Welcome Guest ( Log In | Register )










Reply to this topicStart new topicStart Poll

> An Attack On My Computer, Anyone else?
Dogshirt 
Posted: 17-Aug-2008, 01:35 AM
Quote Post

Member is Offline



Celtic Guardian
********

Group: Celtic Nation
Posts: 2,400
Joined: 12-Oct-2003
ZodiacElder

Realm: Washington THE State

male





Twice now my Norton Security has blocked an attempt on my computer
of what it terms a HIGH RISK intrusion.
This has happened after I have typed a post and then hit the "Post new" button.

It lists the risk as;
HTTP Adobe SWF Remote Code Exec

And shows it coming from;
pagead2.googlesyndication.com (209.85.171.166, 80)

Has anyone else run into this? Can anything be done?


beer_mug.gif


--------------------
Hoka Hey!
The more Liberals I meet, the more I like my dogs!
PMEmail PosterMy Photo Album               
Top
Shadows 
Posted: 17-Aug-2008, 06:52 AM
Quote Post

Member is Offline





Reader of souls, vision seeker, TROLL
Group Icon

Group: Super Moderator
Posts: 4,789
Joined: 20-Jun-2003
ZodiacHolly

Realm: The frontier of Penn's Woods

male





I use Zone Alarm and in my security settings there is a place to allow or dis-allow mobil code on a site by site basesis... I have pagead2.googlesyndication.com dis-allowed so I would not see this notice and it does not get to my machine.

I would see if you can do that with Norton...


--------------------
I support the separation of church and hate!

IMAGINATION - the freest and largest nation in the world!


One can not profess to be of "GOD" and show intolerence and prejudice towards the beliefs of others.

Am fear nach gleidh na h–airm san t–sith, cha bhi iad aige ’n am a’ chogaidh.
He that keeps not his arms in time of peace will have none in time of war.

"We're all in this together , in the parking lot between faith and fear" ... O.C.M.S.

“Beasts feed; man eats; only the man of intellect knows how to eat well.”

"Without food we are nothing, without history we are lost." - SHADOWS


Is iomadh duine laghach a mhill an Creideamh.
Religion has spoiled many a good man.

The clan MacEwen
PMEmail Poster My Photo Album               
Top
Dogshirt 
Posted: 17-Aug-2008, 10:02 AM
Quote Post

Member is Offline



Celtic Guardian
********

Group: Celtic Nation
Posts: 2,400
Joined: 12-Oct-2003
ZodiacElder

Realm: Washington THE State

male





Norton blocked it fine, and I can check the box so it will do so and not tell me.
I've just not seen anything like this on this site befor and wondered what was going on.


beer_mug.gif
PMEmail PosterMy Photo Album               
Top
Leelee 
Posted: 17-Aug-2008, 10:42 AM
Quote Post

Member is Offline



Celtic Guardian
********

Group: Celtic Nation
Posts: 6,352
Joined: 05-Mar-2008
ZodiacIvy

Realm: Alberta, Canada

female





Aye, that happened to me yesterday (same code), thankfully my Firewall blocked it but infomed me of the intrusion (malware). unsure.gif
PM               
Top
CelticRadio 
Posted: 17-Aug-2008, 12:33 PM
Quote Post

Member is Offline



Celtic Guardian
Group Icon

Group: Administrator
Posts: 9,748
Joined: 23-Sep-2001
ZodiacOak

Realm: Toronto, CAN

male

Medieval Kingdom
Rank #74
223,126 Gold!






The google ads that help pay for the site are responsible for those messages of your firewall.

I've never had a problem with google ads causing a problem. Sometimes security products can provide way to much security so that they start disabling websites from functioning properly.


--------------------
Celtic Radio DJ
http://www.CelticRadio.net
Celtic Radio Music Network
PMEmail PosterUsers Website My Photo Album               View my Facebook Profile.View my Linked-In Profile.View my Google plus Profile.View my Twitter Profile.View My Space Profile.View my YouTube Profile.
Top
subhuman 
Posted: 17-Aug-2008, 11:59 PM
Quote Post

Member is Offline



Celtic Guardian
Group Icon

Group: Scotland
Posts: 418
Joined: 16-Oct-2005
ZodiacWillow

Realm: 127.0.0.1

male





As Mac said, it's a false alarm. Anytime something is trying to run on your computer that did not originate at the webpage you're currently viewing, it should "throw a warning."
In this case, it's not harmful- but this tactic is also used by others with malicious intent.

The website you're viewing is celticradio.net, and your computer is told to run code (based on SWF extension I'd say it's a video clip) from another site- in this case pagead2.googlesyndication.com. Since they're not the same, you get this warning.

My personal experience with Norton is that it throws out too many "false positives" on malware. I've had it flag a program I've written as "malware" simply because it was UDX packed (a form of compression to make it smaller) and Norton apparently thinks trying to save bandwidth and disk space is "suspicious behavior."


--------------------
I have two modes: wiseass and dumbass. Mode is determined by current blood alcohol level.

Drinking is a sport. In order to be competitive, you must practice on a regular basis. Although you can practice alone, it is much more fun to practice with friends. If you're out of shape and practice too hard, you will regret it the next day.

Life is a disease. It is sexually transmitted and always terminal.
PMEmail Poster               
Top
Robert Phoenix 
Posted: 21-Aug-2008, 07:56 PM
Quote Post

Member is Offline



Celtic Guardian
********

Group: Celtic Nation
Posts: 2,318
Joined: 19-May-2006
ZodiacIvy

Realm: Ironwood, MI

male





Well, my computer really got hit this last Friday. I went looking for a pattern to make a sporran. I typed in "how to make a sporran" into the search area and when the results came up there was one that was titled "How to make a Sporran" in capital leters. I clicked on it and it was just a video screen that said it required Active X something or other. When I tried to download this Active X thing every thing went. I got a huge red wallpaper with a big Warning on it and an offer to get rid of all myspyware, etc for just 50.00. I discoved that this wallpaper effectively highjacks and transplated itself over my old one leaving only a few iconsthat olead to "you hav been inffected" popups. Couldn't get rid of it so into the shop it went. Just got it back today and with a few adjustments of my own it seems to be running great.


--------------------
Unavoidably Detained by the World

"Irishness is not primary a question of birth or blood or language; it is the condition on being involved in the Irish situation, and usually of being mauled by it."-Conor Cruise O'Brien

Pour mouth to mouth
PMEmail Poster               
Top
subhuman 
Posted: 21-Aug-2008, 09:53 PM
Quote Post

Member is Offline



Celtic Guardian
Group Icon

Group: Scotland
Posts: 418
Joined: 16-Oct-2005
ZodiacWillow

Realm: 127.0.0.1

male





1) Never install *anything* ActiveX. Period. While you're at it, ditch MSIE and use either Firefox or Opera. Java was built from day one to be secure. ActiveX wasn't.
If you *do* have to use ActiveX (like for MS updates, etc) only do so from a trusted site. Something that you visit once that you found via a search engine is not a trusted site.

2) that's not really "from this site" as were the previous "attack" reports. Most likely, it was from google. As much as I despise google (that's a rant for another time) you can't really blame them, either. They did return a result matching your search criteria- it just turns out that the site they returned lied to google, and also lied to you.

3) these types of scams are becoming more and more common (we found malware, pay us $$$ to remove it). Some are really a bitch to remove- with no automated programs to do it for you. For two different cases on friends' computers I've had to boot from a CD and kill the crap through a DOS shell. 99% of the time, the only malware on your computer is the program that claims it found malware. (duh, hey I found myself!!)

4) Although this wasn't the case here, in general don't click on anything that offers "some expensive item for free" or "free money" or "kewl pr0n" or "leet warez" because the closest you'll get to porn from them is when they screw you.


5) Everyone here should be using PeerGuardian2. Although originally designed for use in P2P file-sharing networks, its most prolific use is in blocking IPs of known harmful sites.
At minimum you should block these IP lists:
http://www.bluetack.co.uk/config/ads-track...and-bad-pr0n.gz
http://www.bluetack.co.uk/config/bogon.zip
http://www.bluetack.co.uk/config/hijacked.zip
http://www.bluetack.co.uk/config/iana-reserved.zip
http://www.bluetack.co.uk/config/spider.gz
http://www.bluetack.co.uk/config/spyware.gz
http://www.bluetack.co.uk/config/trojan.zip
Also use Bluetack's HOSTS file: here

Over 90% of malware infections come from ignorance. I don't mean that as an insult, everyone is ignorant on one or more topics. If we weren't, we would not be human.
However, you can begin to protect yourself by doing what I mentioned above. Contrary to what commercial products want you to believe, they are not the best protection available. The best protection available is blocking malicious sites at the driver level. This is what both PG2 and the HOSTS file do. Most commercial malware scanners look for infections that have already entered your machine. These products prevent you from communicating with malicious sites in the first place.

As an analogy, a commercial malware scanner is a cure to a disease. These products are an immunization to the same disease. A cure takes effect after you've already been infected. The immunization prevents you from contracting the disease in the first place.

People hear about commercial products because those companies make money off the product, thus they have an advertising budget. The free products listed above are made by users- with downloadable source code- and since they're free, there's no money involved... hence no advertising budget.

Oh, well. I see I moved into one of my "open-source software is best" rants again without even meaning to. tongue.gif
PMEmail Poster               
Top
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

Reply to this topic Quick ReplyStart new topicStart Poll


 








© Celtic Radio Network
Celtic Radio is a TorontoCast radio station that is based in Canada.
TorontoCast provides music license coverage through SOCAN.
All rights and trademarks reserved. Read our Privacy Policy.








[Home] [Top]