Posted Monday 10th November 2008 18:17 GMT
"Most of the hacked sites run Microsoft ASP technology and are thought to have been hit either using SQL injection attacks "
John this is another attempt at lazy sensationalist journalism to put MS in the security spotlight for a security issue that can't actually be pinned on them for once. As a hoster we're seeing both ASP+MSSQL on Windows *AND* PHP+MySQL on Linux sites being targetted equally.
Yet again you fail to mention that the reasons for sites being susceptable to these compromises is shoddy scripting practices by the web site developers, not a flaw in the technology.
Paris, because she prefers the hot beef injection....
Posted Monday 10th November 2008 18:17 GMT
"Notoriously wobbly" may be the best way that anyone has ever described ActiveX. Or anything at all.
Writing like that is what keeps me coming back to El Reg. That and years of deeply engrained habit. But mostly it's the writing.
Posted Tuesday 11th November 2008 00:29 GMT
This week I'll just use my home pc to just play the game and not browse the internet then.
Arrrgh!
Bad hordehackers bad!
Posted Tuesday 11th November 2008 00:29 GMT
It would have been good if you'd directly mentioned the sites in the kaspersky report in the main story, and recommended blocking them (hosts or whatever). So to quote therefrom:
"
The link leads to Java Script located on one of six servers – these servers act as gateways for further redirecting of requests. We’ve identified six of these gateways and they’ve been added to the blacklist in our antivirus:
* armsart.com
* acglgoa.com
* idea21.org
* yrwap.cn
* s4d.in
* dbios.org
If you’re an admin, you should block access to these sites.
Visiting one of the sites results in a secret redirect to a malicious server called vvexe.com which is located in China. Exploits are then used to launch an attack on the user’s machine.
"
Or noscript is spiffing. Shame idiot sites use scripting at all, innit?
If anyone can help, why can't these things be blocked at the root dns level. I know it's not immediately effective as it takes time for the dns record (whatever it's called) to trickle down to non-root (whatever they're called) dns servers, but it's something, surely?
Posted Tuesday 11th November 2008 12:59 GMT
So, only the anoraks are affected then?
Posted Tuesday 11th November 2008 12:59 GMT
Gee -- guess the Gold Farmers are planning on uppin the ante in Litch King.
have had our apps folks beaten up yet again over crap like this on our webservers - thankfully they've finally started to make progress on fixing cruft code.
Helps when the auditors insist on independent vulnerability testing. Better when the testers note that the network and OS layer are just about as solid as can be.
Now -- me n my Gentoo x86_64 and wine are off to eat some hordies in EOTS. And wait patiently for our midnight release copy ......
Posted Tuesday 11th November 2008 12:59 GMT
It's a big mistake to use Windows to do any "serious" work on the computer.
With all its flaws, it's a matter of time before either their work is wiped, their mailboxes trashed (since most users use outlook express), and their computer hacked - and therefore their bank accounts cleaned.
Posted Wednesday 12th November 2008 10:59 GMT
I had a new type of phishing email a couple of weeks ago which told me my domain site mailboxes were full, and asking me to login with my domain management login details. Looked very good - and made me think for a minute or two before I deleted it - I don't have mailboxes, only mail forwarding, and of course the headers and links were all wrong. I wonder if this was connected in any way with this article's content?
Back to the article