[BBC-Micro] Sigh. Virus alert.
rick at rs432.net
Sat Jan 30 19:05:21 GMT 2010
On 30/01/2010 11:16, Rob wrote:
> Every .html file and every index.php file
> software, but on the whole I prefer coding stuff server-side.
> I've more control of what things end up doing!
1. Fluff. Like my old index that had a countdown to Y3K.
used for selecting whether to show macron vowels or circumflex.
I've not yet found any method in JS to say "is this computer
capable of displaying this?", so at the moment it just assumes
RISC OS = no, anything else = yes. If your browser spoofs its
identity, then get used to funny little boxes. :-)
3. Link fluff. Like my b.log or Film4 reviews - stuff shows up in
the status bar (if permitted, doesn't appear to work too well on
FireFox?) plus it can toggle layer visibility on and off so I can
embed extra stuff that might count as "spoilers". Under RISC OS,
most browsers show this stuff as a matter of course. Too bad...
It has uses, but by and large anything "smart" is better done by the
server with the browser acting as a "dumb terminal". I certainly have no
need for the likes of Ajax which might make instant countdowns and bids
vsible in eBay but on my site? What's the point.
Likewise, your teletext work. OMG, imagine getting THAT to work
cross-browser and cross-OS. Your alternative? One script, one program,
bang - it's visible on practically anything from a mobile phone to the
iSlate, from Ubuntu to RISC OS, even MS-DOS! (Arachnia)
>> Your antivirus didn't catch it first?
> It seems not. It was set to auto-update every day too. AVG free ...
> I'm now on Avast, which seems better at blocking web based stuff.
Mmm... I run Avast too. Used to run AVG but they, from time to time
"end" the free version support while upgrading to a new version, and
they don't make it clear if the new one will be free. It seems it always
it, but the first time this happened I was not used to it so I deleted
AVG and installed Avast.
Seems to be slower, but I guess that's a price worth paying if it works
better. Oh, and less false-positives too.
> Still had a lingering infection, though, and ended up running
Have you let Avast run a full check of EVERYTHING?
> I'm still going to fetch everything back local and grep for iframes,
> though I think.
Yes, that's what my friend did to my site. He SCP'd all the HTML and PHP
to his computer and deleted them _ALL_ from the server. He first run a
virus check on the folder and after an output that looked like a failed
C compile, decided it might be easier to get Windows Search to simply
look for IFRAME as I never use it.
A few SMSs later, I had no choice but to tell him to wipe it all.
One thing I recall, and take note Rob, look CAREFULLY at your PHP
scripts. There were some that were NOT "obviously" infected that I had
not put there. I suspect some sort of Trojan was in play that would
trigger a reinfection, or maybe it was an attempt at a back door? I
don't know - I said those files should be wiped too.
Just make sure all the PHP you have are ones you actually put there.
> Sometimes I hate not being in control,
:-) This is where you click your fingers and flames appear.
> but I've run my own hosting, and it became a pain in the neck,
I can imagine.
> just keeping on top of the security and version updates all the time.
I have an alternative solution for that. Set up a machine, set up a
server. Squeeze it all into around 600Mb. Burn the lot to CD-R maybe
once a month (with updates held elsewhere). If it is compromised,
restore the image.
But since my setup of choice is _likely_ to be WebJames on some sort of
RISC OS box... good luck hacking it. :-)
[i.e. WTF d'you mean there's no MySQL insecurity? WTF d'you mean there's
no MySQL? WTF d'you mean it's a non-standard PHP a decade out of date?
WTF d'you mean there's no HTML5 support? WTF d'you mean it's not Apache
or <cough>IIS</>? WTF d'you mean there's no telnet or ftp or scp or
anything else on that IP address? WTF is it, a ZX Spectrum?!?]
Rick Murray, eeePC901 & ADSL WiFI'd into it, all ETLAs!
BBC B: DNFS, 2 x 5.25" floppies, EPROM prog, Acorn TTX
E01S FileStore, A3000/A5000/RiscPC/various PCs/blahblah...
>> TO PRIVATE MAIL ME, REMOVE [BBC-Micro] FROM SUBJECT <<
More information about the bbc-micro