Active forums

Discussions about UT99
User avatar
Metalfist
Masterful
Posts: 633
Joined: Sun Jan 03, 2010 3:54 pm
Personal rank: ^,..,^ rawr

Re: Active forums

Post by Metalfist »

Evilgrins why do you share that link if you get a malware warning from it?! It is obviously infected!
Anyway google is your friend: http://www.avgthreatlabs.com/virus-and- ... ploit-kit/ and u can check the wiki.
Image
User avatar
EvilGrins
Godlike
Posts: 10158
Joined: Thu Jun 30, 2011 8:12 pm
Personal rank: God of Fudge
Location: Palo Alto, CA

Re: Active forums

Post by EvilGrins »

Metalfist wrote:Evilgrins why do you share that link if you get a malware warning from it?! It is obviously infected!
Of the lot of UT forums there are out there, ut99.org seems to be the hub, the center-point, for most of them... and seeing as the 1st post of this thread has had that Unreal-Mayhem link since back when, I think anyone else that might go there should get a heads up the place is now, for the first time ever, a risk.

Not everybody has got 2 viral-checkers looking their system over 24 hours a day, like me.
User avatar
Metalfist
Masterful
Posts: 633
Joined: Sun Jan 03, 2010 3:54 pm
Personal rank: ^,..,^ rawr

Re: Active forums

Post by Metalfist »

I appreciate you warning us about it, but you should not make it a link, just say the unreal mayhems website or just break the link with spaces.
Image
User avatar
EvilGrins
Godlike
Posts: 10158
Joined: Thu Jun 30, 2011 8:12 pm
Personal rank: God of Fudge
Location: Palo Alto, CA

Re: Active forums

Post by EvilGrins »

Wait... are you saying that just posting the link, without anyone clicking on it, is a threat?

News to me!
User avatar
Metalfist
Masterful
Posts: 633
Joined: Sun Jan 03, 2010 3:54 pm
Personal rank: ^,..,^ rawr

Re: Active forums

Post by Metalfist »

Anyone could click on it out of curiousity. Better break it so if they want to see it so bad they have to do effort. Dont make it easy for pll to get infected (by accident).
Image
User avatar
VatcilliZeitchef
Adept
Posts: 317
Joined: Tue May 01, 2012 12:29 pm
Personal rank: It's a trap!

Re: Active forums

Post by VatcilliZeitchef »

Metalfist wrote:Anyone could click on it out of curiousity. Better break it so if they want to see it so bad they have to do effort. Dont make it easy for pll to get infected (by accident).
+1

Don't forget to add "Possibly infected" to the link in the first post.
Image Kayako's useful Unreal editor Icon Database Image
User avatar
EvilGrins
Godlike
Posts: 10158
Joined: Thu Jun 30, 2011 8:12 pm
Personal rank: God of Fudge
Location: Palo Alto, CA

Re: Active forums

Post by EvilGrins »

VatcilliZeitchef wrote:Don't forget to add "Possibly infected" to the link in the first post.
Good idea... at least until it clears up.
User avatar
papercoffee
Godlike
Posts: 10507
Joined: Wed Jul 15, 2009 11:36 am
Personal rank: coffee addicted !!!
Location: Cologne, the city with the big cathedral.

Re: Active forums

Post by papercoffee »

EvilGrins wrote:
VatcilliZeitchef wrote:Don't forget to add "Possibly infected" to the link in the first post.
Good idea... at least until it clears up.
Well done ...but I did also break the link in the first post for now.
If this page is no threat anymore later, can you reedit the first page.
User avatar
EvilGrins
Godlike
Posts: 10158
Joined: Thu Jun 30, 2011 8:12 pm
Personal rank: God of Fudge
Location: Palo Alto, CA

Re: Active forums

Post by EvilGrins »

papercoffee wrote:If this page is no threat anymore later, can you reedit the first page.
Yeah, no prob. Not the first issue that forum's had...

...though the last one wasn't a big deal. During December they set it up so snow was falling across the screen, over all threads. It seriously lagged down the bandwidth something fierce.
$carface
Skilled
Posts: 212
Joined: Sat Jul 23, 2011 10:58 pm

Re: Active forums

Post by $carface »

Metalfist wrote:Evilgrins why do you share that link if you get a malware warning from it?! It is obviously infected!
Anyway google is your friend: http://www.avgthreatlabs.com/virus-and- ... ploit-kit/ and u can check the wiki.
Forget evilgrins post. Why do you keep flooding ut with fake player servers? You think you're doing some favour to ut, you aren't. You're giving the impatiens who only visit one or two 'populated server ' (which apparently are yours) and those people either leave or uninstall because they assume all servers are fake.

Stop flooding ut with your fake shit. I'm going to keep on harassing your servers and reporting to gametracker like I have been.
User avatar
papercoffee
Godlike
Posts: 10507
Joined: Wed Jul 15, 2009 11:36 am
Personal rank: coffee addicted !!!
Location: Cologne, the city with the big cathedral.

Re: Active forums

Post by papercoffee »

$carface wrote:
Metalfist wrote:Evilgrins why do you share that link if you get a malware warning from it?! It is obviously infected!
Anyway google is your friend: http://www.avgthreatlabs.com/virus-and- ... ploit-kit/ and u can check the wiki.
Forget evilgrins post. Why do you keep flooding ut with fake player servers? You think you're doing some favour to ut, you aren't. You're giving the impatiens who only visit one or two 'populated server ' (which apparently are yours) and those people either leave or uninstall because they assume all servers are fake.

Stop flooding ut with your fake shit. I'm going to keep on harassing your servers and reporting to gametracker like I have been.
:shock: what ...who?
User avatar
Metalfist
Masterful
Posts: 633
Joined: Sun Jan 03, 2010 3:54 pm
Personal rank: ^,..,^ rawr

Re: Active forums

Post by Metalfist »

I am helping the ut community the best I can. Please don't attack the person, formulate a polite argument on what might be the problem instead of rushing in and screaming death and murder.
I haven't received any complaints either untill now.
flooding ut with fake player servers
1. I don't "own" a server, I maintain them for the slv community. I didn't buy them, someone else did.
2. We only have 1 server with a fake player count, not multiple. This is the NY server and the fake players are indicated with a * before the name so you can see that they are fake. Also those are normally set to 4, so it's not on the toplist. The NY server is one of the oldest servers and when I got admin for it, it already had a fake player count. If you want to see if there are players, you could also look here: http://slv.clanservers.com/universalunreal/

Idk if the slv community supports the fake player count, but I think it doesn't matter anymore for the amount of players that enter. So I will try and see if I can remove it.
Image
User avatar
EvilGrins
Godlike
Posts: 10158
Joined: Thu Jun 30, 2011 8:12 pm
Personal rank: God of Fudge
Location: Palo Alto, CA

Re: Active forums

Post by EvilGrins »

$carface wrote:Forget evilgrins post.
Not possible.
Image Image Image
My post was pretty.
Metalfist wrote:Anyway google is your friend: http://www.avgthreatlabs.com/virus-and- ... ploit-kit/ and u can check the wiki.
Good to know, thanks!
User avatar
EvilGrins
Godlike
Posts: 10158
Joined: Thu Jun 30, 2011 8:12 pm
Personal rank: God of Fudge
Location: Palo Alto, CA

Re: Active forums

Post by EvilGrins »

Just an indirect heads-up:
While the Unreal-Mayhem forum is still down, according to Dr. Flay their files section is still up and completely safe.

So, until that forum is accessible again, here · http://unreal-mayhem.com/files/
User avatar
Dr.Flay
Godlike
Posts: 3348
Joined: Thu Aug 04, 2011 9:26 pm
Personal rank: Chaos Evangelist
Location: Kernow, UK

Re: Active forums

Post by Dr.Flay »

According to Yandex Unreal-Mayhem contains the Troj/Iframe-JH
http://yandex.com/infected?l10n=en&url= ... mayhem.com
Troj/Iframe-JH and variants
http://www.sophos.com/threat-center/thr ... me-JH.aspx

Unless any fake downloads have been added to the folders, browsing via the basic directory structure will avoid anything being injected into the html.

BTW. webby-types, this is what can happen when you use iFrames.
iFrames are very useful but you need to be more aware of the potential for hijacking.

And Grins, please if you want to quote me, change that to "is much safer".
There is no such thing as completely safe, unless you do not connect to anything.

My security principal is based upon the fact that malware does not want to be seen. I never assume that because my AV has not rang an alarm there is no threat.
Spoiler
A new piece of malware just got written, and another is about to be created.
Consider that I actively hunt this stuff, so in theory am more likely to get infected than normal users.
However due to my security practices, I have only been actively "infected" about 2 or 3 times, in the last 10 years or more.
I use Opera in a secure manner that the people in the Firefox forum only dream about (maybe the penny will drop soon and they will add the same options).
I have never trusted the default settings in any browser or Java (bag-of-shite). Users MUST learn to check the setup of these before ever using them in the wild.

I look for new malware as much as possible, as the quicker it gets reported, the quicker AV packages can be updated.
When I find a new threat depending on how it works, possibly no AV package will spot it.
Depending on the AV program, it may spot or block the activity it does but It can often be waiting for you to reboot before it infects.

I do not compare my browsing security or knowledge to others, and would categorically never, ever say "completely safe".
To be honest, one of the biggest helps you can get is by replacing taskmanager with Process Explorer, from day-1 of your installation.
Part of being secure is knowing when "one of these does not belong", and knowing what all of those mysterious background tasks are for.
In those 2 or 3 times I have been infected, I have been able to kill it without using AV software, only because I know what I am looking at, and spotted them as they launched.
I like the challenge of getting personal with it, and ripping it out by hand. Much more satisfying, but far more risky as the longer it lives the more infested it can get.