Java-Gaming.org    
Featured games (79)
games approved by the League of Dukes
Games in Showcase (476)
Games in Android Showcase (106)
games submitted by our members
Games in WIP (530)
games currently in development
News: Read the Java Gaming Resources, or peek at the official Java tutorials
 
    Home     Help   Search   Login   Register   
Pages: [1]
  ignore  |  Print  
  I think there's some XSS injections on JGO  (Read 856 times)
0 Members and 1 Guest are viewing this topic.
Offline Xemdo

Senior Newbie


Medals: 1
Exp: 2 years



« Posted 2014-07-04 22:58:14 »

This happens every time I load a page on this site:


Along with that there is a weird Russian site that also pops up in TCPView when I go to this site:

Although that might be something regarding the ad pictures or the latest projects, but I have no idea how those work.

My assumptions that it's JavaScript come from the fact that this only happens on java-gaming.org and no other sites and that Malwarebytes said the connection was outbound.
Online Riven
« League of Dukes »

JGO Overlord


Medals: 742
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #1 - Posted 2014-07-05 11:17:56 »

Well, it's to be expected the connection is outbound: it's the browser downloading an image -  to be exact: this image:

http://trashbox.ru/files/239477_62afc8/device-2014-07-01-204402.png

from this thread - displayed in the sidebar:
http://www.java-gaming.org/topics/iconified/33739/view.html

You get a notification because somebody might be (or was, at some point in time) hosting malware on that domain - which is to be expected on a site that allows uploading arbitrary content.

That doesn't mean loading a image from said domain is unsafe.

Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Offline princec

JGO Kernel


Medals: 339
Projects: 3
Exp: 16 years


Eh? Who? What? ... Me?


« Reply #2 - Posted 2014-07-05 11:25:40 »

Once again so called "anti-malware" ends up causing scares, paranoia, false positives, and generally being useless and more harm than good  Emo

Seriously.... everyone. Just stick to MSSE.

Cas Smiley

Games published by our own members! Check 'em out!
Legends of Yore - The Casual Retro Roguelike
Offline PandaMoniumHUN
« Reply #3 - Posted 2014-07-05 12:31:41 »

Seriously.... everyone. Just stick to MSSE.
Back then, when I was working for a game server/vpn hosting company we did multiple tests out of curiosity to compare anti-virus softwares and MSSE is one of the worst.
Seriously, it didn't detect half of the harmful stuff we threw at it. It was okay-ish once, but not anymore.
I've been using Avast on my PC for a few months now and it seems to get the job done, although it's not the most robust AV out there either but in exchange it's free and it's out of the way with relatively low CPU/memory usage. Smiley

Offline princec

JGO Kernel


Medals: 339
Projects: 3
Exp: 16 years


Eh? Who? What? ... Me?


« Reply #4 - Posted 2014-07-05 12:53:48 »

IMHO it still is. False positives remain the biggest threat to usability after the main problem of grinding your machine to a halt, and MSSE does very well when you look at those two factors.

Cas Smiley

Offline ra4king

JGO Kernel


Medals: 336
Projects: 2
Exp: 5 years


I'm the King!


« Reply #5 - Posted 2014-07-20 15:05:02 »

I used to advocate for MSSE, but after the recent poor ratings, I switched to Avast, set up daily quick scan and weekly full scans, and set it to silent. I've never had any false positives and have had no issues with it.

Offline Slyth2727
« Reply #6 - Posted 2014-07-20 18:45:57 »

I just uninstalled avast for malwarebytes. Even when I set Avast to silent mode or whatever it still annoyed the shit out of me, being completely anal whenever I went to a lot of websites. Simply doing research was getting impossible because the thing was blocking everything.
This is why I use Arch  Roll Eyes

Was I before Chuang Tzu who dreamt about being a butterfly, or am I now a butterfly who dreams about being Chuang Tzu?
Pages: [1]
  ignore  |  Print  
 
 

 

Add your game by posting it in the WIP section,
or publish it in Showcase.

The first screenshot will be displayed as a thumbnail.

pw (12 views)
2014-07-24 01:59:36

Riven (10 views)
2014-07-23 21:16:32

Riven (11 views)
2014-07-23 21:07:15

Riven (12 views)
2014-07-23 20:56:16

ctomni231 (43 views)
2014-07-18 06:55:21

Zero Volt (38 views)
2014-07-17 23:47:54

danieldean (32 views)
2014-07-17 23:41:23

MustardPeter (34 views)
2014-07-16 23:30:00

Cero (50 views)
2014-07-16 00:42:17

Riven (50 views)
2014-07-14 18:02:53
HotSpot Options
by dleskov
2014-07-08 03:59:08

Java and Game Development Tutorials
by SwordsMiner
2014-06-14 00:58:24

Java and Game Development Tutorials
by SwordsMiner
2014-06-14 00:47:22

How do I start Java Game Development?
by ra4king
2014-05-17 11:13:37

HotSpot Options
by Roquen
2014-05-15 09:59:54

HotSpot Options
by Roquen
2014-05-06 15:03:10

Escape Analysis
by Roquen
2014-04-29 22:16:43

Experimental Toys
by Roquen
2014-04-28 13:24:22
java-gaming.org is not responsible for the content posted by its members, including references to external websites, and other references that may or may not have a relation with our primarily gaming and game production oriented community. inquiries and complaints can be sent via email to the info‑account of the company managing the website of java‑gaming.org
Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines | Managed by Enhanced Four Valid XHTML 1.0! Valid CSS!