Security Issues...........

tubafran

Active Member
Malicious Toolkit Website 9?

Over the last few days Ive noticed that each time I log on to The Mouthpiece my Norton Security highlights an attack from the above name with the following IP address being identified 128.121.128.110

Anyone else noticing this or is it just coincidental?

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
Description

This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.
Additional Information

This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.
Affected

  • Various
 
Last edited:

ersop

New Member
Over the last few days Ive noticed that each time I log on to The Mouthpiece my Norton Security highlights an attack from the above name with the following IP address being identified 128.121.128.110

Anyone else noticing this or is it just coincidental?

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
Description

This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.
Additional Information

This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.
Affected

  • Various
I get the same (other than the IP address is 129.121.128.110 but that could be a typo)
 

sunshine

Member
I use Norton and it comes up with the message

"A recent attempt to attack your computer has been blocked".

This happens the first time I log on each day, and has done so for over a week.
 

WoodenFlugel

Moderator
Staff member
My avast! AV picks it up too. I thought we'd made an announcement about this as it was reported to us a few weeks ago, but it seems we didn't. Sorry about that.

I know John was looking into it - but don't worry, there is no threat to anyone's security from tMP. I'm sure as soon as John has a definitive answer, he'll let you all know.
 

Anno Draconis

Well-Known Member
Avast and AVG both pick it up. I forwarded a screen capture to John, who's asked the server hosts to look into it.

As long as my AV keeps catching it, I'm happy. It's when the warnings stop I'll panic...
 

dyl

Active Member
hmmmm, theonly time i see any problem is when Ian "Pesky" Perks posts something!!!
;-)

:clap:

If only I knew how to program a piece of software that warns against his type of 'malicious activity' I'd reckon I'd make a fortune! ;)
 

oleredeye

New Member
AVG still alerting on tMP Home Page...

My avast! AV picks it up too. I thought we'd made an announcement about this as it was reported to us a few weeks ago, but it seems we didn't. Sorry about that.

I know John was looking into it - but don't worry, there is no threat to anyone's security from tMP. I'm sure as soon as John has a definitive answer, he'll let you all know.

And it's STILL doing it! Screenshot attached - I'm using AVG 10.0.1209.....:mad:
 

Attachments

  • tMPAVG.jpg
    tMPAVG.jpg
    105.1 KB · Views: 269

TheMusicMan

tMP Founder
Staff member
Hi All

I wanted to provide you with some assurance that there are no malicious scripts on tMP. Over the last few days, the admins in the data center where the tMP dedicated (not shared) server is housed have been running a series of scripts and tests to ensure the security and cleanliness of the server.

Some of those tests are still running, but the initial sweep of tMP for virus's and malware and the admins sent me this result...

----------- SCAN SUMMARY -----------
Known viruses: 937709
Engine version: 0.96.1
Scanned directories: 9099
Scanned files: 126277
Infected files: 0
Data scanned: 2159.04 MB
Data read: 3622.21 MB (ratio 0.60:1)
------------------------------

I shall provide further details once the entire run of tests from the 5 or so days they have been running are available.

We're clean :)
 

tubafran

Active Member
My Norton is not happy with the site at the moment - Site is unsafe but then says there are no threats?
 

sunshine

Member
My Norton is not happy with the site at the moment - Site is unsafe but then says there are no threats?

Mine shows exactly the same. Norton gives details for 6 threats that are caused by tMP being "embedded" to a dangerous site. I'm a bit of a computer numpty and don't really understand what embedded means. Is it possible for tMP to break links from this dangerous site?
 
I am unhappy about accessing tMP from my Windows PC. I had a few 'pop-up' threats as mentioned on the previous page which were picked up by AVG. (similar to screenshot in #12)

I cannot say with any certain that this website was responsible, but last week after accessing tMP on my Windows PC I had another warning which I thought I had dealt with in the right way. Shortly after this 'all hell broke loose' with spurious warning messages popping up every few seconds. I had caught the 'Windows Restore' virus!

Thankfully I kept a reasonably calm head, did the research using my trusty Asus EEE netbook which runs using Firefox under Linux Xandros and set about repairing the damage.

Several hours passed at my PC registry editting, running virus scanners and unhiding all the files and folders which 'disappeared'. I think it is all back to normal, but I refuse to access tMP from it at the moment!

It may have been totally unconnected to tMP but I am not prepared to take the risk at present.
 
Last edited:

Pauli Walnuts

Moderator
Staff member
John: whilst the site may be free of viruses, can you be certain that every single advertiser doesn't have links to other sites that may be considered malicious?

Also, SQL Injection attacks are not just the domain of viruses.

What should be more interesting is where in the site is there a link to the ip address that a number of people have reported?
 

TheMusicMan

tMP Founder
Staff member
John: whilst the site may be free of viruses, can you be certain that every single advertiser doesn't have links to other sites that may be considered malicious?

Also, SQL Injection attacks are not just the domain of viruses.

What should be more interesting is where in the site is there a link to the ip address that a number of people have reported?
How can any site know if there are any embedded & possibly malicious links in another organisations site...?
 

Product tMP members are discussing

Top