Solved

Not abled to run my daughter's school website from work

Posted on 2008-10-22
23
656 Views
Last Modified: 2013-12-08
Hello,

When I try to run my daughter's school website from work, Symantec endpoint will give the following message: Traffic from IP address ahas been stopped (for a 10 min period of timed 9:43AM to 9:53 AM). sid 23086 HTTP malicious toolkit variant activity detected.

Thank you
0
Comment
Question by:mbhf01
  • 10
  • 10
23 Comments
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22776665
I would suspect that there is an issue with the website in that some type of malware may be present on it.  I would contact the administrator for the site and get them to check their server for issues.  

Or you could potentially add it a safe zone list, but then run the risk of opening your system up to infection if it is indeed infected with malware.
0
 

Author Comment

by:mbhf01
ID: 22777661
I know the website is not infected.
It is using a link to U-tube, since there were a video to be run. So the Administrator has embedded it in U-tube then made a link to it.
0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22777958
If you're sure that it's a false positive from Symantec then you'll need to add it into your protected or safe sites list in the program.
0
 

Author Comment

by:mbhf01
ID: 22785927
Now the website comes for 5 seconds and then it will show that error page, proposing other websites.

"Sorry, we couldn't find http://gate6k.info/t/%3F10133960e. Here are some related websites:"
0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22785946
What kind of response do you get if you ping the website?  Is your system actually going to the correct ip address?
0
 

Author Comment

by:mbhf01
ID: 22786429
When I ping the website's IP address, I receive a normal reply. if I try to to browse the website, it will come, then it would give the "Dell Search page" mentioned above. I am able to access the website from home with no problems.
0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22786687
What is the website in question?  I'd like to try it from here and see what I get.
0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22786709
Also what browser are you using to open the site and have you tried it in a different one?
0
 

Author Comment

by:mbhf01
ID: 22787044
www.alyaqeenacademy.org   IP address: 74.208.135.105
I am using IE7. I have also tried Mozilla
0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22787121
The site comes up fine for me.  Have you tried clearing your browser cache on each one?  I know it's the obvious question, but we're working through the process of elimination here.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:mbhf01
ID: 22787936
I did.
I did also tried from different computers in the office and I am still having the same problem .
0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22787949
From what I can tell it's something that's tied into your network.  Are you using any kind of proxy or caching server there?  I'm suspecting that the page might be cached on this machine and that could be why it's resulting in the error coming up.
0
 

Author Comment

by:mbhf01
ID: 22788006
None of that
0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22788103
Have you done system scans for anti-virus and other malware?  If you're not caching any of the pages then it's either a setting in Symantec End-Point Security or there is something on your network that is not allowing you access to that site.  You might also want to try clearing the cache on your dns to see if the problem resides there.
0
 

Author Comment

by:mbhf01
ID: 22788979
I did clear the DNS cache, still it is not happening
0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 22796174
Have you checked the logs in Symantec Endpoint to see what is happening when you go to the web page now?
0
 

Author Comment

by:mbhf01
ID: 22841336
Now I am back to square 1, Symantec Endpoint is blocking the site
0
 
LVL 1

Expert Comment

by:pjk00
ID: 23000870
That's the Symantec A/V blocking some sort of malicious material coming from that website.

I would not be so quick to assume there is nothing wrong with it - it's a school website, there are likely a bunch of people involved who are not that computer-savvy.  :-)

This appears to be something that is often related to an advertising network where someone slipped malware into the ad stream via one of the ad scripts.

http://www.symantec.com/business/security_response/attacksignatures/detail.jsp?asid=23086

0
 
LVL 1

Expert Comment

by:Gzzrt
ID: 23003715
Seeing as how his resolution matched the first suggestion that I posted, I'd like to look at awarding points instead of just deleting the question.
0
 

Author Comment

by:mbhf01
ID: 23003799
With due respect, all suggestions that have been provided were obvious, should I have found them helpful, I would had assigned the awarding points.
0
 

Accepted Solution

by:
mbhf01 earned 0 total points
ID: 23006382
Hi,

I was in contact with the website developer before even I post the question. My purpose from asking the question was to find a solution from a development perspective.
The issue was that when the website developer registered the website with Google, they added a Javascript. The problem was resolved when he has removed that Javascript.


Thanks,
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now