next »

[Todd Jonz]

I'm replying here to a thread in the Announcements forum since only the staff can post replies in that forum.  Information about the malware that has infected the physical server on which TTF runs can be found at:

> http://www.securelist.com/en/descriptions/old188613

This malware has been detected on the the host named "classifieds.tromboneforum.org", which probably runs in a separate virtual server from the host named "tromboneforum.org", i.e. the Forum itself.  Both of these virtual hosts run on the same physical server at the IP address 216.139.89.3, however, so depending on how Mr. Byrd has configured these hosts and what resources they share, it's entirely possible that the individual who planted this malware also has access to some of the software on which the Forum itself runs.

It's worth noting that this malware has been around since 2007, and patches have been available since soon after it was first detected.  I'd hazard to guess this explains Mr. Byrd's recent announcement that he plans to upgrade the version of PHP that's running on the server.  It's a shame he hasn't also decided to update the version of the SMF forum software on which TTF runs, which is a beta test version released in 2006 that was already out of date when TTF first went online and is known to exhibit quite a number of security vulnerabilities.

Chris asks:

> What does this virus do to your computer?

As the SecureList page referenced above explains, this malware installs a backdoor on the server that provides the perpetrator with full administrative access to the server (presumably this means the virtual server in the case of the TTF Classifieds.)  It does not, in and of itself, do anything to users' systems; that depends on what kind of payload(s) the perpetrator chooses to deliver from the infected server.

> Does it affect Macs?

Again, this depends on the payload, although as is usually the case it's most likely that it will be used to deliver payloads that target Windows systems.

[JSBassTrb]

Can it get my credit card info and things like that?

[arynearson]

Looking at the description, probably not, unless your credit card info is somehow stored on TTF Classifieds.

[JSBassTrb]

Ok good thanks.

[blast]

Thanks Todd for that expert assessment. We have to hope that RLB is aware of the problem and can fix it.

Chris Stearn

[rlb]

The poor, beleaguered classifieds area has needed a deeply profound upgrade for over 2 years.  It would appear the time is now.

[rlb]

And FYI, "Mr. Byrd" has been hospitalized as many months as not in the last two years, with 8 major surgeries literally under my belt now, so I haven't had the time to execute the needed upgrades.  Thanks for asking.

[Thomas Matta]

And FYI, "Mr. Byrd" has been hospitalized as many months as not in the last two years, with 8 major surgeries literally under my belt now, so I haven't had the time to execute the needed upgrades.  Thanks for asking.

Yikes - hope you are on the mend, sir!

[sly fox]

I join in the feeling and hopes you are getting better.

[bhcordova]

Good to see you back on the forum!  Hope things go better for you.

[Euphanasia]

Good to hear from you Richard. I hope things start looking up soon!

For the rest of you, there's some pretty nasty code on the classifieds page. I have AVG and a good firewall and I still ended up locked out of my system restore and my internet connection. I had to reboot in safe mode and do system restore from there, and performance is still kind of glitchy. 

[dj kennedy]

 
   did  they find  anything in there  ???????????????????
mXXXXXXXXXXXXXXXXXXnes  ---
   
well it 
  with  others at this  time 
the forum  has   continued to  grow  and is  a  wonderful resource
   for all 
==========
 the classifieds 
are  minimal
============
 the  u
=============
   XXXXXXXXXXXXXXXXXXXXew  and old
many XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXmbone festival
where  sliders  can  slide
===============
 pbone  !!!!!!!!!!  yeah  !!!!!!!
 bach  number  6      discovered  at flea market 
  lotsa  great  trombone news  EVERYDAY !!!!
-------
PLEASE  GET  WELL!!!!!!!!!!!!!!

And FYI, "Mr. Byrd" has been hospitalized as many months as not in the last two years, with 8 major surgeries literally under my belt now, so I haven't had the time to execute the needed upgrades.  Thanks for asking.

[RedHotMama]

It's been suggested before, but is there some reason why the Classifieds can't be added as just another section on the main board? As usual, those of us having no interest could "ignore" it. Adding sections to the board is quick and easy, but repairing and/or debugging the original Classifieds (which is a separate entity from TTF) may not be. In fact, we used to have an Advertisement Child Board which could swiftly be resurrected whilst work on the Classifieds takes place.

Hope you're feeling better, Richard.

[Euphanasia]

It's been suggested before, but is there some reason why the Classifieds can't be added as just another section on the main board?

Welcome back Christine!!

I think the problem with this suggestion is that some of us like to browse the classifieds occasionally, but most don't want the advertisements showing in our "unread posts" list. If I block the classifieds, I'd have to log out and log in again as a guest to browse them. If I don't, everything that comes up for sale ends up on my unread posts. I guess I could live with that, but it seems like the commercial aspect of the forum would overshadow the informative aspects.

[BFW]

If I block the classifieds, I'd have to log out and log in again as a guest to browse them.

Or you could unblock the section for a while.

[Euphanasia]

Or you could unblock the section for a while.

True, but that's still far more complicated than just clicking on a pull-down and having it pop right up. I browsed classifieds around once a week in their previous incarnation. I doubt I'd browse them that often if the process to get into them became more complicated.

[actikid]

We used to have an Advertisement Child Board

Are you sure that is legal?

[RedHotMama]

I'm not suggesting this should be a permanent fixture, but it could certainly fill a gap whilst the Classifieds section is being fixed.

[BGuttman]

The way Richard talked when he suddenly reappeared, I thought the Classifieds was going to be one of the first things he fixed and that it would be back in business shortly.  Thus I felt we should just hold off a little.

If we could get an estimate of whether fixing the Classifieds is going to be fast or not, we could decide if an advertising sub-board is a good idea.  I'd hate to set one up and as soon as we open the doors to it the Classifieds are back.  If it's going to be a while, an advertising sub-board is a good idea.

[TromboneMonkey]

I tend to agree with Euph on this one; I feel as though I'd only rarely look at an Ads section, and that I would probably end up blocking it so as to avoid the recurring threads in my "unread posts" feed.

That said, I think it might be a good way to keep ads out of other threads, much in the same way that PP is a good way to keep politics out of other threads.  And keeping ads out of other threads IS something that I'd really enjoy...


All of this, of course, constituting MY personal opinion; I will continue to enjoy the forum no matter what happens and I'm sincerely thankful to everyone who devotes time to keeping this wonderful and very helpful forum up-and-running.