?
Solved

Not abled to run my daughter's school website from work

Posted on 2008-10-22
23
Medium Priority
?
661 Views
Last Modified: 2013-12-08
Hello,

When I try to run my daughter's school website from work, Symantec endpoint will give the following message: Traffic from IP address ahas been stopped (for a 10 min period of timed 9:43AM to 9:53 AM). sid 23086 HTTP malicious toolkit variant activity detected.

Thank you
0
Comment
Question by:mbhf01
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 10
23 Comments
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22776665
I would suspect that there is an issue with the website in that some type of malware may be present on it.  I would contact the administrator for the site and get them to check their server for issues.  

Or you could potentially add it a safe zone list, but then run the risk of opening your system up to infection if it is indeed infected with malware.
0
 

Author Comment

by:mbhf01
ID: 22777661
I know the website is not infected.
It is using a link to U-tube, since there were a video to be run. So the Administrator has embedded it in U-tube then made a link to it.
0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22777958
If you're sure that it's a false positive from Symantec then you'll need to add it into your protected or safe sites list in the program.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:mbhf01
ID: 22785927
Now the website comes for 5 seconds and then it will show that error page, proposing other websites.

"Sorry, we couldn't find http://gate6k.info/t/%3F10133960e. Here are some related websites:"
0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22785946
What kind of response do you get if you ping the website?  Is your system actually going to the correct ip address?
0
 

Author Comment

by:mbhf01
ID: 22786429
When I ping the website's IP address, I receive a normal reply. if I try to to browse the website, it will come, then it would give the "Dell Search page" mentioned above. I am able to access the website from home with no problems.
0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22786687
What is the website in question?  I'd like to try it from here and see what I get.
0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22786709
Also what browser are you using to open the site and have you tried it in a different one?
0
 

Author Comment

by:mbhf01
ID: 22787044
www.alyaqeenacademy.org   IP address: 74.208.135.105
I am using IE7. I have also tried Mozilla
0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22787121
The site comes up fine for me.  Have you tried clearing your browser cache on each one?  I know it's the obvious question, but we're working through the process of elimination here.
0
 

Author Comment

by:mbhf01
ID: 22787936
I did.
I did also tried from different computers in the office and I am still having the same problem .
0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22787949
From what I can tell it's something that's tied into your network.  Are you using any kind of proxy or caching server there?  I'm suspecting that the page might be cached on this machine and that could be why it's resulting in the error coming up.
0
 

Author Comment

by:mbhf01
ID: 22788006
None of that
0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22788103
Have you done system scans for anti-virus and other malware?  If you're not caching any of the pages then it's either a setting in Symantec End-Point Security or there is something on your network that is not allowing you access to that site.  You might also want to try clearing the cache on your dns to see if the problem resides there.
0
 

Author Comment

by:mbhf01
ID: 22788979
I did clear the DNS cache, still it is not happening
0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22796174
Have you checked the logs in Symantec Endpoint to see what is happening when you go to the web page now?
0
 

Author Comment

by:mbhf01
ID: 22841336
Now I am back to square 1, Symantec Endpoint is blocking the site
0
 
LVL 1

Expert Comment

by:pjk00
ID: 23000870
That's the Symantec A/V blocking some sort of malicious material coming from that website.

I would not be so quick to assume there is nothing wrong with it - it's a school website, there are likely a bunch of people involved who are not that computer-savvy.  :-)

This appears to be something that is often related to an advertising network where someone slipped malware into the ad stream via one of the ad scripts.

http://www.symantec.com/business/security_response/attacksignatures/detail.jsp?asid=23086

0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 23003715
Seeing as how his resolution matched the first suggestion that I posted, I'd like to look at awarding points instead of just deleting the question.
0
 

Author Comment

by:mbhf01
ID: 23003799
With due respect, all suggestions that have been provided were obvious, should I have found them helpful, I would had assigned the awarding points.
0
 

Accepted Solution

by:
mbhf01 earned 0 total points
ID: 23006382
Hi,

I was in contact with the website developer before even I post the question. My purpose from asking the question was to find a solution from a development perspective.
The issue was that when the website developer registered the website with Google, they added a Javascript. The problem was resolved when he has removed that Javascript.


Thanks,
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In threads here at EE, each comment has a unique Identifier (ID). It is easy to get the full path for an ID via the right-click context menu. However, we often want to post a short link within a thread rather than the full link. This article shows a…
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question