Posted on 12/20/2004 7:03:43 PM PST by Armedanddangerous
Some friends and I have operated a self defense survival and conservatism website called www.paxbaculum.com .
This afternoon someone apparently took control of it with a worm called neverevernosanity webworm generation 13.
Okay, I give up. Why would anyone want to open an unsolicited PowerPoint presentation that has absolutely nothing to do with the discussion at hand?
Something like this? http://www.securityfocus.com/advisories/7600
I'm sorry, I should have said work stations, but also notice some NAT routers have built in Fire Walls.
He's a troll spammer. Just checked his history. He's been posting that link on lots of threads.
I already hit the abuse button. What a dork.
Yes! Yes! By the stuned beebers of Freepdom, yes! ;o)
I am not finding anything on the name.
Ditto here. Got goose-eggs. And no indication of a Linux-based worm hitting web servers.
Bet it is a renamed clone. Is there a DoS coming from zombie members?
I don't see anything on a DDoS right now. I'm suspecting that somebody's workstation got boinked and the attacker leveraged access into the server from there. Wish I had a nickel for every time I've seen it done.
Ditto. Just found him on another, unrelated thread. Ugh.
I already hit the abuse button.
Likewise. He'll be a smoking crater any moment now.
What a dork.
You read my mind. *smack* Stop that. ;o)
Sam Spade for Windows is a freeware network query tool. It may help you in tracking the perp. It's also helpful to track & nail spammers.
Checked Symantec and McAfee and the worm you mentioned is not yet listed there. Try checking them in a few weeks. They are usually pretty good at catching new stuff before it really spreads too far.
Good Luck.
No worries, FRiend. Please forgive me if I came off as grumpy. I just finished summarizing a 600-page standards evaluation of a new server and a NOC. Not for the faint of heart.
but also notice some NAT routers have built in Fire Walls.
This is true...and I have an absolute blast when someone has a server behind a firewall that talks to the world. Firewalls are, unfortunately, no panacea when the world-accessible service (and its associated applications) are vulnerable to remote attack.
Tee-hee.
Just lurking on this thread trying to learn some of the lingo.
I'm technology challenged.
I do know how to spot a dorky troll though. (:
Merry Christmas and a Happy New Year, Prime Choice!
Or some poor guy who did not protect his wireless network.
Ah-ha! I think you nailed it. Yup...I'd say that vector of attack seems most likely, considering the current installation. Good work, FRiend!
DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> > HEADBODY bgcolor="#000000" text="#FF0000"> H1>This site is defaced!!! ADDRESS>NeverEverNoSanity WebWorm generation 13.
Check the html on the same page in your computer publishing program. If it is ok why not try to republish the site. If the file in your computer looks like the html I have posted above your computer has been hacked and not the website, redo the page and try to post it. - Tom
What's your level of experience and expertise thus far?
I'm technology challenged.
Just remember: the only dumb question is the one that isn't asked. :o)
I do know how to spot a dorky troll though. (:
That's a marketable trade in these parts! :o)
Merry Christmas and a Happy New Year, Prime Choice!
Merry Christmas and Happy New Year wishes to you and yours, too!
Glad I could help.
Nope. This is. :o)
Odd. The vizacc.com site runs on IIS/5.0, whereas the other site runs on Red Hat Linux. There are no worms that are capable of attacking two OS's (so far).
Gee guys, ranks-a-rot. lol
I just spent 10 minutes trying to figure out why you wanted to have Armedanddangerous zotted. I checked all his recent posts, (even read through some of the threads), and his join date, etc. He seemed fine to me - never found where he posted the same link all over the place.
[OK,OK, so I should have followed the trail to post #19 which had already been deleted by the time I read the thread.]
Could ya'll do me a favor and mention the poster's screen name when you start talking about zotting someone. It sure would help to make more sense of the thread. I'd really appreciate it.
Thanks, guys.
;^D
FReegards
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.