Jump to content


Welcome to DBSTalk


Sign In 

Create Account
Welcome to DBSTalk. Our community covers all aspects of video delivery solutions including: Direct Broadcast Satellite (DBS), Cable Television, and Internet Protocol Television (IPTV). We also have forums to discuss popular television programs, home theater equipment, and internet streaming service providers. Members of our community include experts who can help you solve technical problems, industry professionals, company representatives, and novices who are here to learn.

Like most online communities you must register to view or post in our community. Sign-up is a free and simple process that requires minimal information. Be a part of our community by signing in or creating an account. The Digital Bit Stream starts here!
  • Reply to existing topics or start a discussion of your own
  • Subscribe to topics and forums and get email updates
  • Send private personal messages (PM) to other forum members
  • Customize your profile page and make new friends
 
Guest Message by DevFuse

Photo

Reported Attack Site!


  • Please log in to reply
279 replies to this topic

#26 OFFLINE   SayWhat?

SayWhat?

    Know Nothing

  • Registered
  • 5,897 posts
Joined: Jun 06, 2009

Posted 24 December 2012 - 06:56 AM

Is a puzzlement. Some users running the same version of Google Chrome (23.0.1271.97) experiencing the issue while others do not.


Some use proper blocking utilities, others don't.

Giggly is hardly any kind of security authority and is likely falsely flagging an ad of some kind. It may be OK as a search engine, but should not be trusted beyond that.
Help stamp out Twits and Twitterers!

HD, SchmacHD!! Just be glad you've got a picture at all.

...Ads Help To Support This Site...

#27 OFFLINE   Steve

Steve

    Hall Of Fame

  • Registered
  • 22,751 posts
  • LocationLower Westchester County, NY
Joined: Aug 22, 2006

Posted 24 December 2012 - 07:15 AM

Giggly is hardly any kind of security authority and is likely falsely flagging an ad of some kind. It may be OK as a search engine, but should not be trusted beyond that.

I'd be surprised if Google's attorneys would allow them to flag a site like this without concrete evidence of malware. That said, Google probably has a spider that clicks on every link, and I agree the culprit is likely one or more of the advertising links on the site.
/steve

#28 OFFLINE   David Bott

David Bott

    Hall Of Fame

  • Administrators
  • 2,248 posts
  • LocationTraveling the USA
Joined: Jul 12, 2005

Posted 24 December 2012 - 07:34 AM

Hi All...

I do not see any issue currently with the site itself and the main protection providers is not reporting any issue.

I am also thinking it came from an ad. Seeing that Google Adsense is suppose to fileter any such ads, I have left that one on. However we also run OpenX Marketplace which I have turned off at this time.

However, seeing it s "flagged" for some unknown reason, it might stay flagged for X amount of time before the flag is cleared. I can see no way to clear it.

So, well, we shall see.

Looking over the report from Google, it is not site wide as only 36 pages were reported today. So I am more and more guessing an ad. I have gone to some of the pages reported in my Google Webmaster Tools area that said are bad and can find nothing on the pages themselves or in any links etc.

Thanks

#29 OFFLINE   David Bott

David Bott

    Hall Of Fame

  • Administrators
  • 2,248 posts
  • LocationTraveling the USA
Joined: Jul 12, 2005

Posted 24 December 2012 - 08:02 AM

I have now submitted a request for Google to review the site to rescan the content in hopes to clear the message. So we shall see what happens.

Sure, this time of year of all times. Augh!

#30 OFFLINE   SayWhat?

SayWhat?

    Know Nothing

  • Registered
  • 5,897 posts
Joined: Jun 06, 2009

Posted 24 December 2012 - 08:11 AM

I'd be surprised if Google's attorneys would allow them to flag a site like this without concrete evidence of malware.


Ummmm, OK :sure::rolleyes:
Help stamp out Twits and Twitterers!

HD, SchmacHD!! Just be glad you've got a picture at all.

#31 OFFLINE   CopyCat

CopyCat

    Godfather

  • DBSTalk Club
  • 324 posts
  • LocationSouth Carolina
Joined: Jan 21, 2008

Posted 24 December 2012 - 09:29 AM

Firefox 17.0.1

Attached Files


If it an't broke, don't fix it

Slimline Dish w/SWM-5LNB to 8 way splitter.
HR24-500 HDMI Sony KDL-52XBR2
HR24-500 HDMI Sony KDL-46XBR4
HR21-200 - Component Emerson LCD SLC195EM8
All networked via CAT5 to a Netgear 10/100/1000 Switch connected to a Cisco Linksys E4200 to DSL.

#32 OFFLINE   David Bott

David Bott

    Hall Of Fame

  • Administrators
  • 2,248 posts
  • LocationTraveling the USA
Joined: Jul 12, 2005

Posted 24 December 2012 - 09:56 AM

Right...As Mentioned...I have asked Google to re-scan us as the issue came from an AD and the provider has been removed. Now we need to wait for them to rescan and verify we are good.

THEIR IS NOTHING WRONG with the site itself and I have already removed the OpenX Marketplace that let the ad through. So we are just now waiting for Google to rescan.

Thanks

#33 OFFLINE   Mark Holtz

Mark Holtz

    Day Sleeper

  • DBSTalk Club
  • 9,995 posts
  • LocationSacramento, CA
Joined: Mar 23, 2002

Posted 24 December 2012 - 11:01 AM

THEIR IS NOTHING WRONG with the site itself and I have already removed the OpenX Marketplace that let the ad through. So we are just now waiting for Google to rescan.

Like this.

"In an effort to increase your cable and satellite bills beyond the point of affordability and to further pad the pockets of our executives..."
Check out my list of links.


#34 OFFLINE   phrelin

phrelin

    Hall Of Fame

  • Registered
  • 13,628 posts
  • LocationNorthern California Redwoods
Joined: Jan 18, 2007

Posted 24 December 2012 - 11:02 AM

I guess I should have said something last night. Norton kept locking up the page load because of the ad site generating repeated popup messages about the "malware." It's not a problem this morning.

"In a hundred years there'll be a whole new set of people."
"Always poke the bears. They sleep too much for their own good."

"If you're good enough, they'll talk about you." - Tom Harmon
A GEEZER who remembers watching TV in 1951 and was an Echostar customer from 1988 to 2008, now a Dish Network customer.
My AV Setup
My Slingbox Pro HD Experience
My Blog: The Redwood Guardian


#35 OFFLINE   carlsbad_bolt_fan

carlsbad_bolt_fan

    Icon

  • Registered
  • 759 posts
  • LocationCarlsbad, CA
Joined: May 18, 2004

Posted 24 December 2012 - 11:23 AM

Got the same thing too, using FF 17.0.1. Knew it had to be a mistake.

Thanks to the site admins/owners for looking into this. Can't be easy to do this time of year. :)
HR20-700 Connected to 55" Samsung UN55D8000YF via HDMI
HR20-700 Connected to 24" Samsung P2570HD
R22-200 Connected to 32" Sony
D* Customer since 2000

#36 OFFLINE   makaiguy

makaiguy

    Icon

  • DBSTalk Club
  • 672 posts
  • LocationAiken, SC
Joined: Sep 24, 2007

Posted 24 December 2012 - 11:53 AM

Right...As Mentioned...I have asked Google to re-scan us as the issue came from an AD and the provider has been removed. Now we need to wait for them to rescan and verify we are good.

THEIR IS NOTHING WRONG with the site itself and I have already removed the OpenX Marketplace that let the ad through. So we are just now waiting for Google to rescan.

Thanks


I just got the warning when coming to the site - and this appears to be after you've removed access to that ad site.

We were hit with something similar on the vBulletin board I administer. I was able to clear the problem and get Google to unlist us.

I'll PM you with what we found.
DirecTV customer since 1997
HR24-500, HR22-100
I don't do buddy/friends lists, don't ask.

#37 OFFLINE   armophob

armophob

    Difficulty Concen........

  • DBSTalk Club
  • 7,176 posts
  • LocationFort Pierce, FL
Joined: Nov 13, 2006

Posted 24 December 2012 - 12:17 PM

I got the warning using Firefox 17.0.1


Ditto

#38 ONLINE   AntAltMike

AntAltMike

    Hall Of Fame

  • Registered
  • 3,108 posts
  • LocationCollege Park MD (just outside Wash, DC)
Joined: Nov 20, 2004

Posted 24 December 2012 - 12:29 PM

Same thing just happened here. Had to uncheck the "block reported attack sites" box in Firefox just to get back here.


I'll bite. Where can I find a, "block reported attack site" box in Firefox to uncheck.

Could I instead click, "Ignore this warning" in the lower right corner of the warning message window?

#39 OFFLINE   armophob

armophob

    Difficulty Concen........

  • DBSTalk Club
  • 7,176 posts
  • LocationFort Pierce, FL
Joined: Nov 13, 2006

Posted 24 December 2012 - 01:12 PM

I'll bite. Where can I find a, "block reported attack site" box in Firefox to uncheck.

Could I instead click, "Ignore this warning" in the lower right corner of the warning message window?


tools>options>security

#40 OFFLINE   MikeW

MikeW

    Hall Of Fame

  • Registered
  • 2,553 posts
Joined: May 16, 2002

Posted 24 December 2012 - 01:17 PM

AVG reports it as JAVA Script Obfuscation.
http://www.avgthreat...pt-obfuscation/

#41 OFFLINE   David Bott

David Bott

    Hall Of Fame

  • Administrators
  • 2,248 posts
  • LocationTraveling the USA
Joined: Jul 12, 2005

Posted 24 December 2012 - 01:18 PM

It can take up to 24 hours to clear. So even though I have removed the ad server for now that seemed to be making for the issue, we now need to wait for Google.

Fix, Report Fixed, wait for Google to check and then hopefully clear it.

#42 OFFLINE   David Bott

David Bott

    Hall Of Fame

  • Administrators
  • 2,248 posts
  • LocationTraveling the USA
Joined: Jul 12, 2005

Posted 24 December 2012 - 01:20 PM

AVG reports it as JAVA Script Obfuscation.
http://www.avgthreat...pt-obfuscation/


I see nothing like that. If they can report what...I can look further...but otherwise, I do not see any such thing.

Thanks

#43 OFFLINE   KyL416

KyL416

    Hall Of Fame

  • DBSTalk Club
  • 2,580 posts
  • LocationTobyhanna, PA
Joined: Nov 10, 2005

Posted 24 December 2012 - 01:22 PM

I'll bite. Where can I find a, "block reported attack site" box in Firefox to uncheck.

Could I instead click, "Ignore this warning" in the lower right corner of the warning message window?

Ignore this warning should be fine now. It was something with OpenX's ad platform which has a long history of being exploited, since David said he disabled it, DBSTalk and all of its remaining ads are safe to view. It just takes awhile for Google to completely remove it from their list. However, that doesn't mean every other site who uses OpenX or was compromised some other way did the same.

Now if you have decent virus/malware protection, and you or anyone else who uses your computer know not to click random things that popup, know that web popups that appear to be one of your folders saying it detected a virus is fake, and know to pay attention to the url in the address bar before logging into any site, you can also disable the entire feature under Preferences -> Security -> "Block reported attack sites".

#44 OFFLINE   David Bott

David Bott

    Hall Of Fame

  • Administrators
  • 2,248 posts
  • LocationTraveling the USA
Joined: Jul 12, 2005

Posted 24 December 2012 - 01:25 PM

A scan from sucuri.net shows we should be clear...So I think we now need for Google to get it out of their reporting.

Google also now reports it is clean. So, well, we need to wait it seems.

Attached Files



#45 OFFLINE   Laxguy

Laxguy

    Never say 'never'.

  • DBSTalk Club
  • 14,376 posts
  • LocationWinters, CA, between Napa and Sacramento
Joined: Dec 02, 2010

Posted 24 December 2012 - 01:38 PM

Thanks, David.

Any theory on why some got this warning and others (such as myself) did not? Could ad blocker be the distinguishing feature?

Edited by Laxguy, 24 December 2012 - 01:48 PM.

"Laxguy" means a guy who loves lacrosse.

#46 OFFLINE   MikeW

MikeW

    Hall Of Fame

  • Registered
  • 2,553 posts
Joined: May 16, 2002

Posted 24 December 2012 - 01:42 PM

I am not seeing any errors at this time. This was the object that was blocked about 30 minutes ago. Hope it helps....

Exploit JavaScript Obfuscation (type 1958);

"my-liben-days.com/phpwebalbum/img/static.php?access=619&entry=874&thumbs=38&demo=827&form=504&board=628"

"Object was blocked";"12/24/2012

#47 ONLINE   Phil T

Phil T

    Hall Of Fame

  • DBSTalk Club
  • 2,253 posts
  • LocationLittleton, Colorado
Joined: Mar 24, 2002

Posted 24 December 2012 - 01:52 PM

Looks like it is clear now. Safari was showing the popup all morning.

#48 OFFLINE   jimmie57

jimmie57

    Hall Of Fame

  • Registered
  • 4,316 posts
  • LocationTexas City, TX
Joined: Jun 26, 2010

Posted 24 December 2012 - 02:20 PM

I am not seeing any errors at this time. This was the object that was blocked about 30 minutes ago. Hope it helps....

Exploit JavaScript Obfuscation (type 1958);

"my-liben-days.com/phpwebalbum/img/static.php?access=619&entry=874&thumbs=38&demo=827&form=504&board=628"

"Object was blocked";"12/24/2012


The thing I got is similar but changed up a little bit. Norton blocked this at 11:55 am cst.


my-liben-days.com/icons/static.php?rsscss=629&thumbs=38&other=105&documents=17&counter=675

It states that this is the web site that it came from, if this helps any.
5.199.171.149, 80

DirecTV customer since 1996 - Current :Slimline 3 SWM, HR24-100 Component cables to 46" Samsung LCD & Optical Cable to Yamaha AVR, H21-200 HDMI to Yamaha AVR & HDMI to 52" Mitsubishi LCD


#49 OFFLINE   armophob

armophob

    Difficulty Concen........

  • DBSTalk Club
  • 7,176 posts
  • LocationFort Pierce, FL
Joined: Nov 13, 2006

Posted 24 December 2012 - 02:30 PM

Looks like it is clear now. Safari was showing the popup all morning.


Not clear here.

#50 OFFLINE   RasputinAXP

RasputinAXP

    Kwisatz Haderach of Cordcuttery

  • Registered
  • 3,141 posts
Joined: Jan 23, 2008

Posted 24 December 2012 - 02:31 PM

Clean now.

"Belligerent and numerous."

SlingTV, Tablo and Plex to Roku 3s and Chromecasts on a Vizio 42" in the living room and a Toshiba 32" in my bedroom. Xbox 360 client on a Westinghouse 42" in the game room. Tablets EVERYWHERE!

 

I used to update the Dish Network FAQ but not anymore.





Protected By... spam firewall...And...