PDA

View Full Version : Societyofrobots website trouble



Resilient
03-13-2009, 04:01 PM
My Avast! virus protection software is telling me that societyofrobots.com has a JS:Redirector-E trojan. Anyone know anything about this? Has their site been hijacked? Is my anti-virus just flipping out for no reason?

Resilient
03-14-2009, 05:04 PM
Anyone? Its kinda important to me because that's where trossen links to for information on the Axon.:sad:

lnxfergy
03-14-2009, 05:32 PM
Anyone? Its kinda important to me because that's where trossen links to for information on the Axon.:sad:

Loads up fine for me...

-Fergs

Alex
03-16-2009, 09:17 AM
I'm running Avast and clicked on every link on our product page and didn't get any warnings:

http://www.trossenrobotics.com/p/axon-microntroller.aspx

Was there a different link that you were getting the warning? I have my Avast setup to freak out about anything remotely resembling malware.

societyofrobots
09-22-2009, 08:59 AM
Apologies for reviving a dead post . . . but figured I should share this info.

http://www.societyofrobots.com/robotforum/index.php?topic=7338.0

SoR is being bombarded by a dozen hack attempts per day since the beginning of this year (according to server logs). They got me in March unfortunately . . .

Does TR have the same problem?

lnxfergy
09-22-2009, 09:10 AM
Only a dozen attempts per day? Wow, feel lucky. I've never run a server that wasn't under a constant barrage of thousands of attempts a day.

-Fergs

Alex
09-22-2009, 10:43 AM
Yep, both our blog and our forums have been hit pretty hard in the past year. It's mostly due to spambots registering and posting spam to the forums & blog and more recently, figuring out ways of making themselves admins and adding malicious scripts to files.

Couple of things:



Upgrade your forums to the latest version. Be sure to remove ALL previous files on your sever and upload fresh ones from the new version to remove any malicious scripts that were added to your files.
Change all admin passwords.
Go into your DB and make sure there are no admins registered that you did not authorize. Make sure you go into your DB, because I found two admins registered that weren't showing up in our admin frontend panel. If any 'fake admins' have registered, you need to trace everything they've done in your db and see if they've made any file changes.
Make sure all your admin files are set to 644.
Add an additional security question on top of your ReCAPTCHA visual verification. Make sure it's one that spambots can't easily solve (like "what's 2+10"), but try to not make it too difficult. Check our question out on the registration page. Ours is quite tricky and we get some complaints from new signups, but it's a cost I'm willing to accept.

I don't know for sure if I everything is 100% cleaned up, but I haven't ran into any issues for a couple of months now (knocking on wood):)

Adrenalynn
09-22-2009, 01:34 PM
Only a dozen attempts per day? Wow, feel lucky. I've never run a server that wasn't under a constant barrage of thousands of attempts a day.

-Fergs

^^^---- What he said.

That said - it depends what kind of attacks your seeing. Concentrated DDoS is far more deadly than just simple sniffing at the border. Real DDoS' have been known to take down Microsoft, Yahoo, eBay, PayPal, etc. Those are nasty. In my life of running datacenters, I've seen three or four of those, and can promise you - when you get one you're goin' down. It's all a matter at that point of the contacts you have in place to shut _them_ down and minimize the damage.