You are not logged in.
- Topics: Active | Unanswered
#1 2013-06-16 10:12 pm
- zaphod
- Jägermonster
- From: USA
- Registered: 2008-11-22
- Posts: 2,985
- Website
ConfigServer.com's exploit scanner is misconfigured.
Currently, one, or several products from ConfigSever.com are identifying ZB Block's signatures.inc file as a known exploit. Their detection is based on content. I (zaphod, author of ZB Block) recommend at this time you do not use their product till this is resolved.
Their contact system for resolution of problems, is at best circumlocutory and requires registration on their forums to lodge a ticket... let's see if they will fix this problem.
Zap
Get Protected, Stay Protected...
With ZB Block, GNU/GPL Freeware Anti-Spam/Anti-Hack protection for your php based website.
Little boxes in the server farm, little boxes running php...
Offline
#2 2013-06-16 10:28 pm
- zaphod
- Jägermonster
- From: USA
- Registered: 2008-11-22
- Posts: 2,985
- Website
Re: ConfigServer.com's exploit scanner is misconfigured.
Just to keep you updated, here is my message to them:
Howdy,
I am Zaphod from SpambotSecurity . com (broken to avoid linking by zaphod). I have been distributing a GNU/GPL V2 security suite for PHP websites since 2008 named ZB Block.
As of June 1st, you had an update to either this script, or another, which began misidentifying the signatures.inc file of my script, as a known exploit. Since my script, and this file especially only works off pattern matching, and no acceptance of client input as safe, I do not see how this is.
This behavior of your script is harming users of my script.
Please either reply to me here, on my site's forum, via email, or you can even reach me on StopForumSpam . com's forums so we can resolve this expediently as possible.
Thanks,
Zaphod
Get Protected, Stay Protected...
With ZB Block, GNU/GPL Freeware Anti-Spam/Anti-Hack protection for your php based website.
Little boxes in the server farm, little boxes running php...
Offline
#3 2013-06-18 4:40 am
- zaphod
- Jägermonster
- From: USA
- Registered: 2008-11-22
- Posts: 2,985
- Website
Re: ConfigServer.com's exploit scanner is misconfigured.
Their reply to me:
Re: Your scanner is misidentifying a file.
Postby ForumAdmin » Mon Jun 17, 2013 1:40 am
Thank you for reporting this and we will investigate. In future, and for any future correspondence, please contact us through xxxxx@waytotheweb.com rather than these community forums.
My reply to them:
Re: Your scanner is misidentifying a file.
Postby zaphod » Mon Jun 17, 2013 1:14 pm
You bet, and thanks for looking into this.Zap
And their final response to me:
Re: Your scanner is misidentifying a file.
Postby ForumAdmin » Mon Jun 17, 2013 2:31 pm
The fix has been applied in the release we made of the cxs product today.
Beautifully run company.
Situation resolved.
If you use their product, update it, and carry on!
Zap
Get Protected, Stay Protected...
With ZB Block, GNU/GPL Freeware Anti-Spam/Anti-Hack protection for your php based website.
Little boxes in the server farm, little boxes running php...
Offline