private message 
wingruntled

Joined: 20 Feb 2007
Posts: 287
Location: Great Lakes

PostPosted: Sun 09 Mar 2008, 21:54    Post subject:  

Tuuxxx better check his site too then.
Back to top
View user's profile Send private message 
Caneri

Joined: 04 Sep 2007
Posts: 1580
Location: Canada

PostPosted: Sun 09 Mar 2008, 22:01    Post subject:  

ttuuxxx.com looks ok from here.

Servage needs to be blocked post haste from all servers that host Puppy Linux.

EDIT: my apologies to all the servage users..but I've spent too much time trying to keep up with servage and it's problems. I have put a temporary block on all of servage until I can see the host move to fix Barry's problem...I am aware most of the servers use servage...maybe time to rethink this and move on...again my apologies.

Eric

_________________
Be not afraid to grow slowly, only be afraid of standing still.
Chinese Proverb

Back to top
View user's profile Send private message 
wingruntled

Joined: 20 Feb 2007
Posts: 287
Location: Great Lakes

PostPosted: Sun 09 Mar 2008, 23:51    Post subject:  

Caneri wrote:
ttuuxxx.com looks ok from here.

Servage needs to be blocked post haste from all servers that host Puppy Linux.

EDIT: my apologies to all the servage users..but I've spent too much time trying to keep up with servage and it's problems. I have put a temporary block on all of servage until I can see the host move to fix Barry's problem...I am aware most of the servers use servage...maybe time to rethink this and move on...again my apologies.

Eric

That was a very wise move, Eric.
CYPM soon
Back to top
View user's profile Send private message 
HairyWill


Joined: 26 May 2006
Posts: 2949
Location: Southampton, UK

PostPosted: Mon 10 Mar 2008, 00:02    Post subject: Re: Servage  

BarryK wrote:
I haven't changed the ftp password before, as I didn't see how anyone could discover it.
plain ftp is insecure usernames and passwords are sent in plain text.
http://www.raditha.com/php/ftp/security.php
That said I think it is unlikely that you have been compromised in this way.

_________________
Will
contribute: community website, screenshots, puplets, wiki, rss
Back to top
View user's profile Send private message 
proxy

Joined: 09 Mar 2008
Posts: 2

PostPosted: Mon 10 Mar 2008, 02:37    Post subject:  

i dont think its a wordpress issue, because all my index.php files were only writable by the owner, so it couldnt been done via script, only from the server, and also not wordpress websites got it too... on my account

my websites are clean, i didnt got the code again, it must be cause by the cluster your in, everyone on the cluster that gets hacked gets their pages modified
Back to top
View user's profile Send private message 
Caneri

Joined: 04 Sep 2007
Posts: 1580
Location: Canada

PostPosted: Mon 10 Mar 2008, 02:57    Post subject:  

thanks proxy,

Looks to me dedicated linux servers are the way to go...

Eric

_________________
Be not afraid to grow slowly, only be afraid of standing still.
Chinese Proverb

Back to top
View user's profile Send private message 
John Doe

Joined: 01 Aug 2005
Posts: 1689
Location: Michigan, US

PostPosted: Mon 10 Mar 2008, 03:31    Post subject:  

I'm thinking it's an Apache Buffer Overrun Error or Directory Transversal (probably the first one).

If Frontpage extensions were present, they are notorious for being poorly configured on Apache Systems. Although I think I once recall Barry saying he specifically didn't get them with his account (or else I just dreamed that up).

Perhaps even a problem with some type of control panel or other cgi they have with sites. The first would run with enough privilege to modify pages for sure, and one never knows about the others. It all depends on how much they understand about setting up users and isolating processes. Just because someone runs a hosting business doesn't mean they know.
Back to top
View user's profile Send private message 
BarryK
Puppy Master


Joined: 09 May 2005
Posts: 7047
Location: Perth, Western Australia

PostPosted: Mon 10 Mar 2008, 06:48    Post subject:  

I don't have Frontpage extensions.

Well, I have told Servage, so let's see how they respond this time. I've backed them into a corner, eliminated every way in which they can blame me, so let us see if they actually do a proper investigation this time.

I had a quick look, and it seems that only the one file is compromised so far. I left it there and immediately notified Servage, but I'll login again soon and clean up.

I know, it's not good to leave the corrupted file there, but I want to give Servage time to see it. Not long though, I'll go through my site soon and clean up.

_________________
http://bkhome.org/news/
Back to top
View user's profile Send private message Visit poster's website 
John Doe

Joined: 01 Aug 2005
Posts: 1689
Location: Michigan, US

PostPosted: Mon 10 Mar 2008, 06:59    Post subject:  

BarryK wrote:
I know, it's not good to leave the corrupted file there, but I want to give Servage time to see it.


understood. don't worry at all if it's just those stupid pharmaceutical links.

my global compass isn't always the best, but i think it's mostly stupid US citizens that fall for those. due mainly to the relative price of them here.
Back to top
View user's profile Send private message 
Sage

Joined: 04 Oct 2005
Posts: 4767
Location: GB

PostPosted: Mon 10 Mar 2008, 07:43    Post subject:  

'Quote' doesn't seem to be working this morning, John? So I'll use the old fashioned method:
"it's mostly stupid US citizens that fall for those. due mainly to the relative price of them here."

If the US instituted a proper healthcare system to care for their citizens they would do the world a favour as well as themselves. These crooks would have to engage brains for a new scam. Hungary voted for healthcare, yesterday. People should be happy to pay more tax to help those who are less fortunate than themselves. Apart from which, runaway trucks can be unpredictable, so it's just a case of enlightened self-interest. Why isn't it like that in the US? The Pilgrims, Founding Fathers - all those Quakers, caring sharing Communists by any other name, must be turning in their graves.
Back to top
View user's profile Send private message 
NathanO

Joined: 22 Feb 2007
Posts: 195
Location: San Antonio, TX

PostPosted: Mon 10 Mar 2008, 09:53    Post subject:  

Sage,

Sorry you talked about the 'great health care systems' in the world. My sister is married to a Canadian and lives up there. She has the same back problems our mother had when she was alive. My sister was on a 6 to 8 year waiting list to have the operation she needed. The drugs they were giving her did not help. My father, sister, and her husband put together the money to have my sister come back down to the states to have the operation. She is now on a four to six year wait for the second operation. Since she is now almost 60 years old, who do you think is going to get the operation, her or some one younger? Several people younger then her have only waited one to two years.

Better health care? No thanks.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 6 of 10 [138 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Taking the Puppy out for a walk » Misc
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0868s ][ Queries: 12 (0.0058s) ][ GZIP on ]