WHO managed to take the WEB-Site down?
WHO managed to take the WEB-Site down?
Hi all,
today the whole FreeBASIC-WebSite was taken down ...
Does anybody have any Information on the Issue?
regards MrSwiss
today the whole FreeBASIC-WebSite was taken down ...
Does anybody have any Information on the Issue?
regards MrSwiss
Re: WHO managed to take the WEB-Site down?
Hi,
the freebasic.net frontpage (using Drupal) was infected with malware. Some malicious Javascript was embedded to the HTML pages generated by it. It looked like this:
https://blog.sucuri.net/2015/11/jquery- ... sites.html
It was reported by a user on IRC and also by coderJeff via email.
So I removed the Drupal stuff from the server for now. The forum and wiki are back again though as they were not affected; at least I didn't find the injected JS there.
The installed Drupal version was 7.22, i.e. outdated, which I guess is what allowed the infection. I've tried installing the latest 7.41 and 8.0.1 Drupal, but failed in both cases (8.x required a fresh database which I didn't want to do yet because it means remaking the website, although it's probably just a "few" hours of work to do that; and 7.41 caused the server to return binary "garbage" instead of HTML text, and I have no idea what's going on there).
the freebasic.net frontpage (using Drupal) was infected with malware. Some malicious Javascript was embedded to the HTML pages generated by it. It looked like this:
https://blog.sucuri.net/2015/11/jquery- ... sites.html
It was reported by a user on IRC and also by coderJeff via email.
So I removed the Drupal stuff from the server for now. The forum and wiki are back again though as they were not affected; at least I didn't find the injected JS there.
The installed Drupal version was 7.22, i.e. outdated, which I guess is what allowed the infection. I've tried installing the latest 7.41 and 8.0.1 Drupal, but failed in both cases (8.x required a fresh database which I didn't want to do yet because it means remaking the website, although it's probably just a "few" hours of work to do that; and 7.41 caused the server to return binary "garbage" instead of HTML text, and I have no idea what's going on there).
Re: WHO managed to take the WEB-Site down?
albert reported that FBedit that he downloaded from the sourceforge was infected by a virus http://www.freebasic.net/forum/viewtopi ... =3&t=24228
I have not confirmed that claim but the FBedit homepage is blank http://fbedit.freebasic.net
could someone look into this?
I have not confirmed that claim but the FBedit homepage is blank http://fbedit.freebasic.net
could someone look into this?
Re: WHO managed to take the WEB-Site down?
This is a false positive. Many Anti-viruses pick up FBC compiled code as viral for some strange reason. I can confirm that compiling FBEdit from source will get the same false positive.srvaldez wrote:albert reported that FBedit that he downloaded from the sourceforge was infected by a virus http://www.freebasic.net/forum/viewtopi ... =3&t=24228
I have not confirmed that claim but the FBedit homepage is blank http://fbedit.freebasic.net
could someone look into this?
Re: WHO managed to take the WEB-Site down?
thank you Imortis :)
-
- Posts: 2958
- Joined: Jun 02, 2015 16:24
Re: WHO managed to take the WEB-Site down?
Some antivirus like Norton love targetting free/opensource projects. It had been denounced many times in the past, in particular by SpyBot developper (say 10 years ago). Personnally if one has to pay, I would recommend kaspersky for its policy in this matter is better, and the tools dedicated to network are very sharp. Yet many free tools exist for packet survey but less user-friendly (kind of free stuff can be found if searched in relation with forensic domain).Imortis wrote: Many Anti-viruses pick up FBC compiled code as viral for some strange reason.
Hi dkl, few hours+ few hours + few hours, I think you desserve postponing this duty a little and enjoy some rest in those last days of the year. Even if it's really bad luck what's happening with the server.dkl wrote:although it's probably just a "few" hours of work to do that
Re: WHO managed to take the WEB-Site down?
Major Drupal Versions are incompatible. Drupal 8 was released just a few weeks ago and many modules haven't been ported to Drupal 8 yet. I recommend staying with Drupal 7 as of now.dkl wrote:The installed Drupal version was 7.22, i.e. outdated, which I guess is what allowed the infection. I've tried installing the latest 7.41 and 8.0.1 Drupal, but failed in both cases (8.x required a fresh database which I didn't want to do yet because it means remaking the website, although it's probably just a "few" hours of work to do that; and 7.41 caused the server to return binary "garbage" instead of HTML text, and I have no idea what's going on there).
When manually updating to a newer minor version (e.g. 7.22 to 7.41) be sure to run "update.php" to update the database. Also look for updates for the installed non-Drupal-Core-modules in the modules directory and themes in the themes directory.
For Drupal maintenance I highly recommend using drush. You can run "drush up" to update the drupal core and modules. See http://drushcommands.com/drush-7x/pm/pm-update/ for more information about this.
-
- Site Admin
- Posts: 6323
- Joined: Jul 05, 2005 17:32
- Location: Manchester, Lancs
Re: WHO managed to take the WEB-Site down?
While Drupal is down, would it make sense to redirect freebasic.net/ to the forum? Not ideal, but it's probably where people go most of the time anyway.
Re: WHO managed to take the WEB-Site down?
Yes but from forum, there is no link to access wiki!
-
- Site Admin
- Posts: 6323
- Joined: Jul 05, 2005 17:32
- Location: Manchester, Lancs
Re: WHO managed to take the WEB-Site down?
No official link, you mean. I imagine that's probably something that could be done as well though.
Re: WHO managed to take the WEB-Site down?
Yes, only link for example at page Documentation / FreeBASIC Online Documentation - Wiki
Re: WHO managed to take the WEB-Site down?
Would it be that hard to put a static HTML page there with the FreeBasic logo and links to the sourceforge, the forum, the wiki, github and maybe some others I've missed?
-
- Site Admin
- Posts: 6323
- Joined: Jul 05, 2005 17:32
- Location: Manchester, Lancs
Re: WHO managed to take the WEB-Site down?
It's probably easier to put links in the forum header than to create a reasonably professional looking static page.
Re: WHO managed to take the WEB-Site down?
By the way, I've put a static index.html there for now. That's the best I could do this week...
Re: WHO managed to take the WEB-Site down?
A hacker has added a link to a XXX picture with a link to ...:dkl wrote:By the way, I've put a static index.html there for now. That's the best I could do this week...
The link http://www.freebasic.net/index.html is OK but not the link http://www.freebasic.net/ (or http://www.freebasic.net/index.php).