Here are the correct steps to take...
1. You should contact the suspected website owner's ISP.
2. Tell them you have found malware/virus
3. Have the ISP notify the owner/webmaster or the suspected
malware/virus
4. Check the log files of the website.
5. Determine if the virus/malware was added using a Legitimate
FTP
USER
6. If the FTP USER was not registered with the domain - Warn and
give notice
All website have Access logs and revense DNS lookup. If and only if
it can
be determined that an FTP user under the domain did the hack then
block the website.
What you say below is wrong...........
I have a master's degree and have been on top of the internet for
years.
I have started a class action lawsuit against you and Google and
Godaddy
this is a major foulup on your part and Google and Godaddy
I have been blocked for weeks and will seek compensation
I can't beleive you people are affiliated with Harvard LawSchool
you are unbeleiveable!!!
Dear Mr. Kelly,
StopBadware has not at any time claimed to have found malware on your
site; we have merely stated that Google has detected malware on your
site. StopBadware's review process is designed to confirm Google's
findings independently, and so far, StopBadware has not detected
malware
on your site or purported to have done so. We will continue to
communicate with Google about the status of your website until we
actually do find malware on the site or until Google determines that
the
site is clean. You can also learn more about what Google has detected
on your website and request automated re-scans at any time using
Google's Webmaster Tools.
Regarding your recommendations for improving our process, many of
these
measures would indeed be useful if they were feasible.
1. Realistically, StopBadware cannot reliably determine website
owners'
ISPs from whois or other publicly available data, particularly because
domain name registration is not necessarily performed by the web
hosting
provider, and because many hosting providers lease services and
infrastructure from third parties. Furthermore, many ISPs refuse to
accept responsibility for malware hosted on client-managed websites
and
servers. If we were able to implement your ideas, however, it is
likely
that the ISPs first steps toward protecting the public would be to
disable infected websites completely; this may be a public service,
but
website owners such as yourself would lose more money if this were the
case, because under the current system your website is not actually
blocked from the public - Google has simply chosen to warn users of
Google's Search product that Google believes the site is infectious.
2. StopBadware does not, and will not, claim to have found malware on
any website that we have not tested ourselves. At the time that
Google
initially flags websites as potentially harmful, StopBadware has not
tested any of those websites, or found malware on any of them.
Furthermore StopBadware only tests websites for which we have received
review requests from consumers or webmasters.
3. The boundaries of StopBadware's influence are well defined: we are
not a governing body, and ISPs are private institutions. We cannot
require that ISPs notify webmasters of the infections, and we do
believe
that Google makes a best-effort to contact website owners directly.
4. StopBadware does not have access to the private server logs of
websites we do not control. Only you and your ISP can check your log
files for suspicious activity.
5. StopBadware does not have access to your website or server user
accounts or settings. It would be illegal for us to probe for this
information without permission, and it is not our intention to begin
to
probe for this information even if we are granted permission to do so.
6. Most of the malicious code that we see placed on attack victims'
websites is not placed on the sites via FTP accounts. Generally, the
sites that are attacked run software that has not been updated with
the
latest security patches, or use web scripts such as blogging
platforms,
e-commerce applications, or bulletin board packages that may permit
attackers to gain elevated access to the host server, or perform SQL
injection or other attacks.
Although we have not found malware on your site at this time, our
tests
are not comprehensive, and Google has a very high rate of accuracy in
its detection algorithms. StopBadware's primary purpose is not to
identify websites that host malware, but to provide support to
consumers
and webmasters who require assistance in ensuring that their websites
are safe for their clients and the public. If you haven't done so
already, I strongly recommend that you read more about our process and
purpose at www.stopbadware.org
Regards,
Brandon | StopBadware.org
paul kelly wrote:
> Dear Brandon,
>
> Here are the correct steps to take...
>
> 1. You should contact the suspected website owner's ISP.
> 2. Tell them you have found malware/virus
> 3. Have the ISP notify the owner/webmaster or the suspected
> malware/virus
> 4. Check the log files of the website.
> 5. Determine if the virus/malware was added using a Legitimate FTP
> USER
> 6. If the FTP USER was not registered with the domain - Warn and
> give notice
>
> All website have Access logs and revense DNS lookup. If and only if
> it can
> be determined that an FTP user under the domain did the hack then
> block the website.
>
> What you say below is wrong...........
> I have a master's degree and have been on top of the internet for years.
>
> I have started a class action lawsuit against you and Google and Godaddy
> this is a major foulup on your part and Google and Godaddy
> I have been blocked for weeks and will seek compensation
>
> I can't beleive you people are affiliated with Harvard LawSchool
> you are unbeleiveable!!!
>
>
>
> --- On *Tue, 9/2/08, Brandon | StopBadware.org
> /<[EMAIL PROTECTED]>/* wrote:
>
> From: Brandon | StopBadware.org <[EMAIL PROTECTED]>
> Subject: Re: Malware Block
> To: [EMAIL PROTECTED]
> Date: Tuesday, September 2, 2008, 12:51 PM
>
> Dear Mr. Kelly,
>
> It's actually Google, not StopBadware, that has blocked users from
> accessing your website directly through Google Search results.
> Google attempts to contact webmasters whose sites are flagged by
> sending notifications to several standard administrative accounts
> (eg, [EMAIL PROTECTED]) but there is no reliable way to ensure
> that webmasters receive these notifications. It is likely that
> Google flagged your website as potentially harmful not because of
> the content that you placed on your site, but because your site
> was compromised and turned into a vehicle for malware distribution
> by attackers. Once all of the harmful code that was placed on
> your site has been removed, Google should remove the warnings
> about your website from its search results; however, it is also
> important to ensure that the vulnerabilities which permitted your
> site to be attacked are also closed, to prevent future attacks.
>
> StopBadware performs independent review of websites that Google
> has flagged as potentially harmful. We are in the process of
> reviewing your website, and will report our findings to you and to
> Google. Hopefully, your site will be removed from Google's list
> soon, or we will be able to assist you further with clearing the
> malicious code from your website. You can track the progress of
> this review by visiting:
>
> http://www.stopbadware.org/reports/container?reportident=1230604&reportname=www.seattlesurveillance.com%2F
>
>
> All the best,
> Brandon | StopBadware.org
>
>
>
> paul kelly wrote:
>>
>> I need to get my website unblocked
>>
>> www.seattlesurveillance.com
>>
>> Do you have a phone number to call?
>>
>> My ISP was hacked www.godaddy.com
>> I was given no notice.
>> I was blocked without notice
>> I am losing sales
>> I have been blocked for over three weeks now
>>
>> Why don't you warn people before you block them
>> I am trying to run a business and have no reason to waste my time
>> writting malware.
>>
>> Please unblock my website.
>>
>> paul t. kelly
>> www.seattlesurveillance.com
>> ceo skynet inc.
>>
>>
>>
>>
>>
>> --- On *Fri, 8/22/08, Contact StopBadware.Org
>> /<[EMAIL PROTECTED]>/* wrote:
>>
>> From: Contact StopBadware.Org <[EMAIL PROTECTED]>
>> Subject: Re:
>> To: [EMAIL PROTECTED]
>> Date: Friday, August 22, 2008, 1:57 PM
>>
>> Thank you for contacting StopBadware.org. Your input helps us build
>> a community
>> and resources to help us combat the growing badware threat. Your
>> comments and
>> suggestions are welcome.
>>
>> Unfortunately, we receive so much feedback that we may not have time
>> to respond
>> to every suggestion and question, though we do read all of it.
>>
>> You can find answers to our most commonly asked questions here:
>> http://stopbadware.org/home/faq
>>
>> IMPORTANT NOTE: If you are a website owner and wish to request a
>> review of your
>> site's inclusion in our Badware Website Clearinghouse,
>> please note that
>> StopBadware.org does not accept review requests submitted via email.
>> Instead,
>> please fill out our Request for Review form:
>>
>> http://www.stopbadware.org/home/review
>>
>> If you want to participate and become part of this community, learn
>> how to get
>> involved by going here:
>>
>> http://www.stopbadware.org/home/get_involved
>>
>> If you are looking for technical support with a badware issue,
>> StopBadware.org
>> does not offer direct support. Please visit our 'How do I get rid of
>> badware?' section for some helpful links:
>>
>> http://www.stopbadware.org/home/help_remove
>>
>> StopBadware.org does not currently endorse any sites or products,
>> but we do
>> want to point you in the right direction so that you can find the
>> resources you
>> need to make informed decisions about removing these programs.
>>
>> Thank You,
>> The StopBadware.org Team
--~--~---------~--~----~------------~-------~--~----~
You received this message through the Google Groups "stopbadware" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/stopbadware?hl=en
-~----------~----~----~----~------~----~------~--~---
