Monash server out of action
8 views
Skip to first unread message
Jim Breen
Sep 11, 2021, 12:16:10 AM9/11/21
to edict-...@googlegroups.com
Just a heads-up that the Monash wwwjdic, etc. server is not
accessible. All going well it should be back early next week.
Some bright spark went to the text glossing page (equiv. of
https://www.edrdg.org/cgi-bin/wwwjdic/wwwjdic?9T) and put the URL of a
known Russian hacking site into the second option. The outgoing (wget)
call to that address triggered Monash's hyper-sensitive CyberWarfare
sniffers, so the server is off the air to people outside the VPN until
there's an all-clear.
Jim
--
Jim Breen
Adjunct Snr Research Fellow, Japanese Studies Centre, Monash University
http://www.jimbreen.org/
http://nihongo.monash.edu/
accessible. All going well it should be back early next week.
Some bright spark went to the text glossing page (equiv. of
https://www.edrdg.org/cgi-bin/wwwjdic/wwwjdic?9T) and put the URL of a
known Russian hacking site into the second option. The outgoing (wget)
call to that address triggered Monash's hyper-sensitive CyberWarfare
sniffers, so the server is off the air to people outside the VPN until
there's an all-clear.
Jim
--
Jim Breen
Adjunct Snr Research Fellow, Japanese Studies Centre, Monash University
http://www.jimbreen.org/
http://nihongo.monash.edu/
Jim Breen
Sep 11, 2021, 12:39:59 AM9/11/21
to edict-...@googlegroups.com
While I'm at it, I plan to disable that URL-based text-glossing
option. It's not used very much and it's not worth the hassle if it's
causing security alarms. I think it's safe, but the Caesar's Wife
principle applies.
Jim
option. It's not used very much and it's not worth the hassle if it's
causing security alarms. I think it's safe, but the Caesar's Wife
principle applies.
Jim
Jim Breen
Sep 14, 2021, 7:30:04 AM9/14/21
to edict-...@googlegroups.com
The Monash WWWJDIC server is back now.
Although I was able to clear the initial problem with the security
people there, they ran a test over the site which pinged several
executable program files as "high probability of being malicious".
They were all small utilities written in C and quite harmless. The
common element was that they'd all been compiled some years ago. The
problem went away when I recompiled them. I think the (commercial)
security scanning software, which uses machine learning, had probably
been trained on programs that had been compiled around the same time
and was picking up the signature of various library routines. All a
bit creepy.
Cheers
Although I was able to clear the initial problem with the security
people there, they ran a test over the site which pinged several
executable program files as "high probability of being malicious".
They were all small utilities written in C and quite harmless. The
common element was that they'd all been compiled some years ago. The
problem went away when I recompiled them. I think the (commercial)
security scanning software, which uses machine learning, had probably
been trained on programs that had been compiled around the same time
and was picking up the signature of various library routines. All a
bit creepy.
Cheers
Reply all
Reply to author
Forward
0 new messages