Thanks, Murray. I know we appreciate the update and I especially appreciated all the gory technical details. Really interesting.
As always, all the best and thanks again for all you do. [Show/Hide Quoted Message] (Quoting Message by JudasPriest WebMaster from Wednesday, February 25, 2009 6:25:11 AM) | | JudasPriest WebMaster wrote: | | Another update on the attack:
After many hours of investigating this virus attack, I have now proven that the judaspriest.com server was in fact not compromised in any way, and was not infected with any virus.
I have been in discussions with the hosting company network engineers, as I suspected that the problem was being caused by something else within their network. I have just heard back from them now where they confirmed that I was correct, another server within their network was infected and performing a quite sophisticated attack (known as Man-in-the-middle ARP spoofing) which was making it appear that judaspriest.com was infected when it was actually just a victim of this other attacking machine (which was inserting a line of rouge javascript at the top of every web page served up by the judaspriest.com webserver and other webservers on the same vlan within their network).
If that last sentence made no sense to you then dont worry, I just wanted to give a technical explanation in case anyone reading this is technical and wanted to know the gory details!
I am now in discussions with them as to what they are going to do to ensure their network isn't susceptible to this kind of attack again before I move the judaspriest.com website from back from the temporary hosting server to its usual hosting server.
As always, when browsing the internet ensure that you are running good, up to date virus software as these kind of attacks are becoming more prevelant.
Regards,
JudasPriest.com WebMaster |
|