Forum upgrade

[Admin]

Today, 1-23-2014, mid-morning, the forum was upgraded.  Please report if you see any problems.  We don't often do updates, as they sometimes cause more problems than they fix.  "If it ain't fixed, don't broke it".  In this case, it's been about two years and there were several bug and security patches waiting... with the recent comments about forum oddities, it was time.  

[Anticept]

I just got hit by another URL4SHORT link on my ipad, i suspect it was infested with malware (one of those "legit" looking sites but it's not quite right).

[CT4ME]

I've seen some of those, too... Although they seem to come up when I click a search result that goes to ctflier. Some sort of search engine poisoning.

[Anticept]

I've seen some of those, too... Although they seem to come up when I click a search result that goes to ctflier. Some sort of search engine poisoning.

 

It's a type of malware that probably broke through a security hole in this forum and embedded itself in some scripts or the database, since the forum wasn't kept up to date. With all due respect to the admins, it's good practice to apply security patches the moment they come out, because spammers will review security patches, create crawler scripts, and turn them loose hunting for out of date forums to try and crack. As a suggestion, any versioning information should be turned off to the public (right now this board reports version 3.4.6).

 

 

As posted in another thread:

 

 

I'm occasionally getting redirected to various http://url4short.info pages when opening ctflier.com webpages from search engines. Having previously worked in the IT field, this immediately threw up red flags, so I tested with several devices and went into security lockdown on my systems. I have not been able to locate anything on any of my devices (but are exhibiting the same symptoms). I then went searching for vulnerabilities that may have existed recently in IP.Board that may have led to either a code or sql injection.

 

This came up: http://peter.upfold....url4short-mess/

 

This also might be the source of why ctflier.com was flagged as suspicious.

 

[Anticept]

The forum is still periodically redirecting people from web searches to malicious websites.

[Admin]

Once in a while, but rarely, I will see Google search hits get redirected.  I've reported it to the host, again.  There may be some old posts, that contain the injected code.  It would be nice if we could re-create the problem.  I can never do it.

[Ed Cesnalis]

Using Google Chrome, if you type ctflier, and then click CT Flier Forum, it will happen almost every time.

 

I just tried that and got the redirect and an .exe file downloaded without requesting it.

[Anticept]

Once in a while, but rarely, I will see Google search hits get redirected.  I've reported it to the host, again.  There may be some old posts, that contain the injected code.  It would be nice if we could re-create the problem.  I can never do it.

 

The type of problem is addressed here: http://peter.upfold.org.uk/blog/2013/01/15/cleaning-up-the-ip-board-url4short-mess/

 

It's not easily replicated because it's a type of malware that doesn't want to be found. By making it happen randomly, it makes it much harder to replicate the process and hunt down.

 

Use a browser on a computer that you don't log in on your admin account with on a system with a different IP, search for "ctflier.com" on google, and click a topic link. You might have to do it for a few tries, but it should occur.

[Admin]

They ran a cleansing routine and said no signs of a hack exist (any more).  We'll see.  Apparently, the only way it can get in is through a compromised admin password.... so those are being changed.

[Anticept]

Just type 'ctflier' into the address box, it will bring up the site readily, under Firefox.

 

 

It's still bad practice to let malware go.

[Anticept]

We don't have a website forum, so I am posting this here.

It looks like we just got hit by a database rollback. My guess is the problems that have been seen in the last 24 hours has resulted in the need of restoring a backup that is 2 days old. I lost my nice post about air density

 

EDIT: Admin, when you edit my posts like below, it's always polite to say "Edit by admin"

 

There is an area under "Forum news and info" titled "current known issues"...

 

Yes, because of a hardware failure and replacement, some posts from the 28th were lost.  Feel free to post them again.

[WmInce]

Darn!

I knew I should have made a copy of that.

That was an excellent post.

[Doug G.]

Reposting is not easy. You can't command wit and most of the time I only manage about half.

[Admin]

The forum was upgraded today... minor update with some security and aesthetic fixes.  I saw no changes with postings or loss of any data...

[Anticept]

The forum was upgraded today... minor update with some security and aesthetic fixes.  I saw no changes with postings or loss of any data...

 

Just be sure to do a database backup before you do upgrades, and if something doesn't look right, you can revert

[Anticept]

I'm sure they know that and do that.

 

We've all got each other's backs here! Might be a little bit of a "look over your shoulder" kind of way, but it's all in good intention

[FastEddieB]

I'm sure they know that and do that.

You'd think so.

 

But I'm on another forum that just managed to lose a couple years of posts somehow.

 

It happens.

[Admin]

The old ctflYer forum lost info, twice.  It sucked, as a lot of good stuff was lost forever.  Our hosts backup our data once a day, and there is a manual procedure available.  They won't even do an upgrade unless the requester indicates in a written message that a backup is in place.  

[Runtoeat]

Is there any recommendations for a good free AV program for Android tablets?  Comodo?

[CT4ME]

AVG, Avira, McAfee, Norton, Bit Defender, and Kaspersky all have great ratings and free versions.