Has the HSQB Main Page been compromised?
Has the HSQB Main Page been compromised?
For the past few days, when I visit the main hsquizbowl.org page, my virus scanner pops up saying that it has blocked several scripts from executing, among them JS/Downloader-AUD from hsquizbowl.org. It also attemps to connect to mymoonsite.net (NOTE: DON'T VISIT!), which contains several browser exploits (VBS/Psyme, Exploit-CVE2006-3730, etc.). Is this just me, or are other people experiencing the same problem as well?
Dennis Sun
Shanghai American School '06
Harvard '10
Stanford '15
Shanghai American School '06
Harvard '10
Stanford '15
I noticed that FireFox tried to call on mymoonsite.net as well for some reason when I loaded the main page. I've let Byko know about it and we should have something worked out soon.
Fred Morlan
University of Kentucky CoP, 2017
International Quiz Bowl Tournaments, CEO, co-owner
former PACE member, president, etc.
former hsqbrank manager, former NAQT writer & subject editor, former hsqb Administrator/Chief Administrator
University of Kentucky CoP, 2017
International Quiz Bowl Tournaments, CEO, co-owner
former PACE member, president, etc.
former hsqbrank manager, former NAQT writer & subject editor, former hsqb Administrator/Chief Administrator
The main hsquizbowl.org page has been fixed. It appears that other pages are compromised as well (based on the modify dates of the files), but the entire message board has not been.
I don't understand what is happening. The permissions on all of the files are set to owner being the only one to have write permissions on them. They are exactly the same as I have on aiquizbowl.com, and nothing like this has ever happened there before.
Matt, if you have backup copies of the root level files for hsquizbowl.org, either send them to me and I will update them tomorrow morning, or just ftp them over the current files. Again, this is just the root level items on hsquizbowl.org, such as the very old tournament results and other random files that you've put there.
If anyone has an insight as to what could be causing this, I'd be very interested to hear from you.
I don't understand what is happening. The permissions on all of the files are set to owner being the only one to have write permissions on them. They are exactly the same as I have on aiquizbowl.com, and nothing like this has ever happened there before.
Matt, if you have backup copies of the root level files for hsquizbowl.org, either send them to me and I will update them tomorrow morning, or just ftp them over the current files. Again, this is just the root level items on hsquizbowl.org, such as the very old tournament results and other random files that you've put there.
If anyone has an insight as to what could be causing this, I'd be very interested to hear from you.
Dave Bykowski
Furman '00
Michigan '02
PACE 1998-2009
Director, JROTC National Academic Bowl Championship
Furman '00
Michigan '02
PACE 1998-2009
Director, JROTC National Academic Bowl Championship
-
Matt Weiner
- Sin
- Posts: 8148
- Joined: Fri Apr 11, 2003 8:34 pm
- Location: Richmond, VA
Several files need to still be fixed:Matt Weiner wrote:Should be fixed now, mail me and Dave if something pops up again in the future.
- Anything in the schedule folder (these are all very old tournament results)
- The following html files at the root level:
404.html
fall-schedule.html
generation.htm
info.html
lies.htm
vcuqb.html
viewall.html
viewtourneys.html
Everything else appears to be fine. I am again locking things down to help prevent this, so e-mail us if things don't work, as permissions may have been locked down too tightly.
Dave Bykowski
Furman '00
Michigan '02
PACE 1998-2009
Director, JROTC National Academic Bowl Championship
Furman '00
Michigan '02
PACE 1998-2009
Director, JROTC National Academic Bowl Championship
Cannot access VCU hosted ACF Fall 07 results due to permissions.
Fred Morlan
University of Kentucky CoP, 2017
International Quiz Bowl Tournaments, CEO, co-owner
former PACE member, president, etc.
former hsqbrank manager, former NAQT writer & subject editor, former hsqb Administrator/Chief Administrator
University of Kentucky CoP, 2017
International Quiz Bowl Tournaments, CEO, co-owner
former PACE member, president, etc.
former hsqbrank manager, former NAQT writer & subject editor, former hsqb Administrator/Chief Administrator
Try it now.leftsaidfred wrote:Cannot access VCU hosted ACF Fall 07 results due to permissions.
I'm running into a problem--things have to be open enough for people to be able to see them, but it seems that those same permissions are allowing some script to insert links and scripts to random spam sites into files. I'm doing the best I can, and again, I'd rather have too much security than not enough.
Dave Bykowski
Furman '00
Michigan '02
PACE 1998-2009
Director, JROTC National Academic Bowl Championship
Furman '00
Michigan '02
PACE 1998-2009
Director, JROTC National Academic Bowl Championship
Everything works fine now.
A couple of ideas - check to make sure our FTP is secure, and also if we're hosted on a Windows platform ask if they're patched fully to date.
A couple of ideas - check to make sure our FTP is secure, and also if we're hosted on a Windows platform ask if they're patched fully to date.
Fred Morlan
University of Kentucky CoP, 2017
International Quiz Bowl Tournaments, CEO, co-owner
former PACE member, president, etc.
former hsqbrank manager, former NAQT writer & subject editor, former hsqb Administrator/Chief Administrator
University of Kentucky CoP, 2017
International Quiz Bowl Tournaments, CEO, co-owner
former PACE member, president, etc.
former hsqbrank manager, former NAQT writer & subject editor, former hsqb Administrator/Chief Administrator
Actually, we should be on the same Linux server that the Academic Initiative site is currently on. That's why this bugs me, as I haven't faced anything like this.leftsaidfred wrote:Everything works fine now.
A couple of ideas - check to make sure our FTP is secure, and also if we're hosted on a Windows platform ask if they're patched fully to date.