Firefox marked the forum as an "Attack site" [RESOLVED]

Status
Not open for further replies.
I was on the site early, and when I changed pages, Chrome gave me the warning BUT:

So I went to do a full scan of my system. AVG was DEAD. I went to reload it. FAILED
I did some searching for anything changed this morning, including a scan of the registry, and did not find anything unexpected. I did a power off (not a shutdown) rebooted and AVG ran again. I don't have a warm and fuzzy.

We had a fine family dinner in celebration of the holidays and now things seem fine.
 
I don't know if it is possible, but it could be informative if the system admn could ask Chrome or Mozilla what they saw that caused the alert. My symptoms suggest something was wrong but in-memory. That my AVG was inactive is a really bad warning as much of the modern malware does this behavior. I wish I had enough horsepower to stand up a VM or two so I could dig further with minimal risk, but alas, civil servant pay precludes a new computer this year.
 
Switches things on and off again
Joined 2000
Paid Member
The warning is now gone from Google Webmaster Tools, and that should follow through to all browsers that rely on that system for their malware warnings.

I don't know if it is possible, but it could be informative if the system admn could ask Chrome or Mozilla what they saw that caused the alert.

The details are listed in this post if you want to go chasing the bad guys, but those domains were likely just attack vectors (compromised servers which have been taken over).

In future if anyone ever sees this kind of warning on any website, I would advise that unless you are confident in your browser's ability to keep your system secure using its sandbox you don't ignore the warning and you don't proceed ahead into the danger zone. It's a very good system Google has got going, and this alerted us to the problem within hours of it occurring. If you ever see this on diyAudio again in the future, I'd suggest just coming back in 24 hours - we'll have likely resolved any issues by then.
 
Switches things on and off again
Joined 2000
Paid Member
My FF email 'new post' notification - opened just now warns that FoMoCo's above post MAY contain malware!

Yes - guys, please don't post links (especially live links) to malware sites - it could result in us getting flagged as having dodgy links again in browsers and black listed with email servers. The post containing the live links has been deleted (yes, they were being routed via Google's system but still as you can see - they are triggering warnings in people's email clients). If you are going to post a link, ensure it's plain text and broken up somehow so it won't flag any filters.
 
Last edited:
Yes - guys, please don't post links (especially live links) to malware sites - it could result in us getting flagged as having dodgy links again in browsers and black listed with email servers.

Hey, there were no links on malware there! :)
There were domain names only in the text, links themselves were leading to "safebrowse" page. You overreacted. :D
 
Switches things on and off again
Joined 2000
Paid Member
Hey, there were no links on malware there! :)
There were domain names only in the text, links themselves were leading to "safebrowse" page. You overreacted. :D

Hi :) Yes, you are totally correct. That said, as Brianco mentioned, that was enough to cause his email client to report it and potentially as the link text itself didn't have any mention of safebrowse, cause problems for other "touchy" systems (either email or web page scanning systems) and cause us more headaches.

As we have a policy of not editing anyone's posts, ever, I was only left with deletion as an option.
 
Switches things on and off again
Joined 2000
Paid Member
If you want to browse through the links, you can use this as a start point:

Google Safe Browsing diagnostic page for www.diyaudio.com

Weird. Was working ok for me just a little while ago, now the warning's back.

se

I'd guess whatever databases your browser is connecting to is a bit laggy. Give it another 24 hours. GWT is telling me everything is resolved (even GWT itself has proven to be laggy - there are numerous databases all around the web that talk to each other once in a while in regards to these domain lists).
 
Status
Not open for further replies.