I think Ice in space has a Virus

rumples riot · #1 24-08-2005, 11:06 AM

Hi Mike, not sure but you might like to check, when I opened a link to the Iceinspace stickers thread today I had over 100 windows open all within 10 seconds. This might be an indication of a Virus on the server. Might pay to check. It has not happened since or before.

iceman (Mike) · #2 24-08-2005, 12:25 PM

I'll look into it, but I think the problem could be on your end Paul? There's nothing on the iceinspace site that would cause that behaviour. I'll check with the server hosts and let you know.

rumples riot · #3 24-08-2005, 12:37 PM

No not my end, have latest signatures on Nortons for today and virus scanned this morning as well as looked for spy ware. Really weird, unless there was a tiny gliche somewhere in between. Like with Bigpond, kept send the call to open the same window. Bigpond has had some problems of late. I know they had a problem with emails being sent continuously.

Anyway I just thought I would alert you to the possibility.

Paul

toetoe (Peter) · #4 24-08-2005, 12:52 PM

I just tried the post and all worked fine my end.

acropolite (Phil) · #5 24-08-2005, 01:03 PM

No problems on any machines at my end. Have you checked for spyware problems Paul or maybe just a sticky key on your keyboard??

Striker (Tony) · #6 24-08-2005, 01:51 PM

No problems here.....

ving (David) · #7 24-08-2005, 02:00 PM

no probs 'ere... you ran adaware lately?

rumples riot · #8 24-08-2005, 03:30 PM

Phil, yeah did a spyware check, just after it happened. I have one monitoring all the time, but every now and then some sneek through. Sticky keys are possible but have not noticed it.

rmcpb (Rob) · #9 24-08-2005, 04:26 PM

OK here

mojo (Terry) · #10 24-08-2005, 05:53 PM

Quote:

Originally Posted by rumples riot

I had over 100 windows open all within 10 seconds. This might be an indication of a Virus on the server.

Paul, to put it bluntly - there is no way on earth that was caused by anything on IceInSpace.

rumples riot · #11 24-08-2005, 06:18 PM

Good explanation Mojo, I am impressed with your ability to relate complex problems to lesser beings than yourself, you ought to be congratulated and receive an award. W!

Was that blunt enough? I was meerly asking, because I know that I don't have anything on my systems. But I did not address it the same way. It was not an attack on your ability to maintain the site. Some people on this site jump too quickly down others throats. Second time in a month, wow. I am not impressed. It is entirely possible that there was a problem given the outages lately. Hmmm. I did say it might be on the server. Virus' do make it onto servers!

iceman (Mike) · #12 24-08-2005, 07:14 PM

Quote:

It was not an attack on your ability to maintain the site

It wasn't taken as such.
Nor should you take mojo's comment as an attack on you. You should not get so defensive so quickly. I didn't get defensive with a thread title like "I think IceInSpace has a virus". Not really the best title, is it? It could easily cause people to get the wrong impression and start blaming individual computer problems on misinformation.

Technically, it's just not possible. That's all mojo was saying.

rumples riot · #13 24-08-2005, 08:00 PM

Mike your approach is simply wrong. This is the only site that this has happened on, so it is natural to assume that it is related to this site. As to suggesting that the V word is not technically possible is simply not true. Any Harddrive or storage facility that is directly linked to the internet is subject to invasion by Viruses and hackers. No matter what you have. For instance I have a physical fire wall into which the phone line hooks up. I then have the top of the range internet virus and firewall protection in software as well as XP firewall running all at the same time. I still occassionally get trojans, worms and the like attempting to enter my system. Hackers also sometimes probe. So I am sure that this is the case for the server for Ice in space. Viruses could still be placed on that server. To suggest otherwise is sticking your head in the sand.

As to the name of the thread, this is to alert people of the possibility. The site has had some outages lately and sometimes outages are caused by viruses. The information given regarding the outages is simply not definitive. And; I was only asking to check. Like I said I have made numerous checks today and found nothing from my end.

I am not getting defensive and I really think you need to understand what that word means. When the system admin simply dismisses a legitimate query from someone who is a member of the site, it can look like a mere snub. I am annoyed that I should be treated as such. Not defensive. I am not defending myself above I am attacking someones inability to explain why something is so and not just say it arn't broke cos I said so.

Anyway that is my opinion and as a matter of course I fully expect that this will be edited and the thread locked!!!! Not an open forum? I was trying to help not start a fight. Cronyism.

RAJAH235 · #14 24-08-2005, 09:34 PM

Paul H, If I may just throw a comment in here. If you have 2 or more firewalls running at the same time, they can conflict. You only need one. Windows firewall is not a good one to pick. IMHO, Norton's is not the 'top of the line' in spyware. There are others that do the same, if not better & are free. Sygate Personal Firewall, AVG, Ad-aware, Spybot & Spywareblaster to name a few. As I said, this is just my opinion, but after browsing all the relevant forums & testing each one out, I can say that I do not have any problems at all & all my anti spy/virus programs are of the free variety, save for one email program.
I'm just stating facts here. Hope I haven't offended.

Regards, L.

RapidEye · #15 25-08-2005, 06:27 AM

Quote:

Originally Posted by rumples riot

Any Harddrive or storage facility that is directly linked to the internet is subject to invasion by Viruses and hackers. No matter what you have.

Yeah, but when servers get infected, and they do, their behavior is different than it is for a client PC (like your desktop).

The code that this site runs is php, and I'm betting a paycheck that MySQL is the database backend and Apache is the web server.

In order to get those pop-ups like you stated, that would mean the PHP code would have to be re-written, but only re-written to cause the pop-ups. No other portion of the server really drives how the pages you see are presented or operate.

Furthermore, due to the way the site is built (all the pages are built off of templates that are populated on the fly with database content) those code changes would have had to been to the template - meaning, everyone would have experienced it and you would have next time you came to the site.

I've never seen or heard of a virus that only selectively edits PHP code and inserts code to cause pop ups, but not wreck anything else. Of course anything is possible - but that would be some pretty elegant virus writing for what is normally just a bunch of scriptkiddies. Worse yet - it doesn't do anything to propogate the virus (which is really what they want viruses to do).

And in the event that it was hackers - why would they have done it, then undone it???

I hope that helps to explain what Mojo meant - it just can't happen.

Maybe a better way to put it is "its very unlikely to happen, and if it did, it wouldn't have suddenly gone away on its own."

iceman (Mike) · #16 25-08-2005, 06:42 AM

Quote:

Originally Posted by rumplesriot

as a matter of course I fully expect that this will be edited and the thread locked!!!! Not an open forum?

Why would it be? There's been no guidelines breached.

Quote:

Originally Posted by RapidEye

I hope that helps to explain what Mojo meant - it just can't happen

Cheers RapidEye, that's exactly what mojo and I meant, it's just technically not possible.

And yes, your paycheck is safe.. mysql DB and apache webserver

rumples riot · #17 25-08-2005, 10:18 AM

Thanks Rapid, that gives me a better understanding of why it is not possible. So it looks like this windows opening is an engima. I can't find anything here and can only assume that it was a gliche in someones software, possibily mine. Might even be an XP thing.

Sorry to have inconvenienced anyone.

RapidEye · #18 25-08-2005, 01:08 PM

Quote:

Originally Posted by iceman

And yes, your paycheck is safe.. mysql DB and apache webserver

Triple or nothin' its on Linux

Rumples - thats another reason why its very unlikely a virus is involved from the server side. Not too many Linux viruses out there in the wild. If IIS host is up to snuff on patches, the server is pretty bullet proof (virus and spyware wise).

Quote:

Originally Posted by rumples riot

Thanks Rapid, that gives me a better understanding of why it is not possible.

Not a problem - glad to help.

Quote:

Originally Posted by rumples riot

So it looks like this windows opening is an engima.

Sorry to have inconvenienced anyone.

Yeah - If it doesn't happen again - I'd chaulk it up to a fluke. Lord knows it doesn't take too many "stray electrons" to make windoze go stupid. If I had to lay a wager (no triple or nothin' here) it was something from a previous website you were on trying to defeat your popup blocker. Some sites can be rather persistent and creative at it.

Also - I wouldn't think you inconvenienced anyone if your intent was truely to help.

mojo (Terry) · #19 25-08-2005, 02:37 PM

That's quite a lot of information you've extrapolated from one statement, Paul.

Quote:

Originally Posted by rumples riot

Good explanation Mojo, I am impressed with your ability to relate complex problems to lesser beings than yourself, you ought to be congratulated and receive an award. W! ...

I'm quite capable of relating complex problems. I can do many things - reading minds is not one of them. If you required an explanation, you actually need to ask for one.

ving (David) · #20 25-08-2005, 02:50 PM

is it still happening paul?