BogMonster Posted September 21, 2006 Share Posted September 21, 2006 My computer has been doing odd things lately, lots of disk access when the computer is not being used and just seems a bit slow. Done all the usual and nothing on it but looking this morning, the firewall shows some odd things which Norton seems to be connected to: Is this normal? CCproxy.exe is part of Norton but some of those domains don't look very antivirusy to me I started looking when I got a warning message about an expired site certificate for normalville.org and thought "eh?" never heard of it and was certainly not accessing it! any thoughts from the learned IT folks please? Ta Quote Link to comment Share on other sites More sharing options...
Gromit Posted September 21, 2006 Share Posted September 21, 2006 My computer has been doing odd things lately, lots of disk access when the computer is not being used and just seems a bit slow. might shed some light, if the next time you see alot of disck access, hit CTRL/ALT/DEL, go to the process tab on the task manager and see what process is hoging the CPU. Quote Link to comment Share on other sites More sharing options...
pugwash Posted September 21, 2006 Share Posted September 21, 2006 I got that site certificate thing earlier today- i of course said no- but it was defintitely from trolilng around lr4x4. can everyone else please check their firewall logs to see if anything has tried to access their PCs from LR4x4 Quote Link to comment Share on other sites More sharing options...
BogMonster Posted September 21, 2006 Author Share Posted September 21, 2006 I had LR4x4 and RIBnet forums open but nothing else at the time I got the certificate message. My firewall log says nothing... Quote Link to comment Share on other sites More sharing options...
rtbarton Posted September 21, 2006 Share Posted September 21, 2006 I got that site certificate thing earlier today- i of course said no- but it was defintitely from trolilng around lr4x4. can everyone else please check their firewall logs to see if anything has tried to access their PCs from LR4x4 Nothing out of the ordinary here. I only visit International, Classified and Series forums Quote Link to comment Share on other sites More sharing options...
Gromit Posted September 21, 2006 Share Posted September 21, 2006 I had LR4x4 and RIBnet forums open but nothing else at the time I got the certificate message. My firewall log says nothing... I haven't got that site cert message this morning on lr4x4. Quote Link to comment Share on other sites More sharing options...
Gromit Posted September 21, 2006 Share Posted September 21, 2006 disconnected my VPN and got the site cert message after lots of disk activity. Somthings up Quote Link to comment Share on other sites More sharing options...
Mark90 Posted September 21, 2006 Share Posted September 21, 2006 I got a warning message about an expired site certificate for normalville.org That is due to the = sign linked image in this post. You need to accept the certificate to connect to their server to download the image. Quote Link to comment Share on other sites More sharing options...
BogMonster Posted September 21, 2006 Author Share Posted September 21, 2006 Ah ok, thanks Mark.... What about all the things my Norton is connected to? Norton scan only done yesterday and ad-aware updated and run this morning, nothing apart from the usual "critical" tracking cookies you always get.... very odd. It has been doing the tonnes-of-disk-activity thing for a few weeks now, off and on Quote Link to comment Share on other sites More sharing options...
Tonk Posted September 21, 2006 Share Posted September 21, 2006 Firewall?!?!?!?!!? i just turn mine off, saves alot of agro Quote Link to comment Share on other sites More sharing options...
Bull Bar Cowboy Posted September 21, 2006 Share Posted September 21, 2006 Yes there is something strange………….. I have just checked the main router (I have 2 chained routers) and it has seen (and turned around) a lot of activity from 195.55.x.x ip address’s …………. particularly 195.55.245.156……………. although I am fairly safe behind the router which is in stealth mode ……… and now locked down. Looking this up ……….. it could be something we don’t want, http://www.rhyolite.com/cgi-bin/group.cgi?group=195 Ian Quote Link to comment Share on other sites More sharing options...
western Posted September 21, 2006 Share Posted September 21, 2006 That is due to the = sign linked image in this post. You need to accept the certificate to connect to their server to download the image. from the link above in that thread Fridgefreezer has a photo or something linked from https://normalville.org/setec/out_in_the_open/equals.jpg which woul;d explain the weird happenings. that link doesn't show it's picture just shows a red cross & IPB IMAGE. I got the certificate thing as well. It's all FF fault Quote Link to comment Share on other sites More sharing options...
pugwash Posted September 21, 2006 Share Posted September 21, 2006 what sort of security does this site have just out of interest? if you link to another site which "may" have a virus- are we protected somehow? Quote Link to comment Share on other sites More sharing options...
western Posted September 21, 2006 Share Posted September 21, 2006 what sort of security does this site have just out of interest?if you link to another site which "may" have a virus- are we protected somehow? good question for Trev [LR90] or Geoff to answer ?????? come on guys don't be shy Quote Link to comment Share on other sites More sharing options...
LR90 Posted September 21, 2006 Share Posted September 21, 2006 I think the official answer is usually along the lines that 'This site cannot be held responsible for links to material that resides on other sites'. As ever boys and girls you do need think before you click on any external link included in a post. That said the mods are pretty hot on stopping spam and other suspect posts but you may just get to the post before they do one day. Virus protection on your PC or a healthy (?) dose of paranoia are good options. Quote Link to comment Share on other sites More sharing options...
pugwash Posted September 21, 2006 Share Posted September 21, 2006 hey trev, my post wasn't a criticism in anyway, just wondered really. don't really know how forums work so i thought i would ask. Quote Link to comment Share on other sites More sharing options...
LR90 Posted September 21, 2006 Share Posted September 21, 2006 Non taken, sorry if the response seemed a bit snappy We limit what can be uploaded to the forum and prevent inclusion of html in members posts which goes a long way to making the forum safer. You do need to ensure your Windows PC is patched against the image born viruses and must be careful what link you click on. At our end we work with Invision to keep the board fully up to date, usually means an update every other month, and they have been quick to close any holes that could compromise the board and in turn our members. An example is the incident that did occur earlier this year that resulted in a maliciously modified forum page that caused members browsers to pull up another site which was being used to distribute a virus. Members local virus protection alerted us to this one (which does show the benefit of virus protection) and the forum was cleaned and the security hole patched. Quote Link to comment Share on other sites More sharing options...
BogMonster Posted September 21, 2006 Author Share Posted September 21, 2006 You do need to ensure your Windows PC is patched against the image born viruses and must be careful what link you click on. WTF is that then? Quote Link to comment Share on other sites More sharing options...
LR90 Posted September 21, 2006 Share Posted September 21, 2006 Not been looking at dodgy pictures have you Steve? Never know what you might catch off them Edit.... Some info on the bbc site: http://news.bbc.co.uk/2/hi/technology/4566504.stm but its not new news and the patches are out. Quote Link to comment Share on other sites More sharing options...
geoffbeaumont Posted September 21, 2006 Share Posted September 21, 2006 That is due to the = sign linked image in this post. You need to accept the certificate to connect to their server to download the image. However, it isn't a good idea to accept certificates that throw up warnings. The certificate serves two purposes; it allows encryption of the connection between your browser and the server (this should work fine even with a dodgy certificate) and it identifies the organisation which owns or runs the site. If the certificate has expired (as in this case) it can no longer be accepted as evidence of the owner. In most cases they've probably just forgotten to renew their certificate, but you need to ask yourself whether you trust them to do the rest of their maintenance properly and keep the site secure... If the certificate doesn't match the site, steer well clear. The same applies to any certficates your browser warns you it can't validate due to an unknown certificate authority - these will usually have been created by the owner of the site ('proper' certificates are obtained from an authority which at least in theory checks that the applicant really is who they say they are). Self signed certificates are commonly used on development sites (because you have to pay for proper ones), but if you're accessing a development site you will normally know (or be) the owner and already be sure the site is okay. Self signed certificates can never be trusted, because you've only got the owners word for who they are (and that could be worthless), although at least one company that really should know better (Microsoft) regularly use them on production sites. Quote Link to comment Share on other sites More sharing options...
jjojjas Posted September 21, 2006 Share Posted September 21, 2006 All clear here, no problems found. Jas Quote Link to comment Share on other sites More sharing options...
geoffbeaumont Posted September 21, 2006 Share Posted September 21, 2006 All clear here, no problems found.Jas That's because the offending image has been removed by Trev Quote Link to comment Share on other sites More sharing options...
V8 Freak Posted September 21, 2006 Share Posted September 21, 2006 PM sent matey.... Respond and we'll see what we can do... Neil Quote Link to comment Share on other sites More sharing options...
BogMonster Posted September 21, 2006 Author Share Posted September 21, 2006 Thanks Neil Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.