Something attacking my computer??

[U2Girl1978]

There's a virus going around. I'd double check and search your files for it. I don't know if this is part of the problem but it doesn't hurt to check right?

Variants of the “Blackmal.e” e-mail worm, also known as "NYXEM, KAMA SUTRA" and others, have raced through the Internet during the past week, causing spamming, and tricking unsuspecting recipients into opening the attachments of various names, thereby causing infection in machines running Windows operating systems only. This is a dangerous and destructive worm, and all members of the community are strongly urged to take protective actions now.

Infected computers will, on February 3, 2006, and on the third day of each subsequent month, experience destruction of antivirus protection and all files of the following types: .doc (word document), .xls (excel spreadsheet), .mdb (access database), .ppt (power point), .pps (power point show), .zip (zipped file), .rar (winRAR compressed archive), .pdf (Adobe portable document format), .psd (photoshop format), and .dmp (windows error dump)

 

[U2Man]

This entire site is co-located at VOXEL. They are not an attacker. lol.

Aaaahh, yes, I had kinda guessed that that could be the case. However, still WHA's firewall should not regard traffic from Voxel as attacks! Isn't it possible that code residing at Voxel is trying to communicate with ports that the firewall will not allow, for instance?

 

[Elvis]

Aaaahh, yes, I had kinda guessed that that could be the case. However, still WHA's firewall should not regard traffic from Voxel as attacks! Isn't it possible that code residing at Voxel is trying to communicate with ports that the firewall will not allow, for instance?

no.

 

[U2Man]

no.

Why not?

 

[Elvis]

There is no rogue code, spyware, adware, or viruses, on this server.

Various brands of Internet Security software are over bearing, misleading, mis-reporting, etc. The fact that the same issues cant always be duplicated on specific pages (and I dont mean threads) is evident of that.

The 'lost' thread for instance.. I have litterally gone through every externally linked file (images) and have found nothing more than possibly remotely set cookies. Cookies ARE NOT an attack. Cookies arent dangerous. Now the fact that the software reports the ip address of the 'attack' from VOXEL (where this site is located) is just bogus, and proof its crappy software, because all its doing is checking on the source IP of the page, not the questionable file.... which is completely useless.

It doesnt even say what sort of attack... whats the deal with that?

 

[Angela Harlem]

There's a virus going around. I'd double check and search your files for it. I don't know if this is part of the problem but it doesn't hurt to check right?

Variants of the “Blackmal.e” e-mail worm, also known as "NYXEM, KAMA SUTRA" and others, have raced through the Internet during the past week, causing spamming, and tricking unsuspecting recipients into opening the attachments of various names, thereby causing infection in machines running Windows operating systems only. This is a dangerous and destructive worm, and all members of the community are strongly urged to take protective actions now.

Infected computers will, on February 3, 2006, and on the third day of each subsequent month, experience destruction of antivirus protection and all files of the following types: .doc (word document), .xls (excel spreadsheet), .mdb (access database), .ppt (power point), .pps (power point show), .zip (zipped file), .rar (winRAR compressed archive), .pdf (Adobe portable document format), .psd (photoshop format), and .dmp (windows error dump)

Goddamn it to hell and back

this explains it.

thank you.

 

[Angela Harlem]

ps, this is the message norton spits out:

Intrusion: ICC profile tagdata overflow
Intruder: interference.com(69.9.174.254)(http(80)).
Risk Level: high
Protocol TCP
Attacked IP: Local host
Attacked Port: 1933