[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-id: <478D0D51.11716.A08283B1@nick.virus-l.demon.co.uk>
Date: Tue, 15 Jan 2008 19:45:21 +1300
From: Nick FitzGerald <nick@...us-l.demon.co.uk>
To: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: what is this?
crazy frog crazy frog wrote:
> well,
> i received many response but no one is perfact.i checked the files and
> didn't find anything embeded in my scripts or pages.still i have to
> figure out why my antivirus randomly popsup?i mean most of the times
> it doesnt detect any infection but then suddenly this thing happnes
> and then everything seems ok.
> i dont think its a problem with my script otherwise i could have find
> the code or it should be repeating consistly.has any one still facing
> this issue in the techicorner.com or on tubeley.com or on
> secgeeks.com?
>
> let me know i m trying hard to digg this issue.
If you would tell us the _actual_ URL where this behaviour is being
seen we would have a reasonable chance of actually diagnosing it. As
it is, we're having to guess based on matching your half-arsed
descriptions of what you think is happening with our knowledge of what
has been seen going on out there.
This may surprise you, but many thousands and thousands of sites are
compromised each day to display "similar" activity to what you've asked
to us to diagnose (aka "guess").
If we could look at the actual site and see what is really happening
should have a better (if not perfect) chance of success.
Regards,
Nick FitzGerald
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists