<<< Date Index >>>     <<< Thread Index >>>

Re: [Full-disclosure] what is this?



nick,
ur not getting my point,the url is techicorner.com/{random string
here},i have already mentioned it in previous posts.
i have read the link sent by denis,and i would have to conclude that:
1)The problem does not occurs always,instead it occurs randomly based
on IP or something like tht.
2)if u look at the pages on techicorner.com u will not find any
malicious code,so its possible that the server is compromised and its
an LKM
please refer to these links:
http://www.webhostingtalk.com/showthread.php?t=651748 [thanks denis]

Thanks again everyone for your valuable suggestion,i posted here to
share this stuff with everyone and may be u can learn from it.

regards,
_CF

On Jan 15, 2008 12:15 PM, Nick FitzGerald <nick@xxxxxxxxxxxxxxxxxxx> wrote:
> crazy frog crazy frog wrote:
>
> > well,
> > i received many response but no one is perfact.i checked the files and
> > didn't find anything embeded in my scripts or pages.still i have to
> > figure out why my antivirus randomly popsup?i mean most of the times
> > it doesnt detect any infection but then suddenly this thing happnes
> > and then everything seems ok.
> > i dont think its a problem with my script otherwise i could have find
> > the code or it should be repeating consistly.has any one still facing
> > this issue in the techicorner.com or on tubeley.com or on
> > secgeeks.com?
> >
> > let me know i m trying hard to digg this issue.
>
> If you would tell us the _actual_ URL where this behaviour is being
> seen we would have a reasonable chance of actually diagnosing it.  As
> it is, we're having to guess based on matching your half-arsed
> descriptions of what you think is happening with our knowledge of what
> has been seen going on out there.
>
> This may surprise you, but many thousands and thousands of sites are
> compromised each day to display "similar" activity to what you've asked
> to us to diagnose (aka "guess").
>
> If we could look at the actual site and see what is really happening
> should have a better (if not perfect) chance of success.
>
>
> Regards,
>
> Nick FitzGerald
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
advertise on secgeeks?
http://secgeeks.com/Advertising_on_Secgeeks.com
http://newskicks.com