chiffandfipple.com hacked
- peeplj
- Posts: 9029
- Joined: Mon Jan 21, 2002 6:00 pm
- Please enter the next number in sequence: 1
- Location: forever in the old hills of Arkansas
- Contact:
Re: chiffandfipple.com hacked
I've hit the forums from multiple systems (one running Avast, one running Symantec's corporate antivirus system and firewall).
So far I've not seen any evidence that the forums are infected.
--James
So far I've not seen any evidence that the forums are infected.
--James
http://www.flutesite.com
-------
"Though no one can go back and make a brand new start, anyone can start from now and make a brand new ending" --Carl Bard
-------
"Though no one can go back and make a brand new start, anyone can start from now and make a brand new ending" --Carl Bard
- Dale
- The Landlord
- Posts: 10293
- Joined: Wed May 16, 2001 6:00 pm
- Please enter the next number in sequence: 1
- Location: Chiff & Fipple's LearJet: DaleForce One
- Contact:
Re: chiffandfipple.com hacked
Thank you, James. Most appreciated.
- s1m0n
- Posts: 10069
- Joined: Wed Oct 06, 2004 12:17 am
- antispam: No
- Please enter the next number in sequence: 10
- Location: The Inside Passage
Re: chiffandfipple.com hacked
Nothing wrong from here, either; I'm logging in via Opera from a box running XP.
And now there was no doubt that the trees were really moving - moving in and out through one another as if in a complicated country dance. ('And I suppose,' thought Lucy, 'when trees dance, it must be a very, very country dance indeed.')
C.S. Lewis
C.S. Lewis
- MTGuru
- Posts: 18663
- Joined: Sat Sep 30, 2006 12:45 pm
- antispam: No
- Please enter the next number in sequence: 8
- Location: San Diego, CA
Re: chiffandfipple.com hacked
It's willful ignorance, don't you know.Dale wrote:MTGuru is a big help, but I don't think he's an expert on all of this either.
Vivat diabolus in musica! MTGuru's (old) GG Clips / Blackbird Clips
Joel Barish: Is there any risk of brain damage?
Dr. Mierzwiak: Well, technically speaking, the procedure is brain damage.
Joel Barish: Is there any risk of brain damage?
Dr. Mierzwiak: Well, technically speaking, the procedure is brain damage.
Re: chiffandfipple.com hacked
as long as it's willful you'll just take longer ta figure it out
-
- Posts: 15580
- Joined: Sun Feb 09, 2003 6:00 pm
- Please enter the next number in sequence: 1
- Location: somewhere, over the rainbow, and Ergoville, USA
Re: chiffandfipple.com hacked
That's what happened to me too but I thought it was just my computer. Guess not.Doug_Tipple wrote:I tried to log on C & F yesterday, but every time I tried, my computer froze up. I had to do a control alt delete to back out. There was a screen from Norton security saying that there was an attempt to infect my computer, which, luckily, my security software was able to take care of each time. There were several security updates that came through the day before in the daytime, when my usual automatic security updates are in the early morning. The trojan horse or whatever was identified by name, but I didn't write it down. I read yesterday that there are growing instances of these types of malware attacks, and that an estimated one in ten computers in the USA (I believe) are presently affected, with sensitive personal data available to the hackers. The whole internet insecurity mess scares me.
- peeplj
- Posts: 9029
- Joined: Mon Jan 21, 2002 6:00 pm
- Please enter the next number in sequence: 1
- Location: forever in the old hills of Arkansas
- Contact:
Re: chiffandfipple.com hacked
Guys, when you have a virus message or any error that looks like it may be virus or malware-related, always:
1. STOP what you are doing
2. write down the error
3. if you are using broadband, hit the "standby" button on top of the modem to go offline. If your PC has been compromised, this will prevent it from being remote controlled or used for anything nefarious.
Then you'll need to do a virus scan with whatever program you're using. Most will have an option for a quick scan, do that, and then run a full scan that night. If the quick scan is clean, you can go back online, but do a full scan that night just to be sure.
Here's the why: some viruses trash out the hard drive, but the data is sometimes recoverable, if you know what caused the damage.
Just offering a few pointers to try to help keep your online experiences positive.
--James
1. STOP what you are doing
2. write down the error
3. if you are using broadband, hit the "standby" button on top of the modem to go offline. If your PC has been compromised, this will prevent it from being remote controlled or used for anything nefarious.
Then you'll need to do a virus scan with whatever program you're using. Most will have an option for a quick scan, do that, and then run a full scan that night. If the quick scan is clean, you can go back online, but do a full scan that night just to be sure.
Here's the why: some viruses trash out the hard drive, but the data is sometimes recoverable, if you know what caused the damage.
Just offering a few pointers to try to help keep your online experiences positive.
--James
http://www.flutesite.com
-------
"Though no one can go back and make a brand new start, anyone can start from now and make a brand new ending" --Carl Bard
-------
"Though no one can go back and make a brand new start, anyone can start from now and make a brand new ending" --Carl Bard
- Casey Burns
- Posts: 1488
- Joined: Sun Nov 16, 2003 12:27 pm
- Please enter the next number in sequence: 1
- Location: Kingston WA
- Contact:
Re: chiffandfipple.com hacked
Something is going around. This just happened to one of the more important alternative financial websites www.financialsense.com
Question - who is your hosting provider? GoDaddy? Google?
Casey
Question - who is your hosting provider? GoDaddy? Google?
Casey
- Dale
- The Landlord
- Posts: 10293
- Joined: Wed May 16, 2001 6:00 pm
- Please enter the next number in sequence: 1
- Location: Chiff & Fipple's LearJet: DaleForce One
- Contact:
Re: chiffandfipple.com hacked
DreamhostCasey Burns wrote:Something is going around. This just happened to one of the more important alternative financial websites http://www.financialsense.com
Question - who is your hosting provider? GoDaddy? Google?
Casey
Rich is helping (Yay!) and is confident this board is not infected. It's on a private server.
- Doug_Tipple
- Posts: 3829
- Joined: Wed Mar 31, 2004 8:49 pm
- antispam: No
- Please enter the next number in sequence: 10
- Location: Indianapolis, Indiana
- Contact:
Re: chiffandfipple.com hacked
It's good to know that C & F is not currently infected by a virus. However, since a number of hosting providers recently have been infected by a new trojan virus that embeds itself in the codes of the subscribing websites, it is not unreasonable to think that there is a good possibility that we might encounter this again, no matter where we happen to be on the internet.
Thanks to James for his helpful comments about how to deal with this from the point of view of the individual user. Let's see. I have to remember to wear my armor when I go into battle, or something like that. Right, James?
Thanks to James for his helpful comments about how to deal with this from the point of view of the individual user. Let's see. I have to remember to wear my armor when I go into battle, or something like that. Right, James?
- peeplj
- Posts: 9029
- Joined: Mon Jan 21, 2002 6:00 pm
- Please enter the next number in sequence: 1
- Location: forever in the old hills of Arkansas
- Contact:
Re: chiffandfipple.com hacked
That's pretty much the idea, yes.I have to remember to wear my armor when I go into battle, or something like that. Right, James?
At absolute minimum, using a Windows system, you should have a current antivirus package, and at least once a week update its definitions. Run a firewall--the Windows firewall in XP (at least SP2) or Vista is fine.
Much better is to have both antivirus and software firewall, and also have a hardware firewall offering stateful packet inspection (newer routers will already have this), and have an anti-malware package such as Windows Defender (mediocre-good) or Spybot Search and Destroy (much better). If you're going to be doing much web surfing at all, you really need these, especially the hardware firewall.
I want to mention the hardware firewall again as lots of folks don't understand why they need a router if they are only going to have one computer that goes on the internet. A hardware firewall makes your network pretty much invisible to hackers. It's not 100%, but it protects you from everything except very dedicated, non-trivial attempts to access your system. This is a level of protection far past what any software firewall can provide.
--James
http://www.flutesite.com
-------
"Though no one can go back and make a brand new start, anyone can start from now and make a brand new ending" --Carl Bard
-------
"Though no one can go back and make a brand new start, anyone can start from now and make a brand new ending" --Carl Bard
Re: chiffandfipple.com hacked
James has it right, in terms of hardware firewall versus software firewall.peeplj wrote:...I want to mention the hardware firewall again as lots of folks don't understand why they need a router if they are only going to have one computer that goes on the internet. A hardware firewall makes your network pretty much invisible to hackers. It's not 100%, but it protects you from everything except very dedicated, non-trivial attempts to access your system. This is a level of protection far past what any software firewall can provide...
I've been using a (brand name) Netgear router, which also includes a hardware firewall.
Hardware firewall, way to go!
- Mitch
- Posts: 1826
- Joined: Tue Dec 20, 2005 6:58 pm
- antispam: No
- Please enter the next number in sequence: 8
- Location: Wombatistan
- Contact:
Re: chiffandfipple.com hacked
Norton has this report:
-------------------------------
General Info
Web Site Location United States of America
Norton Safe Web has analyzed chiffandfipple.com for safety and security problems. Below is a sample of the threats that were found.
Threat Report
Total threats found: 12
Drive-By Downloads (what's this?)
Threats found: 12
Here is a sample:
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\G1Q9SRO7\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-December2005/
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\G1Q9SRO7\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-January05/
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\MH25YLE5\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cfSeptember2005/
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\MH25YLE5\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-JUNE2004/index.htm
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\GZKDIZWD\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-MARCH2005/
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\W96RIBA9\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-december2004/
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\W96RIBA9\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-May2004/index.htm
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\MH25YLE5\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/march2006/
Threat Name: Direct link to Suspicious.MH690
Location: http://www.chiffandfipple.com/webissues.html
Direct link to: http://www.chiffandfipple.com/whistlehaiku/
Location: http://www.chiffandfipple.com/
-------------------------------
General Info
Web Site Location United States of America
Norton Safe Web has analyzed chiffandfipple.com for safety and security problems. Below is a sample of the threats that were found.
Threat Report
Total threats found: 12
Drive-By Downloads (what's this?)
Threats found: 12
Here is a sample:
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\G1Q9SRO7\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-December2005/
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\G1Q9SRO7\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-January05/
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\MH25YLE5\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cfSeptember2005/
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\MH25YLE5\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-JUNE2004/index.htm
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\GZKDIZWD\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-MARCH2005/
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\W96RIBA9\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-december2004/
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\W96RIBA9\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-May2004/index.htm
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\MH25YLE5\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/march2006/
Threat Name: Direct link to Suspicious.MH690
Location: http://www.chiffandfipple.com/webissues.html
Direct link to: http://www.chiffandfipple.com/whistlehaiku/
Location: http://www.chiffandfipple.com/
Re: chiffandfipple.com hacked
BTW, I haven't had any trouble, lately, in getting to C&F.
c/o Mac OSX
:-)
c/o Mac OSX
:-)
- Doug_Tipple
- Posts: 3829
- Joined: Wed Mar 31, 2004 8:49 pm
- antispam: No
- Please enter the next number in sequence: 10
- Location: Indianapolis, Indiana
- Contact:
Re: chiffandfipple.com hacked
I have a question, James, if you don't mind. I have a Belkin Wireless G router that I purchased about 18 months ago when my wife got her laptop. My desktop computer feeds out of the router, but it is a direct connection. I don't see anything on the packaging box about the presence of a firewall with the router, so I assume that there isn't one. My wife also complains about the downloads being really slow. She has Vista Home Basic OS using Windows IE. In order to speed up her downloads and provide the protection of a hard firewall, can you recommend a replacement router that is not too expensive but would fill our needs for greater security and increased speed?peeplj wrote:That's pretty much the idea, yes.I have to remember to wear my armor when I go into battle, or something like that. Right, James?
At absolute minimum, using a Windows system, you should have a current antivirus package, and at least once a week update its definitions. Run a firewall--the Windows firewall in XP (at least SP2) or Vista is fine.
Much better is to have both antivirus and software firewall, and also have a hardware firewall offering stateful packet inspection (newer routers will already have this), and have an anti-malware package such as Windows Defender (mediocre-good) or Spybot Search and Destroy (much better). If you're going to be doing much web surfing at all, you really need these, especially the hardware firewall.
I want to mention the hardware firewall again as lots of folks don't understand why they need a router if they are only going to have one computer that goes on the internet. A hardware firewall makes your network pretty much invisible to hackers. It's not 100%, but it protects you from everything except very dedicated, non-trivial attempts to access your system. This is a level of protection far past what any software firewall can provide.
--James