WHO managed to take the WEB-Site down?

[MrSwiss]

Hi all,

today the whole FreeBASIC-WebSite was taken down ...
Does anybody have any Information on the Issue?

regards MrSwiss

[dkl]

Hi,

the freebasic.net frontpage (using Drupal) was infected with malware. Some malicious Javascript was embedded to the HTML pages generated by it. It looked like this:
https://blog.sucuri.net/2015/11/jquery- ... sites.html

It was reported by a user on IRC and also by coderJeff via email.

So I removed the Drupal stuff from the server for now. The forum and wiki are back again though as they were not affected; at least I didn't find the injected JS there.

The installed Drupal version was 7.22, i.e. outdated, which I guess is what allowed the infection. I've tried installing the latest 7.41 and 8.0.1 Drupal, but failed in both cases (8.x required a fresh database which I didn't want to do yet because it means remaking the website, although it's probably just a "few" hours of work to do that; and 7.41 caused the server to return binary "garbage" instead of HTML text, and I have no idea what's going on there).

[srvaldez]

albert reported that FBedit that he downloaded from the sourceforge was infected by a virus http://www.freebasic.net/forum/viewtopi ... =3&t=24228
I have not confirmed that claim but the FBedit homepage is blank http://fbedit.freebasic.net
could someone look into this?

[Imortis]

albert reported that FBedit that he downloaded from the sourceforge was infected by a virus http://www.freebasic.net/forum/viewtopi ... =3&t=24228
I have not confirmed that claim but the FBedit homepage is blank http://fbedit.freebasic.net
could someone look into this?

This is a false positive. Many Anti-viruses pick up FBC compiled code as viral for some strange reason. I can confirm that compiling FBEdit from source will get the same false positive.

[srvaldez]

thank you Imortis :)

[Tourist Trap]

Many Anti-viruses pick up FBC compiled code as viral for some strange reason.

Some antivirus like Norton love targetting free/opensource projects. It had been denounced many times in the past, in particular by SpyBot developper (say 10 years ago). Personnally if one has to pay, I would recommend kaspersky for its policy in this matter is better, and the tools dedicated to network are very sharp. Yet many free tools exist for packet survey but less user-friendly (kind of free stuff can be found if searched in relation with forensic domain).

although it's probably just a "few" hours of work to do that

Hi dkl, few hours+ few hours + few hours, I think you desserve postponing this duty a little and enjoy some rest in those last days of the year. Even if it's really bad luck what's happening with the server.

[St_W]

The installed Drupal version was 7.22, i.e. outdated, which I guess is what allowed the infection. I've tried installing the latest 7.41 and 8.0.1 Drupal, but failed in both cases (8.x required a fresh database which I didn't want to do yet because it means remaking the website, although it's probably just a "few" hours of work to do that; and 7.41 caused the server to return binary "garbage" instead of HTML text, and I have no idea what's going on there).

Major Drupal Versions are incompatible. Drupal 8 was released just a few weeks ago and many modules haven't been ported to Drupal 8 yet. I recommend staying with Drupal 7 as of now.

When manually updating to a newer minor version (e.g. 7.22 to 7.41) be sure to run "update.php" to update the database. Also look for updates for the installed non-Drupal-Core-modules in the modules directory and themes in the themes directory.

For Drupal maintenance I highly recommend using drush. You can run "drush up" to update the drupal core and modules. See http://drushcommands.com/drush-7x/pm/pm-update/ for more information about this.

[counting_pine]

While Drupal is down, would it make sense to redirect freebasic.net/ to the forum? Not ideal, but it's probably where people go most of the time anyway.

[fxm]

Yes but from forum, there is no link to access wiki!

[counting_pine]

No official link, you mean. I imagine that's probably something that could be done as well though.

[fxm]

Yes, only link for example at page Documentation / FreeBASIC Online Documentation - Wiki

[St_W]

Would it be that hard to put a static HTML page there with the FreeBasic logo and links to the sourceforge, the forum, the wiki, github and maybe some others I've missed?

[counting_pine]

It's probably easier to put links in the forum header than to create a reasonably professional looking static page.

[dkl]

By the way, I've put a static index.html there for now. That's the best I could do this week...

[fxm]

By the way, I've put a static index.html there for now. That's the best I could do this week...

A hacker has added a link to a XXX picture with a link to ...:
The link http://www.freebasic.net/index.html is OK but not the link http://www.freebasic.net/ (or http://www.freebasic.net/index.php).