» A Public Service Announcement
You may have noticed that this site was down on Friday evening. This is because we've been having reports that NTS was infected with the VBS/Psyme trojan. This exploits an Internet Explorer-only vunerability.
I've given the site a complete going-over, including a thorough virus scan, and I can see no infection at all. I'm therefore 99.9% confident that this is simply a case of false positives.
However, I'd like to track down exactly why this is happening. So if you get any virus warnings on NTS, then please email the full details (including which page you got the warning on, the name of your virus scanner, and any information it provides) to webmaster@noisetosignal.org.
Thanks!
Responses
There's definitely SOMETHING going on. I just opened the front page and the window immediately closed.
By performingmonkey
![[TypeKey Profile Page]](http://www.noisetosignal.org/nav-commenters.gif)
on
Sunday, October 1, 2006 @ 04:05
Right. I believe now the virus problem we had is sorted.
I'll do an announcement about why it happened soon; but if anyone has *any* warnings, please email me at jhoare@gmail.com so I can take the site offline again. But I'm pretty sure we're now OK.
By
John Hoare
on
Wednesday, October 4, 2006 @ 20:56
Is the fact that ganymede.tv is currently showing a HTTP500 Internal Server error related to this?
By Somebody on Wednesday, October 4, 2006 @ 21:12
Partially. It's very complicated and boring. I'll do a post explaining it when its all sorted.
I'm currently waiting for G&T to propogate to the new servers - I can access the new servers through http (the 500 error), but I can't actually FTP in to correct the problem, as it doesn't look like ftp has propogated yet. Which I didn't think could even *happen*, but there you go.
By
John Hoare
on
Wednesday, October 4, 2006 @ 21:15
I didn't know that could happen either :)
How come the hosting company haven't given you an IP address (ftp://000.000.000.000 where 0 = any decimal digit, non-consistant) or a ftp://hostingcompany.xyz address to access it before the ganymede.tv domain propogated?
By Somebody on Wednesday, October 4, 2006 @ 21:51
That would clearly be too easy. Although I might go and try and find it out, actually. Good idea.
Here's another hint as to my opinions of the hosting company: the virus wasn't anything to do with us. The files on the server were clean - which is why I couldn't see any problems. The malicious stuff was only included when the pages were *served* - in other words, the attackers had hacked the entire server, not my site. My own security was top-notch and not to blame.
This is poor.
By
John Hoare
on
Wednesday, October 4, 2006 @ 21:57
...actually, forgive me. I take back what I said about the propogation - it *has* propogated via FTP. There was a problem with the .htaccess that made it *look* like what I was doing wasn't having any effect, but it turns out it was.
Everything else is correct, though.
By
John Hoare
on
Wednesday, October 4, 2006 @ 22:03
Yay!
However MT seems to get stuck if you try to save an (already published?) article.
By Jeffrey Lee on Wednesday, October 4, 2006 @ 23:01
Yay!
However MT seems to get stuck if you try to save an (already published?) article.
By Jeffrey Lee on Wednesday, October 4, 2006 @ 23:02
Hmm. I think MT is still a bit shagged. My edited article has now appeared, and the two comments it told me it wouldn't post because I'd been a naughty spamz0r have appeared.
By Jeffrey Lee on Wednesday, October 4, 2006 @ 23:05
I have a feeling that changing the title of the article was a bad idea.
By Jeffrey Lee on Wednesday, October 4, 2006 @ 23:11
Post a response
OpenID Sign On: