Author Topic: Network shield information  (Read 2348 times)

0 Members and 1 Guest are viewing this topic.

Zorfox

  • Guest
Network shield information
« on: June 07, 2013, 07:50:33 PM »
I frequent a large vBulletin based forum. They are having problems with google ads redirecting users to malware sites. It has been two months and they have not been able to prevent this. They are asking for as much information as users can give them when it occurs to fix the problem. The only thing I can see is the URL that was blocked. The IE browser has the blocked URL and a diagnose connection button. It there anymore information Avast free edition provides that may be useful to the owners of this board? If so where can I find it. Thanks in advance

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37505
  • Not a avast user
Re: Network shield information
« Reply #1 on: June 07, 2013, 08:17:59 PM »
Quote
I frequent a large vBulletin based forum.
what is the URL?

Zorfox

  • Guest
Re: Network shield information
« Reply #2 on: June 07, 2013, 08:38:00 PM »
http://www.plantedtank.net/forums/

It is a random occurence that can't be reproduced each time which is why they have had problems. It is related to the google doubleclick ads. They turned it off while users are logged in and it won't happen. So it is surely related to this.

Thanks for the relpy

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37505
  • Not a avast user
Re: Network shield information
« Reply #3 on: June 07, 2013, 08:56:11 PM »
have notified somone that may be able to give some info.... check back later


Zorfox

  • Guest
Re: Network shield information
« Reply #4 on: June 07, 2013, 08:59:49 PM »
Thank you VERY much!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Network shield information
« Reply #5 on: June 07, 2013, 10:35:02 PM »
Might be an issue with static.verticalscope.com/h.js being unresponsive.
Do users with adblocking installed also experience these unresponsive sctipt delays of up to 5 minutes?
URLs that redirect found in: htxp://www.plantedtank.net/forums/

1: htxp://b.scorecardresearch.com/p?c1=2&c2=6036030&c4=plantedtank.net&cv=2.0&cj=1 -> htxp://b.scorecardresearch.com/p2?c1=2&c2=6036030&c4=plantedtank.net&cv=2.0&cj=1
2: htxp://ads.verticalscope.com/www/delivery/avw.php?zoneid=671&cb=INSERT_RANDOM_NUMBER_HERE&n=af4efb13 -> htxp://ads.verticalscope.com/www/images/cf68769ed421340b10e0033fe6a4b636.jpg

Attacks could be performed via open ftp vsftpd 2.0.8 or earlier ... older versions of SNMP are vulnerable to attack since they use the strings public and private for logins,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Zorfox

  • Guest
Re: Network shield information
« Reply #6 on: June 07, 2013, 11:24:59 PM »
Ad blocking and tracking protection prevent this issue. As far as I know they only disabled google double click ads for logged in users (no problems while logged in). Verticalscope ads still run without this redirection occuring. I personally have not seen unresponsive script delays. The only thing I experiance is a near immediate redirect and block from Avast. The administration seems to be at their wits end and asking users for any information since they can't reproduce the problem. The thread discussing it is http://www.plantedtank.net/forums/showthread.php?t=299514 although one must be logged in to view it even though the site is free. Just trying to provide as much information as I can to help.