Openx ad server.
There is a ongoing attack to all openx installation on the web started apx 1 week ago.
This is a large scale attack, bigger sites like NY Times, and many many blog sites are affected as well.
This hack is a direct hack to openx code, it's not caused by hosting server or other program being hacked. Although the hacker(s) might have root access, but this is unknown and unconfirmed at this time.
Happy fucking Monday
Full Version: ongoing attack to all openx installations
Lovely. I see they don't have a patch yet either. Last update = Jan 27.
that is correct
at this point Im running packet logs and playing with a fix of my own
at this point Im running packet logs and playing with a fix of my own
Are they aware of the ongoing attacks? What are the consequences of the hacks?
I'll have to do some checkings.
I'll have to do some checkings.
they place some outgoing malware on your site.
google flags the site .. lose rankings and traffic to to the warnings to users..
OpenX has been told.. they have yet to make a fix *this is about day 5 since the hack started*
google flags the site .. lose rankings and traffic to to the warnings to users..
OpenX has been told.. they have yet to make a fix *this is about day 5 since the hack started*
Ok, thank you Par for the heads up!
trade scripts hacked
gallery submitters hacked
now banner rotators lol whats next apache
gallery submitters hacked
now banner rotators lol whats next apache
Just a note... one of the things we noticed a while back was that the hackers were exploiting the writable OpenX images/banners folder to insert a php script. As an added layer of protection, whatever version you use, it's not a bad idea to drop an htaccess file into your OpenX banners folder with this in it:
This will not allow php scripts to execute from that folder, so even if does get pulled into a banner rotation, it will not execute.
Check your OpenX banners folder for a php file. If you find one, OpenX never put it there
CODE
php_flag engine off
This will not allow php scripts to execute from that folder, so even if does get pulled into a banner rotation, it will not execute.
Check your OpenX banners folder for a php file. If you find one, OpenX never put it there
QUOTE(Rongo @ Mar 30 2010, 03:56 PM)
Just a note... one of the things we noticed a while back was that the hackers were exploiting the writable OpenX images/banners folder to insert a php script. As an added layer of protection, whatever version you use, it's not a bad idea to drop an htaccess file into your OpenX banners folder with this in it:
This will not allow php scripts to execute from that folder, so even if does get pulled into a banner rotation, it will not execute.
Check your OpenX banners folder for a php file. If you find one, OpenX never put it there
CODE
php_flag engine off
This will not allow php scripts to execute from that folder, so even if does get pulled into a banner rotation, it will not execute.
Check your OpenX banners folder for a php file. If you find one, OpenX never put it there
ty
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.