digitalFAQ.com Forums [Archives]

digitalFAQ.com Forums [Archives] (http://www.digitalfaq.com/archives/)
-   Off-topic Lounge (http://www.digitalfaq.com/archives/lounge/)
-   -   Vcdhelp.com has spyware? (http://www.digitalfaq.com/archives/lounge/13247-vcdhelpcom-spyware.html)

kwag 01-24-2005 07:53 PM

vcdhelp.com has spyware?
 
8O
Someone reported me that a program called "Peer Guardian" banned vcdhelp.com :!:
That means that their IP address is blocked, becaue the site contains spyware.

http://methlabs.org/

So I installed it to see if it was true, and WOW, this is what I got in the log :!:


Connection Rejected: 194.67.35.196 - Spylog AP2P (01-24-2005 @ 20:40:23) 8O

And I also typed http://www.videohelp.com

And again, I got a reject :!:

-kwag

fabrice 01-25-2005 12:27 AM

Hi,

I don't know what append, but I'm not able to see any of this 2 web pages (with firefox). I only get a blank page (without html...).
Trying to go throught an anonymiser service, I get either a banned website o a unreacheable one... 8O

Salu2
Fabrice

kwag 01-25-2005 12:36 AM

Hi Fabrice,

Something VERY weird has happened to vcdhelp.com/videohelp.com :!:
The name servers point to 127.0.0.1 (localhost) 8O
ALL the name servers :!:
Maybe they got hacked, and someone did that on purpose.
I don't know what was the IP address of vcdhelp, so I can't verify if the site is up.

-kwag

kwag 01-25-2005 12:46 AM

I got their IP address, thanks to statistics on NetCraft's site ;)
http://67.19.225.212/forum/index.php
If anyone want's to visit their site, it's up.
But their DNS entries apparently were REALLY hacked :!:


EDIT: :!:
I think they changed the DNS on purpose :!:
I thing the worm hit them too, and they just changed the DNS records so people couldn't access the site (and the worms too :lol: )
I just tried to do a "search" on their forum, and it just hangs, just the same way it did here, before I applied the patch.


EDIT #2:
Yep, their database is screwed up. Here's the result after a search:
Code:

Warning: mysql_connect(): Can't connect to MySQL server on 'helper.videohelp.com' (110) in /var/www/html/videohelp/forum/db/mysql4.php on line 48
phpBB : Critical Error

Could not connect to the database

-kwag

rds_correia 01-25-2005 06:37 AM

Dammit this WORM thing is getting critical :x
D9 was also offline for some time.
I wonder if it had anything to do with this WORM :roll:
Correct me if I'm wrong but they were not using phpBB.
If so, I wonder if the WORM can really attack other "community board" software besides phpBB.
Hope they can stop this beast ASAP.
Cheers

kwag 01-25-2005 10:07 AM

Quote:

Originally Posted by rds_correia
D9 was also offline for some time.
I wonder if it had anything to do with this WORM :roll:

It could have been.
Quote:

Correct me if I'm wrong but they were not using phpBB.
They use vBulletin, which is very good.
Quote:

If so, I wonder if the WORM can really attack other "community board" software besides phpBB.
It's just a matter of time before someone takes the time to study vulnerable software holes in the forum software, and then launch a new worm.
If anyone wants to have a bullet proof software, they would have to do a full software auditing, like what the people at OpenBSD did, and that's why it's the #1 secure OS in the world.
To my knowledge, no other software development team has done anything similar, so we will see more security flaws in forum software in the future.

-kwag

jason 01-25-2005 03:29 PM

Re: vcdhelp.com has spyware?
 
Quote:

Originally Posted by kwag
8O
Someone reported me that a program called "Peer Guardian" banned vcdhelp.com :!:
That means that their IP address is blocked, becaue the site contains spyware.

http://methlabs.org/

So I installed it to see if it was true, and WOW, this is what I got in the log :!:


Connection Rejected: 194.67.35.196 - Spylog AP2P (01-24-2005 @ 20:40:23) 8O

And I also typed http://www.videohelp.com

And again, I got a reject :!:

-kwag

hello,

sometimes, peer guardian is a little "too much".
they banned many addresses that didn't need to.
Peer Guardian is for p2p users, consequently, it stop RIAA, MPAA, but also, many sites with only the "video", in it.
you can edit the name in the blocklist.
Or you can stop using peerguardian :wink:

kwag 01-25-2005 06:40 PM

Re: vcdhelp.com has spyware?
 
Quote:

Originally Posted by jason
sometimes, peer guardian is a little "too much".

Yes I agree :lol:

-kwag


All times are GMT -5. The time now is 07:03 AM  —  vBulletin Jelsoft Enterprises Ltd

Site design, images and content © 2002-2021 The Digital FAQ, www.digitalFAQ.com
Forum Software by vBulletin · Copyright © 2021 Jelsoft Enterprises Ltd.