1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Verisign, Ultimate Browser Hijack

Discussion in 'General Internet' started by markp62, 2003/09/27.

Thread Status:
Not open for further replies.
  1. 2003/09/27
    markp62

    markp62 Geek Member Alumni Thread Starter

    Joined:
    2002/05/01
    Messages:
    4,012
    Likes Received:
    16
    I thought some of the folks here would like a heads up on this.

    http://www.wilderssecurity.com/index.php?board=21;action=display;threadid=13995
    http://www.spywareinfo.com/newsletter/archives/0903/24.php
    It is the third item down.
    http://slashdot.org/article.pl?sid=03/09/16/0034210&mode=thread&tid=126&tid=95&tid=98&tid=99

    If you have hosts on your system add:
    127.0.0.1 sitefinder.Verisign.com #Block Verisign SiteFinder
    127.0.0.1 sitefinder-idn.Verisign.com #Block Verisign SiteFinder
    to protect against it.

    OR

    Block these IP's with your firewall, or add them to the Restricted Sites Zone if IE.
    12.158.80.10
    64.94.110.11
     
    markp62,
    #1
  2. 2003/09/27
    Newt

    Newt Inactive

    Joined:
    2002/01/07
    Messages:
    10,974
    Likes Received:
    2
    Thanks for posting that. Good info. Sounds like VeriSign is way out of control. Hope they suffer big time for it.

    Those entries are now firmly emplanted in my hosts file.
     
    Newt,
    #2


  3. to hide this advert.

  4. 2003/09/30
    brett

    brett Inactive Alumni

    Joined:
    2002/01/11
    Messages:
    2,058
    Likes Received:
    0
    Might not work for much longer tho' - see this.

    The cads!
     
    brett,
    #3
  5. 2003/09/30
    markp62

    markp62 Geek Member Alumni Thread Starter

    Joined:
    2002/05/01
    Messages:
    4,012
    Likes Received:
    16
    Brett,
    From your link, it appears Verisign thought they were throwing a pebble in a pond and expecting only to see only ripples.
     
    markp62,
    #4
  6. 2003/09/30
    Welshjim

    Welshjim Inactive

    Joined:
    2002/01/07
    Messages:
    5,643
    Likes Received:
    0
    brett--Used your link to ntcanuck and on the way to accessing the site, I got a very brief Download window. I have no idea what I downloaded. Modified files for that moment were Win386.swp, User.dat (both in C:\Windows) and Index(3).php (in TIF). I gather the first two are frequently updated, and I ran AdAware on the Hard Drive and Norton AV on the specific files, but I do not like unwanted Downloads. I guess I will have to see if anything untoward occurs in the next few days.
     
    Welshjim,
    #5
  7. 2003/10/01
    brett

    brett Inactive Alumni

    Joined:
    2002/01/11
    Messages:
    2,058
    Likes Received:
    0
    That's strange, Jum, but I saw no such behaviour - the link simply leads to a message board post. To put your mind at rest, the board belongs to NTCanuck and ObiWan - developers of the BIND-PE DNS server and regular contributors to the GRC discussion groups - and I’d be extremely surprised if their site contained anything nefarious!
     
    brett,
    #6
  8. 2003/10/01
    Welshjim

    Welshjim Inactive

    Joined:
    2002/01/07
    Messages:
    5,643
    Likes Received:
    0
    Last edited: 2003/10/01
    Welshjim,
    #7
  9. 2003/10/02
    brett

    brett Inactive Alumni

    Joined:
    2002/01/11
    Messages:
    2,058
    Likes Received:
    0
    Last edited: 2003/10/02
    brett,
    #8
  10. 2003/10/02
    Welshjim

    Welshjim Inactive

    Joined:
    2002/01/07
    Messages:
    5,643
    Likes Received:
    0
    Thanks, brute. ;)
     
    Welshjim,
    #9
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...