Forwarded
Update from the National Coordinator -
.....
MAKtranscriber
WoodCoWI CC
http://www.rootsweb.com/~wiwood
PortageCoWI CC
http://www.rootsweb.com/~wiportag
MonroeCoWI CC
http://www.rootsweb.com/~wimonroe
WIGenWeb ASC
http://wigenweb.org/
....
----- Forwarded Message ----
From: Sherri <ldrbelties(a)earthlink.net>
To: board(a)rootsweb.com; state-coord(a)rootsweb.com; usgenweb-all(a)rootsweb.com;
usgenweb-discuss(a)rootsweb.com
Sent: Sunday, September 13, 2009 7:12:04 PM
Subject: [STATE-COORD] Update
An update for you on the status of the hacker's attacks -
We are continuing to work through each and every file on the USGenWeb
National site and other sites that have been hit by the hacker over the last
couple of days (there were five states that the attacks seemed to be
concentrated on). We believe we've found and removed all of the files that
he/she had infected with a snippet of code that are the basis of many of the
anti-virus program warnings you're seeing. Nevertheless, we're continuing
to go through each and every file to ensure that we've removed every trace.
These attacks have been on files on the server itself. Unless you've
actually downloaded an infected file in the past couple of days, it's very
unlikely that your computer's security has been affected. Even then, the
hacker just put a link into a frame that took the viewer to a site that was
known to be a hacker's heaven. All of the changes were done only on the
server. If you've been uploading files from your PC to the server, it's
very, very unlikely that you've got a security problem - at least from only
connecting to the server.
The reports that we've received today from folks about warnings from their
anti-virus software seem to be from those who have cached versions of the
infected pages that they're actually viewing. If you refresh the page, the
virus warning is usually disappearing. It will take a bit of time for the
anti-virus software to catch up - especially if the cached pages haven't
been deleted and are being viewed again.
As I said, we're continuing to make our way through (often for the third or
fourth or tenth time) to ensure that we've removed every trace of the
hacker's attack. Once we're confident our sites are no longer infected,
we'll contact Google and have them revisit the site so their warning can be
lifted. We don't want to do that until we're sure things have been squared
away, though, because the more times they visit and find an infected site,
the higher the number of visits when infected and the worse the rating we'll
end up with in the long run.
Thanks,
Sherri Bradley
National Coordinator
USGenWeb Project
http://usgenweb.org
-------------------------------
To unsubscribe from the list, please send an email to STATE-COORD-request(a)rootsweb.com
with the word 'unsubscribe' without the quotes in the subject and the body of the
message