Security Issues...........

Discussion in 'tMP Computer Corner' started by tubafran, Mar 27, 2011.

  1. tubafran

    tubafran Active Member

    Malicious Toolkit Website 9?

    Over the last few days Ive noticed that each time I log on to The Mouthpiece my Norton Security highlights an attack from the above name with the following IP address being identified 128.121.128.110

    Anyone else noticing this or is it just coincidental?

    Severity: High

    This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
    Description

    This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.
    Additional Information

    This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.
    Affected

    • Various

     
    Last edited: Mar 27, 2011
  2. ersop

    ersop New Member

    I get the same (other than the IP address is 129.121.128.110 but that could be a typo)
     
  3. trombonebabe

    trombonebabe Member

    My anti-virus gives me a warning and blocks the threat too
     
  4. John_D

    John_D Member

    not seen anything using AVG
     
  5. sunshine

    sunshine Member

    I use Norton and it comes up with the message

    "A recent attempt to attack your computer has been blocked".

    This happens the first time I log on each day, and has done so for over a week.
     
  6. Andrew Norman

    Andrew Norman Member

    I get a similar warning using AVG everytime I log on
     
  7. Using AVG business and get the message but not everytime - goes on about security threats from a social networking site and phishing(?) :frown:
     
  8. WoodenFlugel

    WoodenFlugel Moderator Staff Member

    My avast! AV picks it up too. I thought we'd made an announcement about this as it was reported to us a few weeks ago, but it seems we didn't. Sorry about that.

    I know John was looking into it - but don't worry, there is no threat to anyone's security from tMP. I'm sure as soon as John has a definitive answer, he'll let you all know.
     
  9. super_sop

    super_sop Supporting Member

    hmmmm, theonly time i see any problem is when Ian "Pesky" Perks posts something!!!
    ;-)
     
  10. Anno Draconis

    Anno Draconis Active Member

    Avast and AVG both pick it up. I forwarded a screen capture to John, who's asked the server hosts to look into it.

    As long as my AV keeps catching it, I'm happy. It's when the warnings stop I'll panic...
     
  11. dyl

    dyl Active Member

    :clap:

    If only I knew how to program a piece of software that warns against his type of 'malicious activity' I'd reckon I'd make a fortune! ;)
     
  12. oleredeye

    oleredeye New Member

    AVG still alerting on tMP Home Page...

    And it's STILL doing it! Screenshot attached - I'm using AVG 10.0.1209.....:mad:
     

    Attached Files:

  13. TheMusicMan

    TheMusicMan tMP Founder Staff Member

    Hi All

    I wanted to provide you with some assurance that there are no malicious scripts on tMP. Over the last few days, the admins in the data center where the tMP dedicated (not shared) server is housed have been running a series of scripts and tests to ensure the security and cleanliness of the server.

    Some of those tests are still running, but the initial sweep of tMP for virus's and malware and the admins sent me this result...

    ----------- SCAN SUMMARY -----------
    Known viruses: 937709
    Engine version: 0.96.1
    Scanned directories: 9099
    Scanned files: 126277
    Infected files: 0
    Data scanned: 2159.04 MB
    Data read: 3622.21 MB (ratio 0.60:1)
    ------------------------------

    I shall provide further details once the entire run of tests from the 5 or so days they have been running are available.

    We're clean :)
     
  14. andyp

    andyp Active Member

  15. tubafran

    tubafran Active Member

    My Norton is not happy with the site at the moment - Site is unsafe but then says there are no threats?
     
  16. sunshine

    sunshine Member

    Mine shows exactly the same. Norton gives details for 6 threats that are caused by tMP being "embedded" to a dangerous site. I'm a bit of a computer numpty and don't really understand what embedded means. Is it possible for tMP to break links from this dangerous site?
     
  17. Janet Watkins

    Janet Watkins Member

    I am unhappy about accessing tMP from my Windows PC. I had a few 'pop-up' threats as mentioned on the previous page which were picked up by AVG. (similar to screenshot in #12)

    I cannot say with any certain that this website was responsible, but last week after accessing tMP on my Windows PC I had another warning which I thought I had dealt with in the right way. Shortly after this 'all hell broke loose' with spurious warning messages popping up every few seconds. I had caught the 'Windows Restore' virus!

    Thankfully I kept a reasonably calm head, did the research using my trusty Asus EEE netbook which runs using Firefox under Linux Xandros and set about repairing the damage.

    Several hours passed at my PC registry editting, running virus scanners and unhiding all the files and folders which 'disappeared'. I think it is all back to normal, but I refuse to access tMP from it at the moment!

    It may have been totally unconnected to tMP but I am not prepared to take the risk at present.
     
    Last edited: Apr 17, 2011
  18. Pauli Walnuts

    Pauli Walnuts Moderator Staff Member

    John: whilst the site may be free of viruses, can you be certain that every single advertiser doesn't have links to other sites that may be considered malicious?

    Also, SQL Injection attacks are not just the domain of viruses.

    What should be more interesting is where in the site is there a link to the ip address that a number of people have reported?
     
  19. TheMusicMan

    TheMusicMan tMP Founder Staff Member

    How can any site know if there are any embedded & possibly malicious links in another organisations site...?
     
  20. andyp

    andyp Active Member

Share This Page