geekhack
geekhack Community => Keyboards => Topic started by: fohat.digs on Sat, 05 November 2011, 09:05:51
-
It took several tries just to get on.
Google and Avast are acting like Geekhack is Satan's own website.
What's up?
Can you convince them that you are OK?
Thanks!
-
http://geekhack.org/showthread.php?23666-Trojan-on-Geekhack
http://geekhack.org/showthread.php?23685-Geekhack-blocked-by-firefox
-
And really wrong subforum...
-
Only happened to me this mornin'. Chrome told me not to come here also. lol
-
The best thing about running Debian GNU/Linux as your main operating system. Warning. Nope. Go anyway. I haven't been worried about going to a website in over four years, so far nothing has gone wrong.
-
Linux isn't immune to Java exploits. Never take security for granted.
-
The best thing about running Debian GNU/Linux as your main operating system. Warning. Nope. Go anyway.
What do you mean by this: "Warning. Nope."?
I had issues on a Debian 5 + Firefox accessing GeekHack today so I freaked out a bit and I quickly installed a Debian 6 + Google Chrome in a VM (KVM).
You mean you decided not to care about the warning but you still get said warning right?
-
Linux isn't immune to Java exploits.
Well the nice thing about Java on Linux (and this comes from someone mainly developing in Java atm) is that you're not forced to be root to install Java. Which means you can install, for example, Java in your "development account" if you want to develop in Java and install no Java at all in the account you use for surfing.
I'm typing this from Google-Chrome running in a VM, from a user account that doesn't have Java installed: this surely makes me immune to Java exploits (not that there aren't other types of exploits, like Flash or JavaScript : )
-
Well, there ya go. Good practices > trusting any OS to do it for you.
-
May be you getting banned again will drive view count up once more. Get on it. ;)
-
I always take my security very seriously. I am careful of every website I go to but I am not over cautious. Those people who get their OS infected are not careful or did not have proper precautions. I have backed up files on another hard disc, and my main OS is installed in a small partition that would be very easy to re-write over. So no I am not just trusting the operating system to do it all for me. I just do not need to worry because of years of experience backing up my choices has prepared me for anything.
-
I thought ripster broke it again. I'm in [sandboxie] so nothing gets out.
-
Here is what google is saying. I don't know how much of that would affect a Mac though.
Safe Browsing
Diagnostic page for geekhack.org
What is the current listing status for geekhack.org?
Site is listed as suspicious - visiting this web site may harm your computer.
Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.
What happened when Google visited this site?
Of the 9 pages we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2011-11-05, and the last time suspicious content was found on this site was on 2011-11-05.
Malicious software is hosted on 1 domain(s), including 91.194.214.0/.
This site was hosted on 1 network(s) including AS30691 (LLDC).
Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, geekhack.org did not appear to function as an intermediary for the infection of any sites.
Has this site hosted malware?
No, this site has not hosted malicious software over the past 90 days.
How did this happen?
In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.
-
LOL be a real geekhacker and remove your antivirus!
-
Google "safe browsing" is trying to actively block the site now too ... every single page load in OSX Lion ends up with this dialog (and requires you to clock through two dialogs to be able to open any page):
[ATTACH=CONFIG]30972[/ATTACH]
-
It's probably a compromise thanks to another domain on the same hosting server ... see this report for more info -- it says that the IP based site has infected 229 other domains (and the google report on geekhack says it was likely infected by that IP based site). Sounds like the hosting company needs to pull their security socks up.
http://google.com/safebrowsing/diagnostic?site=91.194.214.0/&hl=en-us
-
Both McAfee's SiteAdvisor (http://www.siteadvisor.com/sites/geekhack.org) & Norton's SafeWeb (http://safeweb.norton.com/report/show?url=geekhack.org) reported no problem with GH.
-
Google won't even let me click through geekhack links in search results now either.
Either google is wrong or those other two sites are wrong. I tend to trust google more.
-
Rogue javascript removed and security hole patched.
-
<3 iMav
-
Still can't access site at all with Firefox and when using IE 9 I get an alert and trojen with Microsoft Security Essentials....
[ATTACH=CONFIG]30988[/ATTACH]
[ATTACH=CONFIG]30989[/ATTACH]
[ATTACH=CONFIG]30990[/ATTACH]
-
It will take a while for the reputation to be updated...and you are looking at your history tab on the anti-virus/malware; doesn't appear to be happening again.
-
Rogue javascript removed and security hole patched.
Thanks :)
-
Rogue javascript removed and security hole patched.
Out of curiosity and now that it has been patched, could you give us more info? (maybe a link describing the exploit?)
How did you find that it was that particular exploit? Was it Google telling you about it? (I'm asking because I own two websites : )
-
Out of curiosity and now that it has been patched, could you give us more info? (maybe a link describing the exploit?)
How did you find that it was that particular exploit? Was it Google telling you about it? (I'm asking because I own two websites : )
https://www.vbulletin.com/forum/showthread.php/390631-vBulletin-Security-Patch-for-vBulletin-4-Suite-Only-11-04-2011
-
The malware part seems like standard XSS stuff. MS calls it Blacole.s. Not much info about it now, but I think it just another javascript>iframe>Java exploit.