Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
fkelly
Former Moderator in Good Standing


Joined: Aug 30, 2005
Posts: 3312
Location: near Albany NY

PostPosted: Wed Dec 10, 2008 9:02 am Reply with quote

Running RN 2.3 on a Vista 64 box with Norton Antivirus 16.1.03 (the 64 bit version) and Firefox 3.0.4 I am getting a intrusion detection notice on /includes/fckeditor/editor/js/fckeditor_gecko.js. Norton says it matches a known virus pattern.

While this may be a false positive I think it may also cause problems because the js can't be executed properly. The risk name is HTTP Acrobat PDF Suspicious File Download.
 
View user's profile Send private message Visit poster's website
Guardian2003
Site Admin


Joined: Aug 28, 2003
Posts: 6792
Location: Ha Noi, Viet Nam

PostPosted: Wed Dec 10, 2008 9:20 am Reply with quote

I think the only way around that is to send Norton a copy of the file and ask them to fix their false positive.
 
View user's profile Send private message Send e-mail
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6383

PostPosted: Wed Dec 10, 2008 12:36 pm Reply with quote

There are many free alternatives to Norton...

...but, just to confirm, are you using Only registered users can see links on this board! Get registered or login! in your url? I saw some stuff on the FCKeditor.net forums about that.

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
fkelly
PostPosted: Wed Dec 10, 2008 1:42 pm Reply with quote

Actually there is a way to exclude the particular signature I listed earlier from being blocked through the AntiVirus settings. I just did that.

As to alternatives, I was using whatever it was that RoadRunner provides for free but that is not supported on a 64bit operating system that I have on my laptop. (CA security center). Norton has been pretty solid for me.

The attacker url is listed as webmhcc.org without the Only registered users can see links on this board! Get registered or login! The attacking computer is listed as mantis.ravennuke.com (but I think it is just picking that name up from the IP address. I have also had fkelly.org listed as the attacker url. These are two "sites" on Raven's servers.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©