- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- Double underline ads
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-24-2010 08:03 AM
тАО07-24-2010 08:03 AM
I'm running Apache web server and named on the internet, but do local access through 192.168.1.xxx type links. The links appear on the thus served out.
Has my server been hacked?
I've looked at running processes and don't see anything unusual. I rebooted the server.
My concern is that my server may be serving out spam ads.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-24-2010 10:51 AM
тАО07-24-2010 10:51 AM
Re: Double underline ads
I unpluged my router from the DSL modem. My Apache server still serves out local pages. The ad links are gone.
I pluged my router back in to the DSL modem. Double underline ads then appear on my own pages served out from my own local server.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-24-2010 11:04 AM
тАО07-24-2010 11:04 AM
Re: Double underline ads
The code is normally at the end of the HTML file, just before the tag. It should look somewhat like this:
< !-- start Vibrant IntelliTXT script section -- >
< script type="text/javascript" src="http://yourdomain.us.intellitxt.com/intellitxt/front.asp?ipid=1234">< /script >
< !-- end Vibrant IntelliTXT script section-- >
See the Vibrant Media's instructions for implementing IntelliText:
http://www.vibrantmedia.com/publishers/implementation.asp
(For removal, simply reverse the instructions.)
Ask your web content designer (or whoever makes the decisions about the web content) if this is intentional and appropriate.
Counter-arguments:
- The intellitext.com/kontera.com maintainers can get information about the usage patterns of your internal website, through the referrer information passed by the client browser when fetching the ads. This can be considered an information leak.
- Who gets the revenue from this ad campaign? (If this is the web content designer's own idea, does the money go straight into his/her pocket?)
MK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-24-2010 12:20 PM
тАО07-24-2010 12:20 PM
Re: Double underline ads
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-24-2010 12:49 PM
тАО07-24-2010 12:49 PM
Re: Double underline ads
I'll write a test page that's very short and see how that works.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-24-2010 01:54 PM
тАО07-24-2010 01:54 PM
Re: Double underline ads
I think I know what may be happening. I suspect that after viewing a page that has the code that summons the java script, the script stays active in the computer memory.
Subsequent pages that do not have the java summoning code are never-the-less, text linked.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-28-2010 07:56 AM
тАО07-28-2010 07:56 AM
Re: Double underline ads
I discovered unusual activity by my name server, named. It's purpose is to serve my local non-routed network.
About every three seconds it sends a packet even though no local requests are made to it.
My logs show no activity from IntelliTEXT.
Does anyone know of spam activity involving compromise of name server and double underline ads on text?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-29-2010 03:56 AM
тАО07-29-2010 03:56 AM
Re: Double underline ads
Shut down name server and use HOSTS file for local network nameserver. Double underline ads are gone.
Just as a heads up. There is a spamer who uses named to send double underline link spam.
Will configure named to run in chroot jail, but doubt that this will help. The compromise to named seems to be overflow of the named input buffer.
Does anyone know of a packet sniffer that can capture packets going to the bind port 53?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-29-2010 07:35 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-29-2010 08:02 AM
тАО07-29-2010 08:02 AM