Page 1 of 2 12 LastLast
Results 1 to 20 of 28

Thread: This site is an Attack Site ! (???????????????????)

  1. #1
    Member
    Join Date
    May 2008
    Posts
    6,031

    Default This site is an Attack Site ! (???????????????????)

    My firefox is giving me no end of grief with this site right now.

    It is saying this site is an attack site, and it gives a little bit of diagnostic info (not much, and not of much value).

    Even clicking "ignore this warning" just lands me back on the warning page with every click, as I try to click on site links.

    Basically firefox is useless right now on this site, for me. Presently using MSIE.

    Anyone else seeing this?

    Below find some of the text I'm being shown, as to why:

    Firefox uses data from the Google Safe Browsing initiative. Google scans millions of websites and identifies those that are, or recently were, hosting or distributing badware. If Google later determines a site is clean, Firefox no longer reports it as an Attack Site.
    StopBadware keeps track of sites that Google and others have reported as badware.
    I'm using Windoze XP with latest Firefox with Norton Antivirus, if any of that matters.

  2. #2
    Supporting Member sigabrt's Avatar
    Join Date
    Aug 2009
    Location
    Southcentral
    Posts
    174

    Default

    Same with Safari on Mac OS X.
    "Your papers are not in order"

  3. #3
    Member sayak's Avatar
    Join Date
    Jun 2006
    Location
    Central peninsula, between the K-rivers
    Posts
    5,788

    Default

    Firefox on Mac is OK, but got that message with Chrome.

  4. #4
    Member Bsj425's Avatar
    Join Date
    Oct 2009
    Location
    North Pole, Alaska
    Posts
    1,060

    Default

    it did the same with me on firefox just go tools then options then security and de select the attack site thing then it works fine.

  5. #5
    Member Icebear's Avatar
    Join Date
    Apr 2006
    Location
    Delta Junction
    Posts
    203

    Default

    We are looking into this problem. Sorry for the trouble guys.

  6. #6
    Member
    Join Date
    Jan 2007
    Location
    Hartford Michigan
    Posts
    440

    Default

    AVG also identified it as a threat.

  7. #7
    Member
    Join Date
    May 2008
    Posts
    6,031

    Default this might be the reason why we're seeing the warning now

    Quote Originally Posted by Bsj425 View Post
    it did the same with me on firefox just go tools then options then security and de select the attack site thing then it works fine.
    Uh yeah, not too crazy about doing that. As much as I abhor blacklists, this particular forum site has been hacked before, and has unwittingly provided malicious code to its users before.... :-(

    The actual technical reason why this warning is showing up now appears to me to be that resident on the same hardware box, rack, or farm as this site's web server, there is a hacked site present. Data about that (bad) site can be seen here:

    http://safebrowsing.clients.google.c...S&site=AS:2914

    If my diagnosis is correct, then Google is nuts for warning users of this forum about this, since that site is quite separate from this site, and the two should share no danger to each other's users (I believe - do not take this as gospel).

    I do look forward to reading this site's explanation of why the warning is appearing. Time to call ole' Man1c into action?

  8. #8
    Member COtoAK's Avatar
    Join Date
    May 2007
    Location
    North Pole, Alaska
    Posts
    1,896

    Default

    Just in time for him to wake up to this stuff. Good Morning, Man1c.
    Lurker.

  9. #9
    Member
    Join Date
    May 2008
    Posts
    6,031

    Default good news to him, not bad

    Quote Originally Posted by COtoAK View Post
    Just in time for him to wake up to this stuff. Good Morning, Man1c.
    Not like this will be bad news for him. This is the sort of stuff that buys his Tea and Crumpets, eh?

    (What in the heck IS a crumpet, anyway?????)

  10. #10
    New member Man1c M0g's Avatar
    Join Date
    Jun 2007
    Location
    Portsmouth, UK.
    Posts
    44

    Default

    Okidokey, should be fixed now....

    PS. Wasn't a hack on our site, so its not all bad! Admins have been e-mailed with info.

  11. #11
    Member AkSKeyMoe's Avatar
    Join Date
    Dec 2007
    Location
    W AK
    Posts
    158

    Default

    Quote Originally Posted by Man1c M0g View Post
    Okidokey, should be fixed now....

    PS. Wasn't a hack on our site, so its not all bad! Admins have been e-mailed with info.
    I'm still getting the warning. Mac OS X w/Firefox if it matters.

  12. #12
    Member Rod in Wasilla's Avatar
    Join Date
    Apr 2006
    Location
    um... Wasilla...
    Posts
    826

    Default

    Just got the message using Chrome. Here's a couple of screen shots.
    AOD-AVG-message--small.jpgAOD-Message--small.jpg
    Quote Originally Posted by northwestalska
    ... you canít tell stories about the adventures you wished you had done!

  13. #13
    Member
    Join Date
    May 2008
    Posts
    6,031

    Default samo samo....

    Quote Originally Posted by Man1c M0g View Post
    Okidokey, should be fixed now....
    Sorry Man1c, no improvement or change here either....

    I'm betting that Google will need to take this site's IP out of its blacklist, or some such tomfoolery (h8 blacklists... they're bad and dumb), and if so no change will happen right away....

    Is it concievable that the fastest solution is to get your upstream provider viaverio to move the site including all of the VM's configuration data etc... to a different box that isn't listed as bad by Google? I think that they have some pretty cool admin tools (that they use, not you or I) to move stuff around pretty quickly and completely..... Just a thought...

  14. #14
    moocow
    Guest

    Default

    The problem is gone, but Google takes a bit longer to rescan the website and clear it from its 'suspicious' list. Should take 24hrs once the admin with google webmaster tools asks them to do a malware rescan.

  15. #15
    Member
    Join Date
    May 2008
    Posts
    6,031

    Default

    Quote Originally Posted by moocow View Post
    The problem is gone
    What problem is/was that, exactly?

    I know a few of us publicized the symptoms, but I haven't heard anyone say any more than a guess as to what the actual problem was.

  16. #16
    New member Man1c M0g's Avatar
    Join Date
    Jun 2007
    Location
    Portsmouth, UK.
    Posts
    44

    Default

    Quote Originally Posted by FamilyMan View Post
    What problem is/was that, exactly?

    I know a few of us publicized the symptoms, but I haven't heard anyone say any more than a guess as to what the actual problem was.
    Good news and bad news about the problem. The good news is that it wasn't due to any hack on our site or templates. The BAD news is that it was due to tapatalk! You see, tapatalk works by calling an external JS file, and its that which enables the tapatalk functions. Unfortunately this external file seems to have been hacked - once I removed it all worked just fine.

    So for now, the upshot is that we are secure, but tapatalk is disabled until they fix their problem.

  17. #17

    Default

    Thirty minutes ago it happened again to me. Three days running now, when I come on the site, I have gotten a virus attached. Have to debug it and such. Using IE. It is a text message virus her...er...txt, etc. Pain in the....
    "96% of all Internet Quotes are suspect and the remaining 4% are fiction."
    ~~Abraham Lincoln~~

  18. #18
    Moderator hunt_ak's Avatar
    Join Date
    Mar 2007
    Location
    Wasilla--Cantwell Transplant
    Posts
    4,600

    Default

    I'm on tapatalk now, and that was the only way I accessed the site once I started getting the warning.

    On a side note, www.glocktalk.com was hacked through tapatalk, and now does not use the service. Is that a possibility here?

  19. #19
    webmaster Michael Strahan's Avatar
    Join Date
    Apr 1999
    Location
    Anchorage, Alaska
    Posts
    5,766

    Default Thanks for your patience!

    Hi folks, we are working on this issue presently, and appreciate your continued patience. We have some of the best in the business on our IT team, so rest assured that they will deal with it properly.

    I ask that members refrain from attempting to run tests on our site and diagnose this for us. I appreciate the spirit of those attempts, however the resulting false conclusions (some of which have been posted in this thread) will mislead our members. Once this process is complete we will let you know what's up, and what action, if any, you need to take.

    Thanks again for your patience. As you know, we are a large site, and attacks like this can be expected from time to time.

    Mike
    LOST CREEK COMPANY: Specializing in Alaska hunt consultation and planning for do-it-yourself hunts, fully outfitted hunts, and guided hunts.
    CLICK HERE to send me a private message.
    Web Address: http://alaskaoutdoorssupersite.com/hunt-planner/
    Mob: 1 (907) 229-4501
    "Dream big, and dare to fail." -Norman Vaughan
    "I have climbed my mountain, but I must still live my life." - Tenzig Norgay

  20. #20
    Member
    Join Date
    May 2008
    Posts
    6,031

    Default nature of the malware in the tapatalk support?

    Quote Originally Posted by hunt_ak View Post
    I'm on tapatalk now, and that was the only way I accessed the site once I started getting the warning.
    You should enquire the exaxt nature of what the malware actually did, since your hardware likely came into direct contact with the malware that Man1c has now removed.

    I tried to look it up myself and couldn't find the bug posted on the tapatalk forum, but did see an interesting comment from three days ago there that indicated that if you use tapatalk to access a vBulletin forum (like this one) you could make posts that would appear to have been posted by whomever you choose. Example: If I had been using tapatalk I could have created a post that looked like it came from Brian M, saying anything I had/might compose.

    Ironically the tapatalk people use the same forum software we do here.

    http://www.tapatalk.com/forum/showthread.php?t=3632

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •