Announcement

Collapse
No announcement yet.

V8 Expiry?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    V8 Expiry?

    Hi Everyone
    My server host received this email and i was wondering if there is an expiry on V8 software.
    I am running V8.5.3

    Due to a recent system audit, we have found that one or more files on your domain roundstooldistribution.co.uk have been flagged as compromised, and pose a risk to your site content, data, and domain reputation.
    To see a list of these files, FTP to your web space and check file: user/security_health_check.log.
    As a responsible hosting provider, and in order to alleviate the risk to your site, we strongly suggest you take the following action as soon as possible:
    · Ensure you have taken full backups of website data before proceeding
    · Update to the latest version of the 3rd party software you are using on your site. Our 1-click installer* (available in your Fasthosts control panel) carries the latest versions of many popular solutions.
    · Once the update is complete, you should re-instate your content, but NOT the system files

    *If 1-click installer requires you to update your OS, please follow the on-screen instructions to complete the upgrade before proceeding further.

    Please be aware, we will be performing a further system scan at 09:00am (GMT) on Thursday 22nd August, and will automatically suspend your site should we find any compromised files still remain. Whilst this action is regrettable, it will only be taken as a last resort to protect you and the integrity of your site.

    If you wish to avoid suspension, please take the above steps as soon as possible, and no later than the stated deadline

    And this what I was sent informing me of the steps taken to avoid this, just wanted clarification that V8 isn't going out

    I received the following email the other day (the log file they mention is attached). I have downloaded the files in question and scanned them with both Panda Antivirus and Malwarebytes and they came up clean. I have spoken to Fasthosts about this and they have assured me that this will be enough to avoid the suspension of your site. They are primarily aiming this at users of WordPress, Joomla, drupal and other content management systems where the owner has not updated the software.

    I can’t rule out the possibility in future that they could take a similar view towards old versions of Actinic, so you should perhaps give some thought to updating in the not too distant future.
    Rounds Tool Distribution
    Power Tools, Hand Tools and Workwear
    http://www.roundstooldistribution.co.uk

    #2
    ...the files in question...
    Which are?
    Norman - www.drillpine.biz
    Edinburgh, U K / Bitez, Turkey

    Comment


      #3
      [cp4-linweb12] [2013/08/20 21:29:51] [reowoyxt] [ NOTICE ] -----------------------------------------------------------------------
      [cp4-linweb12] [2013/08/20 21:29:51] [reowoyxt] [ NOTICE ] This scan has been initiated by an automated process to search for
      [cp4-linweb12] [2013/08/20 21:29:51] [reowoyxt] [ NOTICE ] files and installations that may be compromised
      [cp4-linweb12] [2013/08/20 21:29:51] [reowoyxt] [ NOTICE ] No changes are made to your site during this scan.
      [cp4-linweb12] [2013/08/20 21:29:51] [reowoyxt] [ NOTICE ] Version 2.0.4 (Built Tue Aug 20 14:02:24 2013)
      [cp4-linweb12] [2013/08/20 21:29:51] [reowoyxt] [ NOTICE ] -----------------------------------------------------------------------
      [cp4-linweb12] [2013/08/20 21:29:51] [reowoyxt] [ INFO ] Checking /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/
      [cp4-linweb12] [2013/08/20 21:29:51] [reowoyxt] [ FOUND ] Found installation at '/home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/cgi-bin' [Actinic::8]
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/index.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/class.analyze.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/class.gping.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/class.grab.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/class.html-creator.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/class.http.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/class.mail.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/class.templates.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (PHit1) (4) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/class.utils.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/class.utils.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/class.xml-creator.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ MISS (Fname) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/mods/mobile.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/page-analyze.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/page-bottom.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/page-chlog.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/page-config.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/page-configinit.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/page-crawl.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/page-crawlproc.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/page-ext.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/page-generator.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/page-l404.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/page-login.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/page-proc.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/page-sitemap-detail.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/page-top.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/pages/page-view.inc.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ HIT (EvalB64) (2) ] /home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/generator/runcrawl.php
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ SUMMARY ] [/home/fhlinux172/r/roundstooldistribution.co.uk/user/htdocs/] [4756 files found] [1771 files scanned]
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ SUMMARY ] [Compromises: 27 potential hits, Average score=2/5, Highest score=4]
      [cp4-linweb12] [2013/08/20 21:30:14] [reowoyxt] [ SUMMARY ] [Scan completed in 23 seconds]
      Rounds Tool Distribution
      Power Tools, Hand Tools and Workwear
      http://www.roundstooldistribution.co.uk

      Comment


        #4
        Not a single one of those files is anything to do with Actinic / SellerDeck. Looks like some sort of page design software (perhaps supplied by Fasthosts themselves). If so, bit of an own goal for them.

        UPDATE: Seems to be a "Standalone XML Sitemap Generator" from XML-Sitemaps.com. Or that's what runs if you go to http://www.roundstooldistribution.co...ator/index.php.
        Norman - www.drillpine.biz
        Edinburgh, U K / Bitez, Turkey

        Comment


          #5
          Ok thanks, so need to worry then?
          Never had any issues with the server.
          Rounds Tool Distribution
          Power Tools, Hand Tools and Workwear
          http://www.roundstooldistribution.co.uk

          Comment


            #6
            Just checked and it has been taken off of server, what is going on?
            Is it the XML sitemap generator?
            Rounds Tool Distribution
            Power Tools, Hand Tools and Workwear
            http://www.roundstooldistribution.co.uk

            Comment


              #7
              That's what it sounds like.

              Did you remove the files in question? The email you posted above seems to say fairly clearly that they'd suspend the site if the files in question weren't upgraded or removed.

              Mike
              -----------------------------------------

              First Tackle - Fly Fishing and Game Angling

              -----------------------------------------

              Comment


                #8
                Just waiting on the guy who deals with the server to make sure the files have been removed, then I gotta get a new password to the server and refresh the site, fingers crossed that will be it.
                What removing those files does to the site i don't know, hopefully they are just old unused files.
                Rounds Tool Distribution
                Power Tools, Hand Tools and Workwear
                http://www.roundstooldistribution.co.uk

                Comment


                  #9
                  You should be OK once those files have been removed.

                  I am a little worried about the reference to [Actinic::8] but I don't know whether that's a real problem or not. Newer versions of Actinic do have security improvements so if your hosts see V8 as an issue then you'll have to upgrade your version or consider moving to a new host.

                  Mike
                  -----------------------------------------

                  First Tackle - Fly Fishing and Game Angling

                  -----------------------------------------

                  Comment


                    #10
                    The files were removed, how they got there who knows, what they did??? mail thing is they are gone, the guy who deals with the server said that it was removed due to an over enthusiastic bod from Fasthost, as far as i am aware from all of this V8 is still without issue, it was most prob a server issue, especially as it was restored very quickly once they were shouted at.
                    Thanks everyone
                    Rounds Tool Distribution
                    Power Tools, Hand Tools and Workwear
                    http://www.roundstooldistribution.co.uk

                    Comment

                    Working...
                    X