READ THIS NOW: Freaks has been hacked!

emuler

Level: Raving Lunatic

Joined: Wed. Feb 7, 2007

Posts: 2348 View posts

Location: New Delhi, India

#2

Posted by emuler: Wed. Dec 31, 2008 - 01:05 PM

If you are using Firefox as your browser, get the addons NoScript and AdBlock Plus. :D You can allow avrfreaks.net in NoScript settings,but nothing else on this page.

Er.. shouldn't this be in the site related section of the forum?
https://www.avrfreaks.net/index.p...

If you think education is expensive, try ignorance.

Tuomas

Level: Hangaround

Joined: Wed. May 23, 2007

Posts: 126 View posts

Location: Helsinki, Finland

#3

Posted by Tuomas: Wed. Dec 31, 2008 - 01:10 PM

Thanks, I added these to the list of blocked domains in my router configuration (except localhost :wink: ).

smileymicros

Level: Raving Lunatic

Joined: Wed. Nov 17, 2004

Posts: 6275 View posts

Location: Great Smokey Mountains.

#4

Posted by smileymicros: Wed. Dec 31, 2008 - 04:36 PM

? I only have the local host on mine.

Smiley

AtomicZombie

Level: Posting Freak

Joined: Tue. Feb 13, 2007

Posts: 1595 View posts

Location: Kakabeka Falls, Ontario

#5

Posted by AtomicZombie: Wed. Dec 31, 2008 - 04:41 PM

It's always sad when those who once sold amway or vacuum cleaners door to door learn enough about puters to become spammers. It's amazing how much work these low lifes will do to avoid working for a living.

Brad

No Fate But What We Make!

EW

Level: Raving Lunatic

Joined: Thu. Mar 1, 2001

Posts: 4914 View posts

Location: Rocky Mountains

#6

Posted by EW: Wed. Dec 31, 2008 - 05:17 PM

AtomicZombie wrote:

It's always sad when those who once sold amway or vacuum cleaners door to door learn enough about puters to become spammers. It's amazing how much work these low lifes will do to avoid working for a living.

Brad

:?:

Russians sold Amway products? Russians sold vacuum cleaners door to door?

Eric Weddington
www.linkedin.com/in/ericweddington/

clawson

Level: Moderator

Joined: Mon. Jul 18, 2005

Posts: 104934 View posts

Location: (using avr-gcc in) Finchingfield, Essex, England

#7

Posted by clawson: Wed. Dec 31, 2008 - 05:51 PM

smileymicros wrote:

? I only have the local host on mine.

Smiley

The idea is that you add those additional lines I show above below the localhost line. The effect of this is that when the browser triesd to make a DNS resolution for trafficshop.biz or whatever it will first look in "hosts". Resolve it to be 127.x.x.x and make an HTTP request back to your own machine (which almost certainly isn't running an HTTP server) so nothing gets reported to trafficshop.biz and nothing nefarious is fetched back - in effect it makes it impossible to access those sites just as you now won't be able to access them by typing the address into the address bar of the browser either

Cliff

Last Edited: Wed. Dec 31, 2008 - 06:08 PM

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#8

Posted by The_village_idiot: Wed. Dec 31, 2008 - 06:07 PM

I have a feeling that this is an Internet Exploder exploit as I use Firefox and this is not shown in my hosts file. Just for fun I typed one of the addresses into a browser window and the page loads with cyrilic characters on the screen.

If it is an IE only exploit it just drives home the reason I changed years ago, was catching too many things from IE.

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#9

Posted by The_village_idiot: Wed. Dec 31, 2008 - 06:39 PM

There sure are a lot of .ru addresses flashing across the bottom of my browser though. Makes you wonder what they are trying to steal.

js

Level: Moderator

Joined: Wed. Mar 28, 2001

Posts: 31274 View posts

Location: Sydney, Australia (Gum trees, Koalas and Kangaroos, No Edelweis, but plenty of Corona beer)

#10

Posted by js: Wed. Dec 31, 2008 - 10:07 PM

So what happens if they find out and change their IP address? I haven't seen anything poppping up as I have popups blocked.

John Samperi

Ampertronics Pty. Ltd.

https://www.ampertronics.com.au

* Electronic Design * Custom Products * Contract Assembly

smileymicros

Level: Raving Lunatic

Joined: Wed. Nov 17, 2004

Posts: 6275 View posts

Location: Great Smokey Mountains.

#11

Posted by smileymicros: Wed. Dec 31, 2008 - 10:52 PM

clawson wrote:

smileymicros wrote:
? I only have the local host on mine.

Smiley

The idea is that you add those additional lines I show above below the localhost line. The effect of this is that when the browser triesd to make a DNS resolution for trafficshop.biz or whatever it will first look in "hosts". Resolve it to be 127.x.x.x and make an HTTP request back to your own machine (which almost certainly isn't running an HTTP server) so nothing gets reported to trafficshop.biz and nothing nefarious is fetched back - in effect it makes it impossible to access those sites just as you now won't be able to access them by typing the address into the address bar of the browser either

Cliff

Being a Borg, I have a subscription to Microsoft Window Live OneCare that is supposed to block this kind of stuff. I also have various firewalls enabled on my computer and the home network. I really don't want to learn any more about this, but...

Do I still need to worry?

Smiley

emuler

Level: Raving Lunatic

Joined: Wed. Feb 7, 2007

Posts: 2348 View posts

Location: New Delhi, India

#12

Posted by emuler: Wed. Dec 31, 2008 - 11:00 PM

Firewalls won't protect you from this - you have to allow browsers to connect to the internet, or they won't work at all.

Securing your browser is the first line of defense. Anti virus and anti spyware apps will catch the rest,but if the browser is secure these things won't get into your system in the first place.

If you think education is expensive, try ignorance.

criznach

Level: New Member

Joined: Thu. Nov 6, 2008

Posts: 19 View posts

#13

Posted by criznach: Wed. Dec 31, 2008 - 11:14 PM

I'm a PHP developer in my real job. If they really are using a php exploit, it means that they are potentially running whatever code they want on the avrfreaks.net server. :( They likely gained access by way of a weakness in PHP itself, or one of the applications used to build the site. This means they may have access to hashed passwords, messages, and other things stored in the databases associated with this site. If they're running code on the server, client side antivirus or anti-malware won't even see it.

From what I can see, they are injecting obfuscated javascript into every page that loads a few other scripts, which in turn pings several servers. If you want to look at the code, it's injected as several script blocks and an iframe just above the login block in the left sidebar. Firebug will show you the decoded scripts. It looks fairly harmless from our end, but who knows what they're up to. There are various vulnerabilities that they could be using to try to infect users of old browsers.

My recommendation is to at least add the suggested lines to your hosts file. That prevents the rogue javascript from being fetched. Changing your password after the exploit is removed would be a good idea. If you use your avrfreaks.net password on other sites, I'd suggest changing it everywhere else.

criznach

Level: New Member

Joined: Thu. Nov 6, 2008

Posts: 19 View posts

#14

Posted by criznach: Wed. Dec 31, 2008 - 11:25 PM

A quick search turns up several SQL injection exploits for the PNphpBB2 module used here. They don't involve running any PHP code on the server. But they could allow someone to insert javascript code into regions of the site by altering the tables containing the content. Hopefully that's the case rather than a true PHP-based vulnerability.

kpschoedel

Level: Hangaround

Joined: Mon. Jun 30, 2008

Posts: 116 View posts

Location: Waterloo, Ontario, Canada

#15

Posted by kpschoedel: Thu. Jan 1, 2009 - 05:27 PM

Unix / Linux / OS X users can block this without editing /etc/hosts by running:

sudo ipfw add deny from any to go.richtraffic.ru,www.mob-marketing.ru,trafficshop.biz

(Edit: This should be a single line, not broken at the dash)

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#16

Posted by The_village_idiot: Thu. Jan 1, 2009 - 06:38 PM

There is at least one other URL that flashes by, but I haven't been able to grab enough of it to block it. Anyone know what it is?

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#17

Posted by The_village_idiot: Thu. Jan 1, 2009 - 08:31 PM

dsp-5 something

also
disp-2.richtraffic.ru
disp-3.richtraffic.ru
disp-4.richtraffic.ru

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#18

Posted by The_village_idiot: Thu. Jan 1, 2009 - 08:39 PM

Is there a way to block all .ru domains with the host file? At least just for a little while?

bluelip

Level: Hangaround

Joined: Thu. Mar 16, 2006

Posts: 104 View posts

Location: South Jersey

#19

Posted by bluelip: Thu. Jan 1, 2009 - 09:41 PM

The_village_idiot wrote:

Is there a way to block all .ru domains with the host file? At least just for a little while?

The hosts file won't work.

Here are some options:
If you can control the DNS server you use, create a zone for .ru and dump the requests.

Create a WPAD file for your browser. It basically tells the browser how to access a site. (Either a proxy or directly) Have the WPAD file point to a localnet IP for the proxy server when attempting to to visit a *.ru site

If you control a proxy server, dump requests for *.ru.

If the server is actually located in Russia, route the IPs for that .cc to a bogus IP. These addresses for these networks can be looked up online.

Best Wishes,
Mike

Edit was to clean up brain fart. zone -> hosts in first line.

Mike Coles http://blips.net
'bluelip' http://diyaday.com

Last Edited: Thu. Jan 1, 2009 - 09:48 PM

bluelip

Level: Hangaround

Joined: Thu. Mar 16, 2006

Posts: 104 View posts

Location: South Jersey

#20

Posted by bluelip: Thu. Jan 1, 2009 - 09:46 PM

The WPAD file should look like this:

function FindProxyForURL(url, host)
{
if (host.indexOf('.ru') != -1) return "PROXY 127.0.0.2:3128";

return "DIRECT";
}

Save the file as wpad-block-ru.txt or whatever you'd like someplace convenient. In the browser settings, change the entry for "Automatic Proxy Configuration Script" (or similar) to point to your new file.

The file may need to be tuned as I didn't try it out.

Mike Coles http://blips.net
'bluelip' http://diyaday.com

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#21

Posted by The_village_idiot: Thu. Jan 1, 2009 - 09:51 PM

Might be time to upgrade to a newer Firefox, I think some of this blocking may be built in, I'll have to fire up a different computer and check it.

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#22

Posted by The_village_idiot: Thu. Jan 1, 2009 - 09:52 PM

Also they seem to be looking at this thread and adapting the urls so dumping all of .ru might be a good idea for a while (at least until the change).

JohanEkdahl

Level: 10k+ Postman

Joined: Wed. Mar 27, 2002

Posts: 26945 View posts

Location: Lund, Sweden

#23

Posted by JohanEkdahl: Thu. Jan 1, 2009 - 09:58 PM

Quote:

Might be time to upgrade to a newer Firefox

As emuler has posted above you should

Quote:

get the addons NoScript and AdBlock Plus

I have FireFox 3.0.5 (ie very new) on my new machine but had missed those and was hit by the script. IE. a new FireFox only will not protect you in this respect.

You will notice that the posting editor of AVRfreaks stops working when scripts are turned off/refused. Personally I allow scripts while editing a post only.

As of January 15, 2018, Site fix-up work has begun! Now do your part and report any bugs or deficiencies here.

No guarantees, but if we don't report problems they won't get much of a chance to be fixed! Details/discussions at link given just above.

"Some questions have no answers."[C Baird] "There comes a point where the spoon-feeding has to stop and the independent thinking has to start." [C Lawson] "There are always ways to disagree, without being disagreeable."[E Weddington] "Words represent concepts. Use the wrong words, communicate the wrong concept." [J Morin] "Persistence only goes so far if you set yourself up for failure." [Kartman]

bluelip

Level: Hangaround

Joined: Thu. Mar 16, 2006

Posts: 104 View posts

Location: South Jersey

#24

Posted by bluelip: Thu. Jan 1, 2009 - 09:59 PM

The_village_idiot wrote:

Might be time to upgrade to a newer Firefox, I think some of this blocking may be built in, I'll have to fire up a different computer and check it.

I didn't see anything in the about:config URL (using 3.0.4), but it looks like the add-ons LeechBlock and Blocksite can be used to block *.ru websites.

Mike Coles http://blips.net
'bluelip' http://diyaday.com

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#25

Posted by The_village_idiot: Thu. Jan 1, 2009 - 10:27 PM

Blocksite addon for Firefox seems to do the trick. I added http://*.ru to the blacklist on firefox 3.x and an info bar pops up that says something was blocked. I put an older version on this computer for the older version of FF but it is not giving me the warning, I think it is working though. Someone tell me when the issue is fixed so that I can stop blocking all .ru sites.

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#26

Posted by The_village_idiot: Thu. Jan 1, 2009 - 10:31 PM

Siteblock doesn't work on my older version and not sure I want to log in on the other computer, but it definiately seems to work on that machine.

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#27

Posted by The_village_idiot: Thu. Jan 1, 2009 - 10:48 PM

Siteblock works on FF 2.x too, won't even let you search google for .ru sites for a check!

bluelip

Level: Hangaround

Joined: Thu. Mar 16, 2006

Posts: 104 View posts

Location: South Jersey

#28

Posted by bluelip: Thu. Jan 1, 2009 - 10:58 PM

The_village_idiot wrote:

Siteblock works on FF 2.x too, won't even let you search google for .ru sites for a check!

Must be running a regex on the full string instead of just the hostname part.

Mike Coles http://blips.net
'bluelip' http://diyaday.com

bluelip

Level: Hangaround

Joined: Thu. Mar 16, 2006

Posts: 104 View posts

Location: South Jersey

#29

Posted by bluelip: Thu. Jan 1, 2009 - 10:59 PM

The_village_idiot wrote:

Siteblock works on FF 2.x too, won't even let you search google for .ru sites for a check!

How about www.rubberducky.com or www.runnersworld.com?

--
Mike

Mike Coles http://blips.net
'bluelip' http://diyaday.com

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#30

Posted by The_village_idiot: Thu. Jan 1, 2009 - 11:18 PM

Both are completely blocked, but you could white list them to see them (I assume).

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#31

Posted by The_village_idiot: Fri. Jan 2, 2009 - 12:20 AM

You can not mix whitelist and blacklist entries, so the blocking would need to be more specific to open those sites.

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#32

Posted by The_village_idiot: Fri. Jan 2, 2009 - 01:46 AM

http://*.*.ru works and allows other sites to work too.

emuler

Level: Raving Lunatic

Joined: Wed. Feb 7, 2007

Posts: 2348 View posts

Location: New Delhi, India

#33

Posted by emuler: Fri. Jan 2, 2009 - 03:36 AM

Quote:

You will notice that the posting editor of AVRfreaks stops working when scripts are turned off/refused. Personally I allow scripts while editing a post only.

Click the NoScript icon at the bottom right of the window and allow avrfreaks.net (temporarily allow it if you prefer). Do not use the option 'allow everything on this page' as that will leave you unprotected by NoScript.

If you think education is expensive, try ignorance.

clawson

Level: Moderator

Joined: Mon. Jul 18, 2005

Posts: 104934 View posts

Location: (using avr-gcc in) Finchingfield, Essex, England

#34

Posted by clawson: Fri. Jan 2, 2009 - 02:43 PM

I'm now back in England and using my regular work laptop on which I haven't yet edited the hosts file (in fact I came to read this thread to remind me what to block). So far, ouch wood, I'm not seeing it making any of the rogue requests so I'm guessing someone at fort Atmel has done something to stop this. (page loads times also seem increased which is often a sign that they've enabled further checking on the server).

Cliff

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#35

Posted by The_village_idiot: Fri. Jan 2, 2009 - 05:28 PM

Nope, still there. But it does look like they have cut back to only a single site instead of the three or four each time you loaded a page here.

Salgat

Level: Hangaround

Joined: Sun. Oct 28, 2007

Posts: 201 View posts

Location: Southeastern Michigan, USA

#36

Posted by Salgat: Fri. Jan 2, 2009 - 07:09 PM

What exactly is it doing though?

http://salgat.blogspot.com/

JohanEkdahl

Level: 10k+ Postman

Joined: Wed. Mar 27, 2002

Posts: 26945 View posts

Location: Lund, Sweden

#37

Posted by JohanEkdahl: Fri. Jan 2, 2009 - 08:53 PM

Well, the freaks team seems to be working hard now...

As of January 15, 2018, Site fix-up work has begun! Now do your part and report any bugs or deficiencies here.

No guarantees, but if we don't report problems they won't get much of a chance to be fixed! Details/discussions at link given just above.

"Some questions have no answers."[C Baird] "There comes a point where the spoon-feeding has to stop and the independent thinking has to start." [C Lawson] "There are always ways to disagree, without being disagreeable."[E Weddington] "Words represent concepts. Use the wrong words, communicate the wrong concept." [J Morin] "Persistence only goes so far if you set yourself up for failure." [Kartman]

7hbg

Level: Rookie

Joined: Tue. Sep 5, 2006

Posts: 26 View posts

#38

Posted by 7hbg: Sat. Jan 3, 2009 - 12:25 AM

Here is what I see happening:

There is a code on each page that calls up a java script to collects your IP address and sends it to “g o . r i c h t r a f f i c . r u” and “t r a f f i c s h o p . b i z”, there they compile a list of unique addresses and pay a dollar for each thousand unique addresses to whoever set it up. They then turn around and sell it to anyone willing to pay for that kind of information.

Here is a clean session with one of those servers:

GET /tds.js HTTP/1.1
Accept: */*
Referer: https://www.avrfreaks.net/
Accept-Language: en-ca
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506)
Host: disp-4.richtraffic.ru
Connection: Keep-Alive

HTTP/1.1 200 OK
Server: nginx/0.5.34
Date: Fri, 02 Jan 2009 23:54:45 GMT
Content-Type: application/x-javascript
Content-Length: 454
Last-Modified: Tue, 23 Dec 2008 10:01:05 GMT
Connection: keep-alive
Accept-Ranges: bytes

var html = '';
html += '';
html += '';
document.write(html);

document.write("");

Rob

Last Edited: Sat. Jan 3, 2009 - 01:16 AM

stevech

Level: Raving Lunatic

Joined: Tue. Dec 18, 2001

Posts: 6119 View posts

#39

Posted by stevech: Sat. Jan 3, 2009 - 12:39 AM

So
can we disable javascripts for all *.avrfreaks.net?
should we put the nefarious domain names in our hosts file and point it to nada?

7hbg

Level: Rookie

Joined: Tue. Sep 5, 2006

Posts: 26 View posts

#40

Posted by 7hbg: Sat. Jan 3, 2009 - 01:07 AM

I have tried it on my vista32 and it does not work for me here. Despite of the fact that I have the names pointed to 127.0.1.0 in my host file, my computer still connects to them. Moreover, I cannot find anywhere in vista where I could block IP addresses. Does anyone know?

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#41

Posted by The_village_idiot: Sun. Jan 4, 2009 - 07:39 PM

Well the site was down most of yesterday, but today I still see that something is being blocked, so I guess they didn't fix it yet.

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#42

Posted by The_village_idiot: Mon. Jan 5, 2009 - 01:44 AM

Turned Blocksite off for something and forgot to turn it back on before coming here... I'm seeing about 10 different .ru sites flashing past on each page load now.

stevech

Level: Raving Lunatic

Joined: Tue. Dec 18, 2001

Posts: 6119 View posts

#43

Posted by stevech: Mon. Jan 5, 2009 - 03:29 AM

It isn't right that avrfreaks.net's hosting service just leaves this invasion of privacy running for days and days.

Unacceptable.

criznach

Level: New Member

Joined: Thu. Nov 6, 2008

Posts: 19 View posts

#44

Posted by criznach: Mon. Jan 5, 2009 - 04:07 AM

I disagree about the hosting service. The only thing I've seen a hosting service do about a compromised site is shut it down if it's a threat to their network, or end user's privacy. It's typically the responsibility of the owner or contract developer to fix problems like this. Hosting nearly never includes software patches unless there's a maintenance contract attached.

7hbg

Level: Rookie

Joined: Tue. Sep 5, 2006

Posts: 26 View posts

#45

Posted by 7hbg: Mon. Jan 5, 2009 - 06:12 AM

I must admit, this may not be the best solution but it is a start.

When viewing any page on AVRFreaks we are downloading things from Russia that we don’t know why. Attachment 1 is a screen shot from my network monitor showing just one such visit. Notice 9 Russian and Latvian IP addresses, representing 16 sessions (I have seen as many as 19 IP addresses at one point). All this with my IE7 set to ‘Medium-high (default)’ security setting for internet zone. I’ve looked around, tried different things and found that by disabling the Active Scripting (see attachment 2) in my Security Settings for Internet Zone I totally eliminated download requests for all Russian and Latvian IP addresses (see attachment 3). I’m sure disabling the Active Scripting is not the answer, but it should cut down on false traffic and allow us to use AVRFreaks.
The effect of disabling the Active Scripting is that some things just won’t work as they should, certain pages won’t load, etc.

Rob

Attachment(s):

Attachment1.png

Attachment2.png

Attachment3.png

clawson

Level: Moderator

Joined: Mon. Jul 18, 2005

Posts: 104934 View posts

Location: (using avr-gcc in) Finchingfield, Essex, England

#46

Posted by clawson: Mon. Jan 5, 2009 - 10:21 AM

stevech wrote:

It isn't right that avrfreaks.net's hosting service just leaves this invasion of privacy running for days and days.

Unacceptable.

Exactly how much did you subscription cost you? As already noted - Atmel have been on holiday over Christmas and New Year.

Anyway as they are now back I'm going to take the "Announcement" status off this thread so it will break loose and eventually be lost in the void..

Cliff

tubecut

Level: Resident

Joined: Mon. May 27, 2002

Posts: 749 View posts

Location: Alabama USA

#47

Posted by tubecut: Tue. Jan 6, 2009 - 02:06 AM

Clawson:

Quote:

Exactly how much did you subscription cost you?

Not sure this is really the issue here. While the user forum as many others, get their revenue from advertising.
I would hope that the freaks web management could have a web site that is based on security for all users. With out the users, no organization is going spend funds on that site. However, I doubt that the site is going to lose many if any subscribers.

Since accessing the freaks web pages I just noticed that I get a warning (Firefox) that my access to my email (HORDE)
was not allowed because there was a redirect of page and not allowed. So, currently I can not look at my email because I am worried that if I 'allow' then the redirect will cause problems.

If the web site has been hacked, then I would expect some sort of official announcement from the folks who are holding the reins for the web site.

And I do purchase some AVR products from the advertisers on this web site.

In the mean time I will have to use a lot of time to see what the heck is going on with the redirection warning I am getting from the browser.

If there is any additional information that can shed some light on this, it will be greatly appreciated.

I'll believe corporations
are people when Texas executes one.

tubecut

Level: Resident

Joined: Mon. May 27, 2002

Posts: 749 View posts

Location: Alabama USA

#48

Posted by tubecut: Tue. Jan 6, 2009 - 03:43 AM

Well, I don't understand how you get to "hosts files" and I don't see any "site blocks" in either Fire Fox or no scripts?

I'll believe corporations
are people when Texas executes one.

The_village_idiot

Level: Hangaround

Joined: Mon. Sep 17, 2007

Posts: 303 View posts

Location: central New York

#49

Posted by The_village_idiot: Wed. Jan 7, 2009 - 02:37 AM

Not that it matters now, but BlockSite is an add on for Firefox. Click the tools tab, then scroll down to add ons and click. In the lower right corner of the menu will be a link to get extensions, click it and search for BlockSite or site blocker and it should get you there.

stevech

Level: Raving Lunatic

Joined: Tue. Dec 18, 2001

Posts: 6119 View posts

#50

Posted by stevech: Wed. Jan 7, 2009 - 03:31 AM

I'd like to punctuate this discussion with:

When/if the site is similarly hacked in the future, I would hope that the moderators can and do disable the site until admins can remove the malware from the server.

EW

Level: Raving Lunatic

Joined: Thu. Mar 1, 2001

Posts: 4914 View posts

Location: Rocky Mountains

#51

Posted by EW: Wed. Jan 7, 2009 - 03:46 AM

stevech wrote:

I'd like to punctuate this discussion with:

When/if the site is similarly hacked in the future, I would hope that the moderators can and do disable the site until admins can remove the malware from the server.

As stated before, the ability to disable the entire site is reserved to the administrators. All moderators can do is move/delete/delete individual posts and threads.

Eric Weddington
www.linkedin.com/in/ericweddington/

AVR Freaks