|
Guest
|
WARNING: Pano Salado site virus infected.
Posted: 15 May 2010 at 22:28 GMT
updated: 14 Mar 2011 at 16:13 GMT
|
|
Please stay away from Pano Salado (panosalado.com) until it has been declared safe.
It has been reported as infected with a trojan and a redirection to a malicious site.
This last happened a week ago, and also back then, the only comment from the administration was that "all looked good"... while it was still infected.
This time there is no word or warning from the administration... and people's computers can and will be infected if poorly protected.
Therefore you should stay away until it's been confirmed as clean. Based on the previous response from the site admin, I would recommend people to wait for a "safe to visit" reports from users that are not associated with the site, and that have already confirmed the problem being real enough.
|
|
|
|
Peter Patricelli
Posts: 154
Location: Eugene, OR, United States
Registered: 20 Dec 2006
|
Re: WARNING: Pano Salado site virus infected.
Posted: 15 May 2010 at 23:45 GMT
updated: 15 May 2010 at 23:46 GMT
|
|
Just wondering....if someone wanted to hurt or re-direct business away from an on-line site that might be a competitor...wouldn't this be a bang up way of doing so? I mean, "administrators say it is OK but it is not", "wait for (unknown and unidentified) users" to give the "all-OK" sign. Where would those unidentified users do so that anyone on this site would see it?
The internet is such a huge unregulated mass of dirty tricks and hi-jinks, stuff such as above happens all the time. It would be brilliant. You don't have to write and loose a virus...you just need to convince someone to pass along the rumor that there is a virus on a certain site. And the only sure way of checking out the validity of the rumor would be....?? And the legal recourse for people whose business is hurt by such a rumor would be...??
I am sure Trausti is not doing anything malicious, but for all the reasons above I think one needs to be absolutely clear, transparent and documented about one's source and reliability of information on such issues before passing them along.
Peter Patricelli
|
|
alert moderator
|
|
DennisS
Posts: 1292
Location: Los Anglels, United States
Registered: 1 Sep 2007
|
Re: WARNING: Pano Salado site virus infected.
Posted: 16 May 2010 at 0:19 GMT
updated: 16 May 2010 at 0:30 GMT
|
|
I just tried it on another computer I have. Symantech End Point protection blocked the communication from the web site. I don't need any more confirmation that the web site has issues, either malicious or otherwise.
Trausti, thank you for the very legitimate warning.
Please, do not try this at home. Without proper protection, you might need help reinstalling Windows.
|
|
alert moderator
|
|
|
Guest
|
Re: WARNING: Pano Salado site virus infected.
Posted: 16 May 2010 at 0:48 GMT
updated: 14 Mar 2011 at 16:13 GMT
|
|
Yes, I guess it would be a good way to be malicious.
Here is the proof: tech.groups.yahoo.com/group/PanoToolsNG/message/4...
I took the time back then, to write Patrick a friendly email, recommending him to have this fixed asap. I did not even get a "thank you for letting me know" or anything. The only response from him, was to say that all looked ok. Even after it was pointed out that things were NOT ok, there was no further response from him, no admittance, no warning, no apology (as one would automatically offer to those who had been affected, even if the fault is not one's own).
When the administration of a site that people here may be visiting does not take care of SERIOUS things such as virus infections, then it is only reasonable that others will do their best to prevent others from getting themselves into trouble.
I would expect professionals to handle things professionally. Last week when the same problem was on their site, it was absolutely not handled in a professional way.
12 hours passed from the first report on NGpanotools
panotoolsng.586017.n4.nabble.com/Ongoing-problems...
until I posted here. That should have been time enough for others to make this known in this community. There is seemingly "something" going on over at panosalado, but no warning, no response to reports... nada. I am not interested in people getting infected, even if it is from what most people would consider being my "competition". For what it's worth, I consider them colleagues, and have no problem directing enquiring newbies who want something for free, to their site. But I will not direct anyone to a site I know to be infected and a potential threat to others. Neither will I just keep my fingers taped and tell no one about it.
Too many people never speak out. And then there are those like me, who will speak out, even when it may be less than "welcome" by many.
If the administration of panosalado did take their responsibilities seriously, they would not come out stating that all was ok, before having a confirmation from those who had confirmed the problem. And furthermore, they would come out publicly and be open about the situation, in order to PREVENT anyone to get their computers harmed during this period. That their site has gotten virus, is absolutely not their fault, as far as I know, both of them (Patrick and Zephyr) use Mac's, so the virus would not have come that way... but once the virus is there (no matter HOW it got there), it becomes their responsibility to prevent further damage.
They don't. So I try to prevent anyone to get hurt. And by doing so, I am not trying to cause any damage to panosalado.
I could of course just shut up about it, but that could do more harm than not to unprotected visitors to the site.
If the administration did their job properly, I would not have to say a word.
|
|
|
|
Ken Warner
Posts: 821
Location: Mammoth Lakes, United States
Registered: 14 Aug 2004
|
Re: WARNING: Pano Salado site virus infected.
Posted: 16 May 2010 at 0:51 GMT
updated: 16 May 2010 at 0:53 GMT
|
|
Peter Patricelli said: Just wondering....if someone wanted to hurt or re-direct business away from an on-line site that might be a competitor...wouldn't this be a bang up way of doing so?
Peter Patricelli
I was one of the first to get bit by this problem. If you are skeptical remove all cookies from your browser and try it.
And good luck.
|
|
alert moderator
|
|
DennisS
Posts: 1292
Location: Los Anglels, United States
Registered: 1 Sep 2007
|
Re: WARNING: Pano Salado site virus infected.
Posted: 16 May 2010 at 1:06 GMT
|
|
My old ISP shut down my web site due to a virus on it. This was before I had a strong password on the admin account. I have since switched ISP's (more reliable), disabeled the admin account and have a very strong log in name and password. No more attacks.
Getting my web site back on line was no easy task.
If the admins do not want to admit they have a problem, maybe they are in on it.
I was getting warnings about infected cookies recieved from KenRockwell.com. I identified the problem, contacted Ken, he confirmed it and quickly removed the banner ad that was causing the problem. It was not Ken's fault, but the fault of the banner ad. You gotta either love or hate Ken, but at least he took very quick action when a virus was brought to his attention.
|
|
alert moderator
|
|
|
Guest
|
Re: WARNING: Pano Salado site virus infected.
Posted: 16 May 2010 at 7:52 GMT
updated: 14 Mar 2011 at 16:13 GMT
|
|
Still infected and still available for visitors to visit and infect their machines, and still no warning or word from the admin, except for the site "having a hair cut".
Is this what is called having a "bad hair day" ?
|
|
|
|
Peter Stark
Posts: 389
Location: Glasgow, United Kingdom
Registered: 12 Sep 2007
|
Re: WARNING: Pano Salado site virus infected.
Posted: 16 May 2010 at 8:51 GMT
|
|
A good wake up call for anyone with a web site! Really, you may think "who would want to"? but they do and it would surprise you the amount of scams that can be running without you knowing. Now that I think of it, I am due a check of my own sites. 
|
|
alert moderator
|
|
Sam Rohn
Posts: 267
Location: Brooklyn, New York, United States
Registered: 5 Mar 2008
|
Re: WARNING: Pano Salado site virus infected.
Posted: 16 May 2010 at 10:25 GMT
|
|
there seem to be a few different attacks, zettapetta, holasionweb , corpadsinc, etc on php based sites like wordpress etc the last few weeks, across several different hosts, network solutions, godaddy, etc -wp blamed it on server configuration, and it seems to be infecting most other apps like joomla as well
blog.sucuri.net/2010/04/network-solutions-hacked-...
www.zdnet.com/blog/security/wordpress-blogs-hacke...
wordpress.org/development/2010/04/file-permission...
i run a few wordpress sites myself, no probs so far, but one there is no way to ever be fully secure other than to have a backup of all your files and DB, which basically amounts to backing up a few text files
sam
|
|
alert moderator
|
|
Terry Montague
Posts: 342
Location: Boise Idaho, United States
Registered: 31 Oct 2008
|
Re: WARNING: Pano Salado site virus infected.
Posted: 16 May 2010 at 14:40 GMT
updated: 16 May 2010 at 14:46 GMT
|
|
I had a site (regaltips.com) go down because of an attack, and my ISP recently reset all database passwords due to a serious attack a while back. If you have media temple you know what I am talking about. I believe it is the same one Sam is referring to.
I didn't have my other site backed up but once it happened, but once it did I secured my others. For those of you using Joomla I suggestion something like www.securelive.net/. When you are in the position like I am rebuilding an entire site is simply not possible when you are busy with other projects.
I hope pano salado is not in the same position... It's enough to make a person sick.
|
|
alert moderator
|
|
DennisS
Posts: 1292
Location: Los Anglels, United States
Registered: 1 Sep 2007
|
Re: WARNING: Pano Salado site virus infected.
Posted: 16 May 2010 at 19:17 GMT
|
|
|
I build my web site on my computer first, test it, then upload to my ISP. If anything happens to the on line version, I simply re load the entire site. It has happened once before. My site got attacked and all .html code got deleted. Strong user names and strong passwords help keep simple attacks out.
|
|
alert moderator
|
|
Sam Rohn
Posts: 267
Location: Brooklyn, New York, United States
Registered: 5 Mar 2008
|
Re: WARNING: Pano Salado site virus infected.
Posted: 17 May 2010 at 1:11 GMT
updated: 17 May 2010 at 1:13 GMT
|
|
the important thing with a dynamic php/sql driven site like wordpress or joomla is backing up the database, which is not just a text file that can be dragged and dropped via ftp, but wp and others have a simple backup export/import thing, or one could use phpmyadmin for db backups, and there are ways to do it automatically via cron, etc
terry, sorry about reagaltips, any idea when it might be back up or is the db hosed ?
sam
|
|
alert moderator
|
|
|
Guest
|
Re: WARNING: Pano Salado site virus infected.
Posted: 17 May 2010 at 2:40 GMT
updated: 14 Mar 2011 at 16:13 GMT
|
|
|
Still infected.
|
|
|
|
Sam Rohn
Posts: 267
Location: Brooklyn, New York, United States
Registered: 5 Mar 2008
|
|
|
Guest
|
Re: WARNING: Pano Salado site virus infected.
Posted: 17 May 2010 at 5:27 GMT
updated: 14 Mar 2011 at 16:13 GMT
|
|
Maybe you are infected... or badly protected... or using a Mac and therefore free from the crap?
Here a little screen grab I did just now. To begin with I clean out the cache... and there it is:
flashificator.com/1/Diverse/panosaladoinfected/pa...
The site in the current form is still infectious. The domain should be disabled until it has been cleaned well enough to be put up again without the ability to harm visitors.
I have had the same bad experience with one of my own domains in the past. After my initial attempt to clean the site failed, I simply pulled it offline, and once I had a clean install, I activated it again. That is the only logical thing to do. Having a hair cut with infection is worse than having nothing at all.
|
|
|
|
back to threads list |
this thread is closed
Prev
