subject:"Re\: \[CODE4LIB\] Marcive.com hosts are compromised"

Re: [CODE4LIB] Marcive.com hosts are compromised

2013-08-30 Thread Ford, Kevin

http://marcive.com goes to the right place for me.  It is the one you mentioned 
in the subject line of your email.

http://marchive.com (note the "h") goes to a domain squatter.  It is the one 
you mentioned in the body of your email.

Which one is causing you the issue?

Cordially,
Kevin


> -Original Message-
> From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of
> Sam Kome
> Sent: Friday, August 30, 2013 2:07 PM
> To: CODE4LIB@LISTSERV.ND.EDU
> Subject: [CODE4LIB] Marcive.com hosts are compromised
> 
> Based on the pharmaceutical ads in their page sources and the fact that
> our Cisco Iron Port has blacklisted them, I have to regretfully report
> that marchive.com has been compromised.  Does anyone know the relevant
> contact(s) there to notify?
> 
> Sam Kome | Assistant Director, R&D |The Claremont Colleges Library
> Claremont University Consortium |800 N. Dartmouth Ave |Claremont, CA
> 91711
> Phone (909) 621-8866 |Fax (909) 621-8517
> |sam_k...@cuc.claremont.edu

Re: [CODE4LIB] Marcive.com hosts are compromised

2013-08-30 Thread Ford, Kevin

Righty.  I had to view the source, but I saw the injected text.

I gave the one contact I know at marcive a call.  She saw it too.

Yours,
Kevin


> -Original Message-
> From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of
> Sam Kome
> Sent: Friday, August 30, 2013 3:24 PM
> To: CODE4LIB@LISTSERV.ND.EDU
> Subject: Re: [CODE4LIB] Marcive.com hosts are compromised
> 
> Sorry about that - I mistype 'Marcive' all the time. Despite that, it
> is the site I meant, sans 'h'.
> 
> It will resolve correctly but I wouldn't advise visiting - take
> precautions.
> Google search results also suggest it is compromised and the page
> sources contain pharma metadata.
> I emailed and then called the technical contact number.  Got a response
> on the phone, sounded like they were unaware but would look into it.
> 
> Our Collections folks report not receiving expected reports this month
> so the problem may be fairly old.
> 
> SK
> -Original Message-
> From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of
> Ford, Kevin
> Sent: Friday, August 30, 2013 12:04 PM
> To: CODE4LIB@LISTSERV.ND.EDU
> Subject: Re: [CODE4LIB] Marcive.com hosts are compromised
> 
> http://marcive.com goes to the right place for me.  It is the one you
> mentioned in the subject line of your email.
> 
> http://marchive.com (note the "h") goes to a domain squatter.  It is
> the one you mentioned in the body of your email.
> 
> Which one is causing you the issue?
> 
> Cordially,
> Kevin
> 
> 
> > -Original Message-
> > From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf
> > Of Sam Kome
> > Sent: Friday, August 30, 2013 2:07 PM
> > To: CODE4LIB@LISTSERV.ND.EDU
> > Subject: [CODE4LIB] Marcive.com hosts are compromised
> >
> > Based on the pharmaceutical ads in their page sources and the fact
> > that our Cisco Iron Port has blacklisted them, I have to regretfully
> > report that marchive.com has been compromised.  Does anyone know the
> > relevant
> > contact(s) there to notify?
> >
> > Sam Kome | Assistant Director, R&D |The Claremont Colleges Library
> > Claremont University Consortium |800 N. Dartmouth Ave |Claremont, CA
> > 91711
> > Phone (909) 621-8866 |Fax (909) 621-8517
> > |sam_k...@cuc.claremont.edu<mailto:%7csam_k...@cuc.claremont.edu>

Re: [CODE4LIB] Marcive.com hosts are compromised

2013-08-30 Thread Sam Kome

Sorry about that - I mistype 'Marcive' all the time. Despite that, it is the 
site I meant, sans 'h'.

It will resolve correctly but I wouldn't advise visiting - take precautions. 
Google search results also suggest it is compromised and the page sources 
contain pharma metadata.  
I emailed and then called the technical contact number.  Got a response on the 
phone, sounded like they were unaware but would look into it.

Our Collections folks report not receiving expected reports this month so the 
problem may be fairly old.

SK
-Original Message-
From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Ford, 
Kevin
Sent: Friday, August 30, 2013 12:04 PM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Marcive.com hosts are compromised

http://marcive.com goes to the right place for me.  It is the one you mentioned 
in the subject line of your email.

http://marchive.com (note the "h") goes to a domain squatter.  It is the one 
you mentioned in the body of your email.

Which one is causing you the issue?

Cordially,
Kevin


> -Original Message-
> From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf 
> Of Sam Kome
> Sent: Friday, August 30, 2013 2:07 PM
> To: CODE4LIB@LISTSERV.ND.EDU
> Subject: [CODE4LIB] Marcive.com hosts are compromised
> 
> Based on the pharmaceutical ads in their page sources and the fact 
> that our Cisco Iron Port has blacklisted them, I have to regretfully 
> report that marchive.com has been compromised.  Does anyone know the 
> relevant
> contact(s) there to notify?
> 
> Sam Kome | Assistant Director, R&D |The Claremont Colleges Library 
> Claremont University Consortium |800 N. Dartmouth Ave |Claremont, CA
> 91711
> Phone (909) 621-8866 |Fax (909) 621-8517
> |sam_k...@cuc.claremont.edu<mailto:%7csam_k...@cuc.claremont.edu>

Re: [CODE4LIB] Marcive.com hosts are compromised

Re: [CODE4LIB] Marcive.com hosts are compromised

Re: [CODE4LIB] Marcive.com hosts are compromised

3 matches

Site Navigation

Mail list logo

Footer information