View previous topic :: View next topic |
Author |
Message |
Da Nag
Joined: 24 Oct 2003 Posts: 2820 City/Region: Port Angeles
State or Province: WA
C-Dory Year: 2008
C-Dory Model: 16 Angler
Vessel Name: Taco
Photos: <a>Da Boats</a>
|
Posted: Sat Jun 15, 2013 5:48 pm Post subject: "Malware" warnings |
|
|
Some of you running Chrome may have seen "malware warnings" when visiting us earlier today.
The bad news: The warnings were accurate. Our server was compromised, and for a brief period of time malware could potentially have been served up to anyone visiting. I say potentially, as it would have required action on your part beyond visiting us to get infected, i.e. clicking on a popup or link when prompted. Based on server logs I took a peek at, the window when this could have happened was less than an hour this afternoon.
The good news: It was a known server exploit, and it was easy to clean up. In addition to removing all the nasty bits, updates were applied that address the vulnerability.
Until next time, of course...keep your shields up. _________________ Will, C-Brat Nerd |
|
Back to top |
|
|
rob bauerle
Joined: 07 Oct 2010 Posts: 126 City/Region: spokane
State or Province: WA
C-Dory Year: 2008
C-Dory Model: 22 Cruiser
Vessel Name: Robbie's Refuge
Photos: Robbie’s Refuge
|
Posted: Sat Jun 15, 2013 5:53 pm Post subject: |
|
|
Thanks so much for all the work you guys do to keep this great site going |
|
Back to top |
|
|
journey on
Joined: 03 Mar 2005 Posts: 3597 City/Region: Valley Centre
State or Province: CA
C-Dory Year: 2005
C-Dory Model: 25 Cruiser
Vessel Name: journey on
Photos: Journey On
|
Posted: Sat Jun 15, 2013 7:23 pm Post subject: |
|
|
What was it and how would we know? Is there anything we should do?
Boris |
|
Back to top |
|
|
Da Nag
Joined: 24 Oct 2003 Posts: 2820 City/Region: Port Angeles
State or Province: WA
C-Dory Year: 2008
C-Dory Model: 16 Angler
Vessel Name: Taco
Photos: <a>Da Boats</a>
|
Posted: Sat Jun 15, 2013 8:36 pm Post subject: |
|
|
journey on wrote: | What was it and how would we know? Is there anything we should do? |
Yup - you should run Chrome or Firefox, both of which monitor known virus/malware sites and will warn you whenever a site attempts to deliver content from them. Chrome users saw the following during the brief period this morning, Firefox users would have seen something similar:
As to what it was - I honestly don't know. All I do know, is that visitors here could have been redirected to the site mentioned in the warning image above while we were compromised. What that site may or may not have attempted to deliver, is anyone's guess.
If you're on Windows and saw something odd while visiting us earlier today - it wouldn't be a bad idea to run a virus and/or malware scan. Mac/Linux - do whatever you wish, but I wouldn't lose any sleep over it. |
|
Back to top |
|
|
DuckDogTitus
Joined: 31 Jan 2013 Posts: 1034 City/Region: Gig Harbor
State or Province: WA
C-Dory Year: 1988
C-Dory Model: 22 Cruiser
Vessel Name: C-Miner
Photos: Hemingway
|
Posted: Sat Jun 15, 2013 10:58 pm Post subject: |
|
|
I have a 13 year old email address (as that is the age of my company) and get around 20,000 spam emails per month. 13,000+ are blocked before they reach my inbox, the rest I delete manually, sometimes 200+ per day. sometimes I'll walk away from my desk for 10-12 minutes, and come back to 1 per minute popping in there.
when I think about spammers, hackers, and other ill-intent computer nerds......
the amount of effort these folks put into internet-negative activity could yield amazing results if redirected to something positive. _________________ Dustin |
|
Back to top |
|
|
Captains Cat
Joined: 03 Nov 2003 Posts: 7313 City/Region: Cod Creek>Potomac River>Chesapeake Bay
State or Province: VA
C-Dory Year: 2005
C-Dory Model: 22 Cruiser
Vessel Name: Captain's Choice II
Photos: Captain's Cat
|
Posted: Sun Jun 16, 2013 6:20 am Post subject: |
|
|
May be seeing some of the results. Got emails from two brats with the same strange link in it. Tom McHugh and Patrick Campbell, I think you got hit. Mail to a distribution list of which I was part.
Deleted.
Charlie _________________ CHARLIE and PENNY CBRAT #100
Captain's Cat II 2005 22 Cruiser
Thataway (2006 TC255 - Sold Aug 2013)
Captain's Cat (2006 TC255 - Sold January 2012)
Captain's Kitten (1995 CD 16 Angler- Sold June 2010)
Captain's Choice (1994 CD 22 Cruiser- Sold Jun 2007)
Potomac River/Chesapeake Bay
K4KBA |
|
Back to top |
|
|
hardee
Joined: 30 Oct 2006 Posts: 12633 City/Region: Sequim
State or Province: WA
C-Dory Year: 2005
C-Dory Model: 22 Cruiser
Vessel Name: Sleepy-C
Photos: SleepyC
|
Posted: Sun Jun 16, 2013 7:19 am Post subject: |
|
|
I saw the warning.
Thanks guys for taking good care of us..
Harvey
SleepyC _________________ Though in our sleep we are not conscious of our activity or surroundings, we should not, in our wakefulness, be unconscious of our sleep. |
|
Back to top |
|
|
colbysmith
Joined: 02 Oct 2011 Posts: 4559 City/Region: Madison
State or Province: WI
C-Dory Year: 2009
C-Dory Model: 25 Cruiser
Vessel Name: C-Traveler
Photos: C-Traveler and Midnight-Flyer
|
Posted: Sun Jun 16, 2013 9:10 am Post subject: |
|
|
How about the iPad browsers? Although I routinely don't open links or attachments I don't know about. |
|
Back to top |
|
|
svmegatron Guest
|
Posted: Sun Jun 16, 2013 12:36 pm Post subject: |
|
|
Thank you for taking care of this so quickly! |
|
Back to top |
|
|
Lanlocked
Joined: 05 Aug 2012 Posts: 87 City/Region: Chatham county
State or Province: NC
C-Dory Year: 2005
C-Dory Model: 22 Cruiser
Vessel Name: Resilient
Photos: Resilient
|
Posted: Sun Jun 16, 2013 12:43 pm Post subject: |
|
|
Da Nag,
Does that mean I am not going to get the $1,000,000 from Nigeria?
PS, nice work cleaning things up so fast and being aware, Thanks |
|
Back to top |
|
|
Da Nag
Joined: 24 Oct 2003 Posts: 2820 City/Region: Port Angeles
State or Province: WA
C-Dory Year: 2008
C-Dory Model: 16 Angler
Vessel Name: Taco
Photos: <a>Da Boats</a>
|
Posted: Sun Jun 16, 2013 1:36 pm Post subject: |
|
|
colbysmith wrote: | How about the iPad browsers? |
Can't saw with certainty, but chances are extremely slim Android/iOS devices would have been targeted with this type of exploit. |
|
Back to top |
|
|
TyBoo
Joined: 23 Oct 2003 Posts: 5314 City/Region: Warrenton
State or Province: OR
C-Dory Year: 1996
C-Dory Model: 25 Cruise Ship
Vessel Name: TyBoo
Photos: TyBoo
|
Posted: Sun Jun 16, 2013 4:14 pm Post subject: |
|
|
Da Nag wrote: |
Can't saw with certainty... |
Use a Stihl and keep fresh gas in it. _________________ TyBoo Mike
Sold: 1996 25' Cruise Ship
Sold: 1987 22' Cruiser |
|
Back to top |
|
|
Da Nag
Joined: 24 Oct 2003 Posts: 2820 City/Region: Port Angeles
State or Province: WA
C-Dory Year: 2008
C-Dory Model: 16 Angler
Vessel Name: Taco
Photos: <a>Da Boats</a>
|
Posted: Sun Jun 16, 2013 4:24 pm Post subject: |
|
|
TyBoo wrote: | Use a Stihl and keep fresh gas in it. |
Hmmm...I think that's a battle we've not had here yet. We all know singles, Scottys, Fords, Macs/Linux, Android and Kubotas are the right choice - but I don't think we've come to a conclusion when it comes to power equipment.
Fortunately, I've both a Stihl and a Husky - so I'll sit back on the sidelines, knowing I'll win either way. |
|
Back to top |
|
|
colbysmith
Joined: 02 Oct 2011 Posts: 4559 City/Region: Madison
State or Province: WI
C-Dory Year: 2009
C-Dory Model: 25 Cruiser
Vessel Name: C-Traveler
Photos: C-Traveler and Midnight-Flyer
|
Posted: Sun Jun 16, 2013 8:36 pm Post subject: |
|
|
Ok, I'm good. I just happen to have a Stihl, and it does have gas in it! |
|
Back to top |
|
|
DuckDogTitus
Joined: 31 Jan 2013 Posts: 1034 City/Region: Gig Harbor
State or Province: WA
C-Dory Year: 1988
C-Dory Model: 22 Cruiser
Vessel Name: C-Miner
Photos: Hemingway
|
Posted: Mon Jun 17, 2013 10:32 am Post subject: |
|
|
just fyi guys, I just logged in at 7:30 this morning and right after logging in I received the chrome-malware warning. |
|
Back to top |
|
|
|