I never use FTP to communicate with a server. I will either use webdav
(over https) or scp or a ssh tunnel (I seem to remember FTP cannot be
tunnelled over ssh, but it seems ridiculous that it cannot). Even on
windows, putty can do secure file transmission.
If we IT professionals don't insist
Oh good to know! Thanks.
Bob
On Jun 15, 2012, at 4:44 PM, Andre Garzia wrote:
you can always take back your votes after the feature is implemented. At
any moment you can reorganize them.
On Fri, Jun 15, 2012 at 5:18 PM, Bob Sneidar b...@twft.com wrote:
So, if a feature request or
Andre Garzia wrote:
This usually happens once one of two things happens:
1 - you have a compromissed FTP account. Maybe one collaborator lost your
FTP account or an infected machine is harvesting them from your HD (more
common on windows). Something caused the FTP account to be compromissed,
I agree with Richard. For On-Rev and Livecode to be considered a truly
professional service, secure connections are a must-have.
After several hacking incidents at *Dreamhost* I switched over to SFTP,
updated Wordpress and Gallery2, and changed my control panel and SFTP
password and I've had no
So, if a feature request or bug fix is implemented, do I get my votes back?
Bob
On Jun 15, 2012, at 1:02 PM, stephen barncard wrote:
154 votes and counting...
___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to
you can always take back your votes after the feature is implemented. At
any moment you can reorganize them.
On Fri, Jun 15, 2012 at 5:18 PM, Bob Sneidar b...@twft.com wrote:
So, if a feature request or bug fix is implemented, do I get my votes back?
Bob
On Jun 15, 2012, at 1:02 PM,
Same with me
-Ursprüngliche Nachricht-
Von: use-livecode-boun...@lists.runrev.com [mailto:use-livecode-
boun...@lists.runrev.com] Im Auftrag von Mike Bonner
Gesendet: Mittwoch, 13. Juni 2012 00:04
An: How to use LiveCode
Betreff: Re: AW: ANN: GLX2 3.05
I still get it too, cache
Tiemo-
Thursday, June 14, 2012, 2:41:04 AM, you wrote:
Same with me
Well, the site *has* been cleaned and locked down, and I've requested
Google to review it again (thanks Mike). I looked at Google's report
this morning and it says Google has not detected any malware on this
site.
--
-Mark
I use that google thing too and still found code that wasn't mine and an
.irev file whose name was changed to a .php type.
I resorted to sorting files by date and scanning each one.
I hate this crap.
On Thu, Jun 14, 2012 at 8:34 AM, Mark Wieder mwie...@ahsoftware.net wrote:
Tiemo-
Thursday,
On 6/14/12 2:28 PM, stephen barncard wrote:
I use that google thing too and still found code that wasn't mine and an
.irev file whose name was changed to a .php type.
I resorted to sorting files by date and scanning each one.
I hate this crap.
How does this stuff happen? Does a site require
I think it is immune, until someone gets in the front door. Then all bets are
off. I had an ex-employee who was able to hack into the database of most PHP
enabled sites, because people who set them up do not know how to harden them.
He demonstrated this on more than one occasion. Others have
which of course necessitates this link be repeated:
LITTLE BOBBY TABLES http://xkcd.com/327/
On Thu, Jun 14, 2012 at 2:09 PM, Bob Sneidar b...@twft.com wrote:
I think it is immune, until someone gets in the front door. Then all bets
are off. I had an ex-employee who was able to hack into
stephen-
Thursday, June 14, 2012, 12:28:27 PM, you wrote:
I use that google thing too and still found code that wasn't mine and an
.irev file whose name was changed to a .php type.
??? What possible good would changing the filetype be? Fortunately all
my .irev files are in cgi-bin lockers or
Jacque-
Thursday, June 14, 2012, 1:53:51 PM, you wrote:
How does this stuff happen? Does a site require php or wordpress or
something for the hack to work? I thought an irev page was immune.
Well, I remember there *was* a security breach at on-rev a while back.
I didn't think much of it at
On Thu, Jun 14, 2012 at 10:20 PM, Mark Wieder mwie...@ahsoftware.netwrote:
??? What possible good would changing the filetype be? Fortunately all
my .irev files are in cgi-bin lockers or otherwise inocuous, but I
can't imagine why someone would program a bot to change a non-php file
to a php
these guys would pack a string of URLEncoded PHP code with no white space
into a global, then decode and call it. It was usually placed at the bottom
of one's document.
sqb
On Thu, Jun 14, 2012 at 6:39 PM, Andre Garzia an...@andregarzia.com wrote:
On Thu, Jun 14, 2012 at 10:20 PM, Mark Wieder
On 6/14/12 8:58 PM, stephen barncard wrote:
these guys would pack a string of URLEncoded PHP code with no white space
into a global, then decode and call it. It was usually placed at the bottom
of one's document.
It's still not clear to me how they did this.
The security snafu was a year ago
Jacque,
This usually happens once one of two things happens:
1 - you have a compromissed FTP account. Maybe one collaborator lost your
FTP account or an infected machine is harvesting them from your HD (more
common on windows). Something caused the FTP account to be compromissed,
after that the
Thanks Andre, that helps. I think I'm safe.
I'll keep the filetype function around for the future though. That's a
nice thing to know about.
On 6/14/12 10:46 PM, Andre Garzia wrote:
Jacque,
This usually happens once one of two things happens:
1 - you have a compromissed FTP account. Maybe
Andre-
Looking over my logs last week I discovered that it came in via ftp. I
have always had anonymous ftp disabled, so it's not that. Three
separate attacks from different ip addresses on different days, each
one the same code injection of a javascript iframe block within a
container of
20 matches
Mail list logo
