Thanks. I'll test it out and let you know how it goes. :)
On Thu, Sep 17, 2009 at 10:35 PM, Barney Boisvert wrote:
>
> 100% untested, but you get the idea:
>
> s = "The project is done.";
> strings = [
> "and dinna spare the whip",
> "and I sure am handsome",
> ...
> ]
> start = 0;
> while (t
100% untested, but you get the idea:
s = "The project is done.";
strings = [
"and dinna spare the whip",
"and I sure am handsome",
...
]
start = 0;
while (true) {
// any . ? ! preceded by a letter and followed by a space
start = REFind("[a-zA-Z][.?!]( |$)", s, start);
if (start == 0)
Hey people. I'm working on a filter to put in some random text into my
pages. For example...
The project is done.
Becomes
The project is done, and dinna spare the whip!
(I think some of you know why I am doing this). :)
Anyway, I don't want to have it appear after EVERY period or ! or ?..
I'd
> Could they have been opened by a virus?
Well, I don't think it would be a virus in the traditional sense, no.
But if you have access to the filesystem with SYSTEM or admin rights,
you can do anything you want really.
> I've checked the whole system and if there was any Hentai on it, I'd know.
oops, should have been off-list. Sorry!
On Thu, Sep 17, 2009 at 17:55, Dave Watts wrote:
>>> Fast question. On win2k is there an easy way of closing/blocking these
>>> or does it have to be further up the chain.
>>
>> Yes. You can do this with an IP security policy. However, I would also
>> reco
Could they have been opened by a virus?
I've checked the whole system and if there was any Hentai on it, I'd know.
> Frankly, I'm surprised you haven't had other problems, with SMB/CIFS
> exposed to the public. You may want to make sure you're not hosting
> any tentacle porn, etc. It wouldn't hav
>> Fast question. On win2k is there an easy way of closing/blocking these
>> or does it have to be further up the chain.
>
> Yes. You can do this with an IP security policy. However, I would also
> recommend that you block all unwanted traffic at the gateway, of
> course.
If you like, I can proba
> Fast question. On win2k is there an easy way of closing/blocking these
> or does it have to be further up the chain.
Yes. You can do this with an IP security policy. However, I would also
recommend that you block all unwanted traffic at the gateway, of
course.
Dave Watts, CTO, Fig Leaf Softwar
IPSec... that could get a little complicated.
A firewall should be able to block this, as well as adding ACLs to the
router.
-Original Message-
From: Michael Dinowitz [mailto:mdino...@houseoffusion.com]
Sent: Thursday, September 17, 2009 1:42 PM
To: cf-talk
Subject: Re: malware patterns
Good to know, Josh! Thanks!
-Original Message-
From: Josh Nathanson [mailto:p...@oakcitygraphics.com]
Sent: Thursday, September 17, 2009 5:03 PM
To: cf-talk
Subject: RE: How to prevent IE from caching content added via ajax?
Oh...if you are using the load function, then you can just d
Thanks, Tony!
-Original Message-
From: Tony Bentley [mailto:t...@tonybentley.com]
Sent: Thursday, September 17, 2009 4:45 PM
To: cf-talk
Subject: Re: How to prevent IE from caching content added via ajax?
If you are loading via url:
function ts(){
var tr = '';
var cur
Yep...that's the first thing in the $.ajax settings...
But, I believe I've solved the problem. Usually when I use .load
to add content in a .cfm file into a div, I use this:
$('#hiddenResult').load('../components/propertiesDisplay.cfm?' + new
Date().getTime());
I had one other place in my code
Oh...if you are using the load function, then you can just do this somewhere
before it:
$.ajaxSetup({ cache: false });
This will make it so any and all subsequent ajax requests (including load)
are not cached.
-- Josh
-Original Message-
From: Josh Nathanson [mailto:p...@oakcitygraphi
Fast note. Some anti-virus programs are reporting this thread as
having a virus due to the code fragment from the first post. This is a
false positive, but if there is a concern, just use the website
interface.
~|
Want to reach t
>>http://bgadf.cn>
Arg... chinese junk again :-(
~|
Want to reach the ColdFusion community with something they want? Let them know
on the House of Fusion mailing lists
Archive:
http://www.houseoffusion.com/groups/cf-t
If you are loading via url:
function ts(){
var tr = '';
var curDateTime = new Date()
tr += curDateTime.getHours();
tr += curDateTime.getMinutes();
tr += curDateTime.getSeconds();
return tr;
}
$("#myloaddiv").load(/ajaxDIV/index.cfm?id="+id+"&ts="+t
Did you set cache: false in your $.ajax params?
-- Josh
-Original Message-
From: Rick Faircloth [mailto:r...@whitestonemedia.com]
Sent: Thursday, September 17, 2009 1:42 PM
To: cf-talk
Subject: How to prevent IE from caching content added via ajax?
Poor title, but I couldn't get it a
Didn't mean to hit send...
Here is a tech article on doing at the server level
http://support.microsoft.com/kb/813878
On Thu, Sep 17, 2009 at 1:46 PM, Alan Rother wrote:
> I would block them at the Firewall. You don't even want the traffic getting
> to the box.
> =]
>
>
> On Thu, Sep 17, 2009
You can turn off windows file and print sharing or enable the Windows
firewall, but chances are you want those ports available to your
internal network. Assuming this machine is behind a hardware firewall,
that is the best place to lock down ports you don't want the outside
world getting to. Or
I would block them at the Firewall. You don't even want the traffic getting
to the box.
=]
On Thu, Sep 17, 2009 at 1:42 PM, Michael Dinowitz <
mdino...@houseoffusion.com> wrote:
>
> Fast question. On win2k is there an easy way of closing/blocking these
> or does it have to be further up the chai
Poor title, but I couldn't get it all in there.
- got a page which loads a .cfm of content into a div via a jQuery
.load function
- the content for the .loaded .cfm page is generated in a cfc
method, and I use
cfsavecontent and save the generated content out to the aforemen
Fast question. On win2k is there an easy way of closing/blocking these
or does it have to be further up the chain.
On Thu, Sep 17, 2009 at 4:33 PM, Jacob wrote:
>
> 135 and 445 should NOT be open to the public!
>
> -Original Message-
> From: b...@bradwood.com [mailto:b...@bradwood.com]
>
135 and 445 should NOT be open to the public!
-Original Message-
From: b...@bradwood.com [mailto:b...@bradwood.com]
Sent: Thursday, September 17, 2009 12:47 PM
To: cf-talk
Subject: RE: malware patterns
Michael, a quick nMap shows the following ports are open on the server
that houseoff
OK, here's what to do. Search your entire code base for any web
accessible script containing the text "chanm". I found a jsp and a cfm
file, both with the ability to upload and manipulate files on a
server. If you do find a file like this, please send me the code so I
can compare it to what I have
I've seen this sort of attack before on a client's server that they were
hosting at their office. The malware that did it used a stolen FTP
password to log in as an actual user and modify every HTML file on their
server. We found it be reviewing the FTP server logs and saw that their
general u
Thanks. I'll check those out. I found the hole though as well as the
script used to access the machine. Nasty piece of code.
On Thu, Sep 17, 2009 at 3:47 PM, wrote:
>
> Michael, a quick nMap shows the following ports are open on the server
> that houseoffusion.com resolves to (64.118.74.245).
>
Super thorough research Brad. While I'm not affected, I appreciate your
level of expertise.
-Original Message-
From: b...@bradwood.com [mailto:b...@bradwood.com]
Sent: Thursday, September 17, 2009 2:47 PM
To: cf-talk
Subject: RE: malware patterns
Michael, a quick nMap shows the follow
Michael, a quick nMap shows the following ports are open on the server
that houseoffusion.com resolves to (64.118.74.245).
PORT STATE SERVICE
21/tcp open ftp
80/tcp open http
135/tcp open msrpc
443/tcp open https
445/tcp open microsoft-ds
1025/tcp open NFS-or-IIS
1036/tcp open u
I'll do that. I have to take the below information, make it nice and
neat, and then write it up as a Fusion Authority site article.
On Thu, Sep 17, 2009 at 3:14 PM, DURETTE, STEVEN J (ATTASIAIT)
wrote:
>
> If you ever find the root cause, you may want to write an article on it,
> or do a present
If you ever find the root cause, you may want to write an article on it,
or do a presentation for cfmeetup!
I know I'd be interested in it!
-Original Message-
From: Michael Dinowitz [mailto:mdino...@houseoffusion.com]
Sent: Thursday, September 17, 2009 3:08 PM
To: cf-talk
Subject: malwa
The recent attack on House of Fusion resulted in some useful
information as to what you should look for. In general, all or most of
the files with the following extensions were affected:
.cfm
.cfml
.htm
.html
.js
The following line of code was prepended to all files other than .js
http://bgadf.cn<
e NY 11788
> P : 631.231.6600 Ext. 119
> F : 631.434.7022
> http://www.austin-williams.com
>
> Great advertising can't be either/or. It must be &.
>
> Plug in to our blog: A&W Unplugged
> http://www.austin-williams.com/unplugged
ge NY 11788
> P : 631.231.6600 Ext. 119
> F : 631.434.7022
> http://www.austin-williams.com
>
> Great advertising can't be either/or. It must be &.
>
> Plug in to our blog: A&W Unplugged
> http://www.austin-williams.com/unplugged
>
>
>
&g
ur blog: A&W Unplugged
http://www.austin-williams.com/unplugged
__ Information from ESET Smart Security, version of virus signature
database 4434 (20090917) __
The message was checked by ESET Smart Security.
http://www.eset.com
~
The sooner the better if HOF and Bens blog got attacked and its a
common issue it would be good to know exactly what was the weak point
hat allowed the intrusion.
Paul.
On Thu, Sep 17, 2009 at 9:41 AM, Michael Dinowitz
wrote:
>
> And after going through everything on the site and computer in
>
I'd still take a look at the other article. My worry is that if you
are only passing the time zone that it might work now but then get
messed up when we go off of daylight savings time. Perhaps you should
run your test again and see if the DST is reported as being ON. Then
move your system clock a
Looks like Forta's site might be having the same problem Michael. Todd
Rafferty just got the danger warning from http://forta.com/
andy
-Original Message-
From: Michael Dinowitz [mailto:mdino...@houseoffusion.com]
Sent: Thursday, September 17, 2009 8:41 AM
To: cf-talk
Subject: Re: hous
And after going through everything on the site and computer in
general, it's all up again. 30 minutes from the first message on this
thread till the site was back up. Now that's service.
I'll write up what information I have on the attack and what I did to
fix it all as soon as I get a second. I h
Most likely Michael has taken it offline to complete the cleansing of
infected files.
-Original Message-
From: Paul Alkema [mailto:paulalkemadesi...@gmail.com]
Sent: Thursday, September 17, 2009 8:08 AM
To: cf-talk
Subject: houseoffusion.com down?
I've noticed that houseoffusion.com i
Read the back messages.
On Thu, Sep 17, 2009 at 6:08 AM, Paul Alkema
wrote:
>
> I've noticed that houseoffusion.com is down. Is anyone else experiencing
> this as well?
>
> Paul Alkema
>
> Application Developer
>
> http://www.alkemadesigns.com/
>
>
>
~~~
I concur. The site is unavailable.
-Original Message-
From: Paul Alkema [mailto:paulalkemadesi...@gmail.com]
Sent: Thursday, September 17, 2009 9:08 AM
To: cf-talk
Subject: houseoffusion.com down?
I've noticed that houseoffusion.com is down. Is anyone else experiencing
this as well?
P
I've noticed that houseoffusion.com is down. Is anyone else experiencing
this as well?
Paul Alkema
Application Developer
http://www.alkemadesigns.com/
~|
Want to reach the ColdFusion community with something they want? Let th
Excellent... This worked: http://www.petefreitag.com/item/171.cfm
Adding the argument to the Java args worked!!
On Wed, Sep 16, 2009 at 4:25 PM, Judah McAuley wrote:
>
> That sounds about right then. Being -5 plus being in DST would result
> in it being 4 hours off if it were displaying UTC
43 matches
Mail list logo