Re^2: perldoc.pl - An alternative to perldoc.perl.org
by Your Mother (Archbishop) on Jun 25, 2018 at 18:21 UTC
|
Well, I mean, it's a dot pl. It's clearly an unknown executable at the very domain level! The hackers are getting cagey.
This reminds me of the CC fraud software that let me buy a very expensive TV from an outlet across the country without question but flagged my purchase of an ice cream cone a few blocks from my house as fraud.
| [reply] |
|
When I worked at a bank, we weren't able to check the nearest pub's daily menu on the web, as they used Wordpress to create the pages, and the daily menu was uploaded to the upload/ folder, which was blacklisted by the bank. I had to file a request to whitelist the given page, and renew it every quarter.
($q=q:Sq=~/;[c](.)(.)/;chr(-||-|5+lengthSq)`"S|oS2"`map{chr |+ord
}map{substrSq`S_+|`|}3E|-|`7**2-3:)=~y+S|`+$1,++print+eval$q,q,a,
| [reply] [d/l] [select] |
Re^2: perldoc.pl - An alternative to perldoc.perl.org
by marto (Cardinal) on Jun 25, 2018 at 18:21 UTC
|
Well spotted! Looks like the IP it resolves to may have been used for suspected shenanigans in the past. I'll feed this back.
Update: Well, that seemed like a copy/paste fail, missing the leading digit. I'll do some more digging when I'm in a position to setup OpenDNS here, and test the domain.
| [reply] |
Re^2: perldoc.pl - An alternative to perldoc.perl.org
by marto (Cardinal) on Jun 28, 2018 at 14:35 UTC
|
Sorry for the late follow up, I've been unable to get this to flag as malware on opendns, using their servers and the nslookup check. Is this still the case for you?
| [reply] |
|
Thank you for trying. Yes, it still comes up as malware when I check. Going via the web, I get the same "blocked" message, diagnostic details below. Using nslookup, perldoc.pl resolves to 146.112.61.107, which is hit-malware.opendns.com.
ACType | 0 |
Block Type | security |
Bundle ID | 668539 |
Domain Tagging | - |
Host | malware.opendns.com |
IP Address | 8.46.40.253 |
Org ID | 2254635 |
Origin ID | 98429921 |
Prefs | - |
Query | url=perldoc.pl&server=ash24&prefs=&tagging=&nref |
Server | ash24 |
Time | 2018-07-02 14:47:37.242653379 +0000 UTC m=+2406521.020016419 |
I reckon we are the only monastery ever to have a dungeon stuffed with 16 ,000 zombies.
| [reply] |
|
Well that's weird. My results are below and when I try the 'report an incorrect block' link it tells me 'We were unable to send your message'.
- ACType
- 0
- Block Type
- security
- Bundle ID
- -
- Domain Tagging
- -
- Host
- malware.opendns.com
- IP Address
- 82.132.231.156
- Org ID
- 0
- Origin ID
- 0
- Prefs
- -
- Query
- url=perldoc.pl
- Server
- -
- Time
- 2018-07-02 15:10:38.253410102 +0000 UTC m=+2395321.279584930
Update: On the grounds that the automated method didn't submit the form, I've gone through their 'contact us' page.
| [reply] |
|
|
|
|