LVCF,
I do not know what this means "server infection"?
Can it even be fixed?
Thanks,
Dawn

Only registered users can see links on this forum! Register or Login on forum!

Forum URL:

Only registered users can see links on this forum! Register or Login on forum!

I have disabled my forum until this problem is fixed.

When I set up my forum, I created a subdirectory called buzz.deaconlight.com so I could create user-friendly names to direct users to the different music forums via an .htaccess file. Therefore, I am able to redirect anyone trying to access my forum via the subdomain URLs to an advisory page as to why the site is down.

Don't know if this will work for anyone else. Just thought I'd pass it on in case it's something someone can use.

Scooter999

Forum URL:

Only registered users can see links on this forum! Register or Login on forum!

Apparently the configuration panel will NOT let me disable the forum. I have tried several times setting disable to Yes but it always defaults back to No.

Why can I not disable the forum?

Scooter999

I'm trying to understand how the disable feature works. I've clicked the switch in admin, submitted, it said it took the change. I logged out, reentered, and it looked open as usual. Is it live to me because they recognize me as admin through IP or cookies?

what does a user get when he enters a disabled forum? If it is the regular forum index, I'm not sure that would stop the virus. It seems to kick in a soon as you open the page.

Help, anyone?

That "forum disable" feature does not work on ForumUp forums. It never has. That information has been in our FAQ post since July 2005 at

Only registered users can see links on this forum! Register or Login on forum!

The link to it is there because it comes like that with the phpBB forum making program.

LVCF wrote:

One of them seems to be the quicktime virus, a very malicious virus that can ruin one's computer.

No one has reported anything of the sort having happened. No one's computer will be "ruined". It's not like the harddrives melt or explode or something. I would think someone would have mentioned it if it happened, since there are thousands of users between ForumUp.us and .be.

Anyway, I am sure our Webmaster Raulken is working on the problem.

LVCF wrote:

The server, which is the equipment Mr. Raulken uses to allow these forums to exist, and the code in which the forums are based in (phpbb) are infected with a virus.

We do not know exactly, specifically what is infected.

riosmom wrote:

I do not know what this means "server infection"? Can it even be fixed?

Yes, eventually, when the problem is discovered and then the way to remove it is found and implemented.

I understand all the frustration and anger. No more needs to be expressed on this forum. The moderators try not to take things personally, but it is hard not to with some of these venting posts.

Please post only helpful evidence or information from now on.

[quote="LVCF
With what evidence? He has not posted here in three weeks, and has not responded to my PMs.[/quote]

LVCF,
Has he picked up your PMs? That would at least be a step in the right direction..
I had another member this AM call me at home and tell me their computer is down and won't come back up.

From my outbox:
"Payed for backup, read all, but got no file or download opt Raulken Mon Jul 23, 2007 8:57 am"

Proof enough !

Forum URL: http://deaconlight.forumup.us

My primary concern now is the liability issue that could arise from this vulnerability on Forumup.us. Subscriber admins need to have the ability to disable our forums in a crisis situation to protect us from possible litigation.

Excerpt from Symantec:

HTTP Quicktime RTSP URI BO
Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

DescriptionThis signature detects attempts to exploit a vulnerability in Apple QuickTime that allows an attacker to execute arbitrary code.

Additional Information

Apple QuickTime is prone to a remote buffer-overflow vulnerability. This issue is due to a failure of the application to properly bounds-check user-supplied input prior to copying it to an insufficiently sized stack-based memory buffer.

Specifically, URIs with the 'RTSP' scheme containing specifically formatted excessive data will result in a memory buffer being overrun with attacker-supplied data.n n This issue allows remote attackers to execute arbitrary machine code in the context of the affected application, facilitating the remote compromise of affected computers.

Attackers exploit this issue by coercing targeted users to access malicious HTML or QTL files, or by executing malicious JavaScript code. Any of these methods allow attackers to launch an excessively long RTSP URI, triggering the issue.n n QuickTime version 7.1.3 is vulnerable to this issue; other versions may also be affected.

Possible False Positives
There are no known false positives associated with this signature.

I know it is not common to see a video player above my forum banner on the top left of the screen on my homepage. Every once and awhile I see that. I am pretty certain that is the Quicktime Virus, a very malicious virus. Like Scooter said, I will not be subject to any litigation, so I will close my forum tomorrow or the day after after consulting with my co-admin. Any damages to any one's computer may fall onto the Webmaster, so he might want to check on this little problem that we have been experiencing. Here is a blurb written from someone on this subject:

Quote:

damages for putting viruses and adware into our computers. they should be aware of the content on their site. negligence or perhaps something more intentional... trespass to chattel....

Quote:

our computers. the adware and virus's infect our computers.. take control of it. if its unintentional - its negligence. if its intentional - its trespass to chattel