[Web4lib] random link replacements

John Fereira jaf30 at cornell.edu
Tue Sep 5 18:08:37 EDT 2006 

At 03:53 PM 9/5/2006, Courtney Stephens wrote:
>We use Dreamweaver, but no CMS.  AFIK, there are only 3 people who are
>allowed to edit - me, the reference librarian (who pointed out the problem)
>and the tech guy.   Possibly, there is one other librarian allowed to edit
>(the head of TS), but she doesn't generally do anything to the website.
>She's more concerned with the OPAC.

Shared passwords?


>We run an Apache server, but I don't know what kind of security it has on it
>as a whole.  The website is password protected, though.
>
>The problem is localized to one folder, and replaces only one phrase -
>teach.belmont.edu:2048? - with www.apple.com.  It replaces things at random,
>and just because they are wrong on one page does not mean they have been
>changed on another.  I have never seen anything like this happen before.

Have you tried different browsers to see if you get the same 
behavior?   'I've seen routers set up to intercept HTTP requests and 
randomly forward to a vendor page.  I've got one at home that all of 
sudden started intercepting requests (doesn't matter which site 
you're going to) such that it goes to the vendors page which sells 
the router.  The page "offers" an add-on product and suggest a 
firmware upgrade.  I tried downloading the upgrade once and it blew 
away my configuration.  I'll never buy another product from that 
company again.

A similar behavior that you may have seen manifests itself when 
trying to access a site that has a domain name that isn't 
valid.  It'll often bring up a site which sells domain names similar 
to the one you've tried to access.  Occasionally, when the network is 
busy a DNS timeout will result in render one of these sites even when 
a valid domain was used.


>~Courtney S.
>
>On 9/5/06, Tyson Tate <tysontate at gmail.com> wrote:
>>
>>Could you give us more information? What CMS or editing tools do you
>>use? What kind of security do you have on the pages (i.e. who's
>>allowed to edit it?).
>>
>>Most likely, it's being edited by someone who doesn't know what
>>they're doing. (Ok, let's not get in to the "gatekeeper" discussion
>>again! ;)
>>
>>-Tyson
>>
>>On 9/5/06, Courtney Stephens <court1824 at gmail.com> wrote:
>> > Has anyone ever had links randomly be replaced on their webpages?
>> >
>> > My library's website has had this happen 2x in the last month - our
>>proxy
>> > address is replaced with http://apple.com/ in random links on our
>>website.
>> > See this for examples: http://library.belmont.edu/SubGuides/english.html
>> >
>> > The tech guy claims it's not a virus.  Whatever it is, it's annoying....
>>and
>> > I'd appreciate any leads on how to get it to stop
>> >
>> > ~Courtney S.
>>_______________________________________________
>>Web4lib mailing list
>>Web4lib at webjunction.org
>>http://lists.webjunction.org/web4lib/
>_______________________________________________
>Web4lib mailing list
>Web4lib at webjunction.org
>http://lists.webjunction.org/web4lib/

John Fereira
jaf30 at cornell.edu
Ithaca, NY

More information about the Web4lib mailing list