Newgrounds.com — Everything, By Everyone.

At 6/3/09 07:21 PM, wreckages wrote:

At 6/3/09 06:52 PM, Jessii wrote: Dude! Spell check is doing you wrong! lmao

why is firefox reporting fauxdreams to me?

(

Same with Chrome :(

Jessii what have you been doing :O

I hax0rz u!

Seriously, I don't know. I'm not getting the errors on FF or Chrome, but the google ads seem to be taking their sweet time loading, so I'm assuming that there might be something with that.

Any ideas? This info is all new to me and I haven't done any layout updating or anything major that would change the structure of the overall site in months.

At 6/3/09 08:07 PM, Wonderful wrote:

At 6/3/09 07:21 PM, wreckages wrote:

At 6/3/09 06:52 PM, Jessii wrote: Dude! Spell check is doing you wrong! lmao

why is firefox reporting fauxdreams to me?

(

Same with Chrome :(

Same in Safari.

I wasn't getting those errors at all from my browsers. I'm thinking it may have something to do with the google ads because they were taking forever to load their statistics program or whatever. But if anyone has any other ideas tell me. I haven't done anything to the site that would cause that issue and people were looking at it last week without a problem.

Jessii: The server you're on has had malware on it, contact dreamhost and have them switch you to a new server within their network. It seems that you account may have been compromised and has had malware embedded in it, have you checked all your files? Were any modified recently that you're not aware of? You can see the reason for the blocking of the site; "Of the 35 pages that we tested on the site over the past 90 days, 3 page(s) resulted in malicious software being downloaded and installed without user consent. The last time that Google visited this site was on 2009-05-29, and the last time that suspicious content was found on this site was on 2009-05-29"

At 6/3/09 06:52 PM, Jessii wrote: Dude! Spell check is doing you wrong! lmao

Ah I missed those, the orange background on NGs textarea isnt the clearest for noticing a wee red line :-/ I'll get their one day dudette :P

At 6/4/09 08:14 AM, citricsquid wrote: You can see the reason for the blocking of the site;

The office got the same notice when two of our sites got infected. But I saved the day in the end :)

Oh and for those that it applies to, I hope y'all voted in the European election!

At 6/4/09 08:14 AM, citricsquid wrote: It seems that you account may have been compromised and has had malware embedded in it, have you checked all your files?

My guess would be it's just flagging the server rather than anything on Jessi's site being compromised.

Malicious software is hosted on 1 domain(s), including 202.73.57.0/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including davtraff.com/.

This site was hosted on 1 network(s) including AS26347 (DREAMHOST).

Also a forgot to say. Swine flu has taken off in Scotland! theirs more than a hundred infected now. Only two or so days ago it was at 23 after that bus full of huns got infected and before them it was only 11. AND my ma has a cousin hows going to get tested for it. Shes a delivery driver so if she has it lots of people do by now. And that could include me as she was in our house a few days ago.

We should start a kitty to see who gets infected first! I already have the best odds :P

Hmmm. That's all very interesting. I haven't physically modified anything on the server at all in months. Like I can't remember when I logged into the FTP last. I know that DH has had issues with DoS attacks in the past and now I'm wondering if when they switched me to a brand new "green" server that something happened. Since it's shared hosting someone else could have loaded it on there as well.

I'm going to contact tech support and ask them to run a scan on my server.

Ok so I sent a support ticket after I did an account/server check with the link that squid provided (there's a site that's supposedly using my site as a mirror). The server had been rebooted within the last week so there may have been an issue. However, there wasn't anything posted lately about the Quicksilver server having issues, so we'll see what happens. I'm just wondering if there was a DoS that they didn't catch.

3rd post but hours apart lol. Somehow someone injected an inframe into at least 1 file, the one I looked at was the index file. I'm redoing my whole site and dumped wp permanently. I still have the database but I'm going to redo the site as a whole. So stay tuned.

I remember when my old server was infected... Back when I was still using FastNext hosting (cheap, crappy hosting), my server got infected through either an SMF or a Wordpress exploit. Of course I didn't even take it down, because I didn't care so much about people getting infected. I got my account suspended indefinitely though, because whoever got into my server used it as a bot to send thousands of spam e-mails. Once they're in, it's pretty hard to get them out.

At 6/4/09 11:01 PM, DanielZ wrote: I remember when my old server was infected... Back when I was still using FastNext hosting (cheap, crappy hosting), my server got infected through either an SMF or a Wordpress exploit. Of course I didn't even take it down, because I didn't care so much about people getting infected. I got my account suspended indefinitely though, because whoever got into my server used it as a bot to send thousands of spam e-mails. Once they're in, it's pretty hard to get them out.

As long as the attacker doesn't have SSH access or anything it's pretty easy, do a clean install and make sure there is no weird shit in the database before importing it into the new install and you are done.

As far as I know, someone took it upon themselves to inject an iframe into my WP index page but I wouldn't really know what I'd be looking for if the database was infected too. I still have to go through all of the other pages on my site that I had that I just never deleted to ensure that nothing's infected there either. I've already made a new layout, I did it this morning before I left for work. It's not complete but it's almost there.

It often happens through either an insecure install or out of date install of a popular script, such as wordpress, or the server is compromised - either through another account being 'hacked' or through someone registering as a legitimate user and exploiting it.

I've done it before when I was a little miscreant doing everything to annoy people, I found a bug within cPanel and used some prebuilt script to exploit it and access all user accounts on the server, I was able to take over quite a few websites. The best thing you can do is request that dreamhost move you to a new server within their network, the current server is most likely fully compromised and reupload won't do anything.

At 6/5/09 12:58 PM, citricsquid wrote: It often happens through either an insecure install or out of date install of a popular script, such as wordpress, or the server is compromised - either through another account being 'hacked' or through someone registering as a legitimate user and exploiting it.

I've done it before when I was a little miscreant doing everything to annoy people, I found a bug within cPanel and used some prebuilt script to exploit it and access all user accounts on the server, I was able to take over quite a few websites. The best thing you can do is request that dreamhost move you to a new server within their network, the current server is most likely fully compromised and reupload won't do anything.

My version was update, but I'm thinking that they somehow got in through old forum software or the old version of wp that was on the server as backup incase the new version was a bad install.

I'm not sure, they didn't offer to move my files or anything. They'd also have to change my mailserver and database server as well because if one is compromised all 3 might be. And the sad thing is, this is a brand new green server that they just moved me to (or so they say) that I signed up to beta test and so they gave me "unlimited."

Dang 3001 posts in the space of a few years. THat makes this the forum I have posted in PLUS the forum I'm now most active in as I have been on other forums for Years but have less posts than I do here.cThat would be a bad thing but you guys make it a good thing. Love and Peace and all that jazz :)

I've had this account for almost a year, and I only have 455 posts, every single one of them in the programming forum. I dare not go into the cesspool that is NG General.

I have never posted out of this forum. (I don't think so anyway)

what the fucks up my nigges

At 6/6/09 12:24 AM, cherries wrote: what the fucks up my nigges

Where have you been? I thought you fell off a cliff and died (or something to that effect).

I have, but every time i did i quickly realized the futility of trying to post something serious in general.

At 6/6/09 07:45 AM, DearonElensar wrote: I have, but every time i did i quickly realized the futility of trying to post something serious in general.

Are you cherries? I for some reason remember cherries being a troll.

At 6/5/09 11:25 PM, Relish wrote: I have never posted out of this forum. (I don't think so anyway)

Politics has been my second port of call, when the home port is a little empty. I have been in general a few times, but made decent posts, that's only on rare late night occasions. I did once point out in general that someone couldn't have "deleted their System32 folder" Because they were using windows 98. To which the remainder of the thread got cheers of "HaHa that's what you get for lying on the internet" thought that was funny.

At 6/6/09 08:00 AM, Jon-86 wrote:

At 6/6/09 07:45 AM, DearonElensar wrote: I have, but every time i did i quickly realized the futility of trying to post something serious in general.

Are you cherries? I for some reason remember cherries being a troll.

Dearon was replying to a post about General, but he forgot to quote.

At 6/6/09 08:16 AM, citricsquid wrote: Dearon was replying to a post about General, but he forgot to quote.

Ah right, sound, that makes more sense now, cheers!

At 6/6/09 08:16 AM, citricsquid wrote: Dearon was replying to a post about General, but he forgot to quote.

Yeah, in hindsight it was smarter to quote >.>

Horrible performance by England, but we beat Kazakhstan 4-0 so I'm fairly happy :) Pretty bummed that this is my Saturday night though; stupid exams >:(

The King Himself.

Bill Bailey

On Channel4 Right NOW

Tune in or lose out!