Attack from Wilderssecurity.com ???

Discussion in 'General Topics' started by Perman, May 25, 2006.

Thread Status:
Not open for further replies.
  1. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks., Very strange things have happened for the last few days. Each time when I visit wilderssecurity forum, BlackIce will block an attack,issuing a warning. I am able to trace back and have some details, perhaps someone at Wilders or some experts can solve this puzzle:
    issue:HTML_Mshtml_overflow parameters: URL=/clientscript/vbulletin_quick_edit.js&server=wildrssecurity.com
     
    Last edited: May 25, 2006
  2. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,878
    Location:
    New England
    Looks like a false positive from BlackICE. I can't begin to explain it though since we use generic vBulletin forum software here, and I don't know what BlackICE is using as a signature (is that an IDS like alert?). You may need to ask the BlackICE people exactly what that message means and what triggers it. There is probably an exceptions or exclusions list to prevent the alerts, like a trusted site list of some such.

    Is there more logged then just that one line?
     
  3. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,878
    Location:
    New England
  4. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, thank u for ur prompt reply. I will click the links and take a good look. BTW, I have not encountered the same problems for the last few hours. and FYI, the lateset signature update was done on May 11, 2006, and the problems did not occur until few days ago. Regards,o_O
     
Thread Status:
Not open for further replies.