汉典网站含有攻击代码的报告
用firefox3.0上汉典。就在刚才,报告说含有攻击代码。下面是详细报告。希望站务尽快解决。
Safe Browsing
Diagnostic page for [url]www.zdic.net/zd/[/url]
------------------------------------------------------------------------------------------------------------
What is the current listing status for [url]www.zdic.net/zd/?[/url]
Site is listed as suspicious - visiting this web site may harm your computer.
What happened when Google visited this site?
Of the 115 pages we tested on the site over the past 90 days, 5 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 08/09/2008, and the last time suspicious content was found on this site was on 08/09/2008.
Malicious software includes 4 trojan(s), 3 exploit(s). Successful infection resulted in an average of 14 new processes on the target machine.
Malicious software is hosted on 2 domain(s), including tu-sg.info, qqsafe-qqservicesyydswfhuw8ysjftwf.org.
Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, [url]www.zdic.net/zd/[/url] did not appear to function as an intermediary for the infection of any sites.
Has this site hosted malware?
No, this site has not hosted malicious software over the past 90 days.
How did this happen?
In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.
Next steps:
* Return to the previous page.
* If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center. 我也发现问题了哦,有的帖根本就打不开,怎么打都不行:L 经过我检查发现:
1.汉典网站网页未被修改或嵌入恶意代码
2.服务器中没有发现ARP欺骗的记录
3.论坛也没有发现恶意代码
唯一的线索是星期天8月10日中午11点半的时候,有位网友报告汉典首页有恶意代码,杀毒软件报警,病毒出现的时间很短,我估计过了1个小时左右网页被嵌入的恶意代码就消失了。我个人怀疑是汉典所在机房有比较厉害的ARP攻击,但是这种ARP攻击目前不能被ARP防火墙软件检测。
至于FIREFOX警告的情况,则是刚好GOOGLE索引汉典网页时,发现有恶意代码,所以将汉典网址加入恶意网站名单。FIREFOX根据名单进行报警,并不是你现在访问的汉典网页有病毒。至于报警何时结束,这要看GOOGLE下次索引汉典时,有没有发现恶意代码。
现在黑客很狡猾,对网站攻击通常选择访问人数多的时间段,并且散播病毒的时间短,不易被管理员发现,作为网站管理员,很无奈,也无从下手,因为黑客所掌握的技术手段让我无力制止,也很痛心,看到黑客将汉典网站作为散播病毒的媒介。
奇怪
警告- 访问该网站可能会损害您的计算机!我是通过"在线汉典"才进来的 firefox的报警页已经消失。 现在总算能上来了 ARP攻击真是讨厌……
页:
[1]