Server Help

Trash Talk - To MGB: about the WMF thingy
Anonymous - Tue May 23, 2006 10:16 am
Post subject: To MGB: about the WMF thingy
I'm using Avast! AV.

It did actually download some WMF file to my computer and try to open it in the Windows image viewer, so it seems unlikely to be just some random weird packet.

Therefore, it must be something else random and weird icon_confused.gif

I didn't have the clarity of mind to keep the file, unfortunately...
Mine GO BOOM - Tue May 23, 2006 11:39 am
Post subject:
You know the forums have the ability to send you a new password for your account? Anyways, doing a bit of research, and there is no exploits out there that only effect apache to inject WMF exploits. The only ones that do that are the image files themselves, which as I've mentioned, I've done multiple scans of with different antivirus programs. Without another insight, such as the exact time/date of when these occur so I can go over apache's logs, I cannot do anything more.
Anonymous - Tue May 23, 2006 3:53 pm
Post subject:
Yea, I know, but I'm lazying off atm, so who cares about the password tongue.gif

Time of visiting wiki (http://wiki.minegoboom.com/index.php/MERVBot_Tutorial#Setting_up_a_MERVBot_.28plugin.29) and getting this stuff: around 2:34 am (EST) on the 22nd
Mine GO BOOM - Tue May 23, 2006 10:39 pm
Post subject:
The only thing I can think of for the Wiki would be fixalpha function in an IE-only javascript. But this is common for all of MediaWiki.
SpecShip - Wed May 24, 2006 6:42 am
Post subject:
Seeing as how I'm not getting any WMF errors or forced downloads and that I'm having IE set to disable all java, active scripts and etc. I therefore must conclude that it's either that you people are using a different browser and/or its security settings are such that allows it to be exploited by whatever.


Bad end-lusers make the wormhole carrosel go 'round 'n 'round.
Anonymous - Wed May 24, 2006 7:50 am
Post subject:
Use Firefox and download the NoScript plugin. You can make it block scripts and unblock them if you want to for certian sites, or globally. Also download IE Tab. Very useful for playing some flash games.
SpecShip - Wed May 24, 2006 4:59 pm
Post subject:
xsp0rtsfanx - Wed May 24, 2006 6:15 pm
Post subject:
firefox is more convenient and better than IE :/.
Anonymous - Thu May 25, 2006 4:29 pm
Post subject:
Wow, thanks for 4 totally useless responses, four random unhelpful people icon_rolleyes.gif

Anyway, I've got it!

The file is expl1.wmf which is downloaded from stats4all.(something)!
Solo Ace - Thu May 25, 2006 4:58 pm
Post subject:
From stats4all.cc, I've seen it happen too on these forums.
But it only happened when I didn't have a packetlogger running.
I couldn't find anything in the document's source either.

I got some error like "Couldn't open file://abcabcabc...".
SpecShip - Thu May 25, 2006 6:38 pm
Post subject:
Wow Murphy, he called you a random unhelpful person.

Anyway, this file is no where to exist in my system, so I'll say again, either your browser sux or that you don't know how to correctly set its security features to avoid being exploited.
Solo Ace - Fri May 26, 2006 2:22 am
Post subject:
It doesn't really happen anymore, and when it did it was just in like 1 of 20 visits.

I'm sure I patched my windows and got rid of the WMF exploit before this all happened.

Heh, SOS, a year ago you told me you kept your Windows up-to-date, why do you have these problems? sa_tongue.gif
You can't update anymore because you didn't pay for your copy of Windows? sa_tongue.gif
Anonymous - Fri May 26, 2006 2:38 am
Post subject:
Yeah can be that too.
Like I said above: Bad end-lusers make the wormhole carrosel go 'round 'n 'round.
Anonymous - Fri May 26, 2006 6:10 am
Post subject:
And bad tech advice makes lusers get even more confused. Stop with this "ooo, it's your own fault" crap. Geez, is this forum even moderated by any competent staff? If something is affecting people with a malicious exploit then it is fucking not the person's own fault no matter what software he uses!

Anyway, I am pissed. I'm glad you unhelpful meaningless people do not visit SSForum or I would have to delete most of your posts thus causing me lots more work.

Anyway, I hope you get rid of this weirdly behaving stats4all thing, MGB.
Mine GO BOOM - Fri May 26, 2006 12:08 pm
Post subject:
SOS l wrote:
Geez, is this forum even moderated by any competent staff?

No, that is the original point of Trash Talk. It is unmoderated so if someone wants to be an ass, they'll find a way anyways.
SOS wrote:
Anyway, I am pissed. I'm glad you unhelpful meaningless people do not visit SSForum or I would have to delete most of your posts thus causing me lots more work.

Half these people frequent your forum more than here, as this is only a niche forum for Servers only (with a few tag alongs like SpecShip, aka Gravitron).
SOS wrote:
Anyway, I hope you get rid of this weirdly behaving stats4all thing, MGB.

It seems to be the actual host causing problems, which I'll only be able to resolve once I finish setting up the new server. So thus, it is something weird going on with Apache.
Anonymous - Fri May 26, 2006 3:57 pm
Post subject:
Trash talk is for trash, hmm? Okey, whatever floats your boat tongue.gif I've never seen the need for one but it is a popular trend...

Hey, why'd you stick my post in the trash! icon_wink.gif

Hmm, so the host itself is doing the stats4all thing? Hrm... I wonder what a packet logger would find.
SpecShip - Fri May 26, 2006 4:28 pm
Post subject:
Please force his login so that I can return him to the ignore.
Solo Ace - Sat May 27, 2006 2:52 am
Post subject:
I wanted to use a packet logger actually, and I think I'll start logging it from now on.
(Too bad I can't just give tcpdump a filter to log it really).

I got the error I usually get again, when I loaded the page a few minutes ago:



I'll let my router tcpdump some packetlog and check it with ethereal when it happens again.
All times are -5 GMT
View topic
Powered by phpBB 2.0 .0.11 © 2001 phpBB Group