[IRP] site compromise (was FW: EU selects ICT sector for study on implementing corporate responsibility to respect human rights)

Cedric Knight, GreenNet cedric
Fri Feb 17 19:00:15 EET 2012 

Hi Dixie

FYI it's a Drupal site, not WordPress (although WP indeed does have
security holes like
http://markmaunder.com/2011/08/01/zero-day-vulnerability-in-many-wordpress-themes/).


The site shows a page of mostly pharmaceutical spam links to search
engines like Google and Yahoo but not to most users.  Drupal is usually
very secure, so you may want to look at which modules the site is using
and whether they need upgrading, and possible database server and
phpmyadmin security.  GreenNet does a lot of Drupal development and
we're only upstairs, so if you get stuck I hope we can offer a bit of
help (or copy in cedric at gn.apc.org).  I've seen cracks like this before
on other sites, but not ones GreenNet hosts.

You might also find the following link useful to tell you when you've
got it fixed.

http://sitecheck.sucuri.net/results/http://internetrightsandprinciples.org/

-- 
All best wishes,

Cedric Knight
GreenNet

GreenNet supports and promotes groups and individuals working for
peace, human rights and the environment through the use of
information and communication technologies.

GreenNet, Development House, 56-64 Leonard Street, London EC2A 4LT
Tel: UK 0845 055 4011 (Intl +44) 20 7065 0935 Fax: 020 7065 0936
Registered in England No. 02070438 VAT Reg GB 473 0262 65



On 17/02/12 16:09, Dixie Hawtin wrote:
> Many thanks Marcin!
> 
>  
> 
> The website has changed hands many times since it was created ? so I
> think the necessary admin rights etc. are split between Robert Bodle,
> Robert Guerra and Max Senges ? will write an email to you all offlist.
> 
>  
> 
> Best,
> 
> Dixie
> 
>  
> 
> *From:*Marcin de Kaminski [mailto:marcin.dekaminski at gmail.com]
> *Sent:* 17 February 2012 16:02
> *To:* Dixie Hawtin
> *Cc:* irp at lists.internetrightsandprinciples.org
> *Subject:* Re: [IRP] EU selects ICT sector for study on implementing
> corporate responsibility to respect human rights
> 
>  
> 
> This is a for the moment quite common WordPress hack that is trying to
> promote viagra sites. If not anyone get to this before me I can find
> info on how to tackle this when my kids have gone to bed.
> 
> Who is in charge of the site atm? Robert Bodle, right? Should we connect
> offlist?
> 
> /Marcin
> 
> Den 17 feb 2012 16:54 skrev "Dixie Hawtin" <Dixie at global-partners.co.uk
> <mailto:Dixie at global-partners.co.uk>>:
> 
> I also wanted to make an appeal for help ? the IRP website
> (http://internetrightsandprinciples.org/) has been compromised ? if you
> type Internet Rights and Principles in to Google the link which comes up
> is labelled as being about discounted Viagra. I?m not sure how to tackle
> this, can anyone help?
> 
>  
> 
> Thanks! Dixie
> 
>  
> 
> *From:*irp-bounces at lists.internetrightsandprinciples.org
> <mailto:irp-bounces at lists.internetrightsandprinciples.org>
> [mailto:irp-bounces at lists.internetrightsandprinciples.org
> <mailto:irp-bounces at lists.internetrightsandprinciples.org>] *On Behalf
> Of *Dixie Hawtin
> *Sent:* 17 February 2012 15:36
> *To:* Matthias C. Kettemann; irp at lists.internetrightsandprinciples.org
> <mailto:irp at lists.internetrightsandprinciples.org>
> *Subject:* Re: [IRP] EU selects ICT sector for study on implementing
> corporate responsibility to respect human rights
> 
>  
> 
> Well done Joy! That?s great news. Is there any information about how and
> when we should be submitting input?
> 
>  
> 
> There has been much information about SOPA and ACTA lately, but less
> about the Trans-Pacific Partnership (TPP) which seems to be coming to
> the fore as the sharpest edges are removed from ACTA. A very informative
> blogpost about the TPP is here:
> http://www.technollama.co.uk/tpp-welcome-to-the-global-war-on-intermediaries?utm_source=rss&utm_medium=rss&utm_campaign=tpp-welcome-to-the-global-war-on-intermediaries
> <http://www.technollama.co.uk/tpp-welcome-to-the-global-war-on-intermediaries?utm_source=rss&utm_medium=rss&utm_campaign=tpp-welcome-to-the-global-war-on-intermediaries>
> 
>  
> 
> And here is a very important statement from Viviane Reding on freedom of
> expression and information via the Internet, attempts to block websites,
> "three-strikes-laws", and ACTA (with some really nice quotable bits!)
> http://ec.europa.eu/commission_2010-2014/reding/pdf/quote_statement_en.pdf
> 
>  
> 
> As for the IDRC, I agree that it would be good to join efforts and we
> would be extremely happy to have more members! I want to reiterate the
> IRP is an open platform and anyone should free to use the network to
> discuss issues or promote initiatives for human rights on the Internet ?
> Matthias and I are (or try to be) facilitators not gatekeepers.
> 
>  
> 
> Very best,
> 
> Dixie
> 
>  
> 
> *From:*irp-bounces at lists.internetrightsandprinciples.org
> <mailto:irp-bounces at lists.internetrightsandprinciples.org>
> [mailto:irp-bounces at lists.internetrightsandprinciples.org] *On Behalf Of
> *Matthias C. Kettemann
> *Sent:* 16 February 2012 08:02
> *To:* irp at lists.internetrightsandprinciples.org
> <mailto:irp at lists.internetrightsandprinciples.org>
> *Subject:* [IRP] EU selects ICT sector for study on implementing
> corporate responsibility to respect human rights
> 
>  
> 
> Dear IRPers,
> 
> Joy has just forwarded me a message from the EU Commission saying that
> they have selected the ICT sector to be one of those to be looked at in
> their study series on implementing corporate responsibility to respect
> human rights. If you remeber, Joy was kind enough to support this choice
> on behalf of the IRP Coalition with a paper outlining the HR dimension
> of the ICT sector.
> 
> Kudos to her and let's think about how we can provide input for the
> Commission.
> 
> Kind regards
> 
> Matthias
> 
> 
> 
> --
> 
> *From:* EU Sector Guidance [mailto:sectorguidance at ihrb.org]
> 
> *Sent:*Thursday, 16 February 2012 12:05 a.m.
> *To:* undisclosed-recipients:
> *Subject:* Thank you for your suggestions
> 
>  
> 
> Dear Respondent, 
> 
> Thank you again for taking the time to participate in the sector
> selection consultation for the European Commission's project to develop 
> guidance on implementing the corporate responsibility to respect human
> rights.  The submissions received were reviewed carefully and played an
> important part in the IHRB and Shift Project Team's analysis.   
> 
> We would like to inform you that the sectors selected by the Commission
> were the:  *Employment & Recruitment Agencies *sector; the *Information
> & Communications Technology* sector; and the *Oil & Gas *sector.  The
> sectors were selected by the Commission following a rigorous sector
> analysis of sectors by the Project Team according to the publicly
> available criteria.   You can read further details of the Commission's
> decision on their website
> <http://ec.europa.eu/enterprise/newsroom/cf/newsbytheme.cfm?displayType=news&lang=en&tpa_id=0>,
> as well as on the new Project website: www.ihrb.org/EUSectorGuidance
> <http://www.ihrb.org/EUSectorGuidance>.
> 
> Together, the sectors face a wide range of significant human rights
> challenges that could benefit from detailed guidance focused on the
> corporate responsibility to respect human rights. Guidance to be
> developed under the project will also have added value to businesses
> from other sectors facing similar human rights related issues.  The
> guidance developed through this project will be based on the UN Guiding
> Principles on Business and Human Rights, applying those principles to
> the particular context and challenges of each of the three selected
> sectors. To be consistent with the UN Guiding Principles, the guidance
> will address the full range of rights that enterprises could be most at
> risk of harming.
> 
> Extensive consultations with all concerned stakeholder groups are
> planned as part of the project process, and the Project Team is
> coordinating this process on behalf of the European Commission.  Any
> comments or questions in relation to the project can be sent
> to sectorguidance at ihrb.org <mailto:sectorguidance at ihrb.org>.  Updates on
> the project, including drafts of relevant documents, will be posted to
> the Project website <http://www.ihrb.org/EUSectorGuidance> as they occur.
> 
>  
> 
> With kind regards,
> The Project Team
> 
>  
> 
> Mag. iur. Matthias C. Kettemann, LL.M. (Harvard)
> 
> Teaching and Research Fellow
> 
>  
> 
> Institute of International Law and International Relations
> 
> University of Graz
> 
>  
> 
> Universit?tsstra?e 15/A4, 8010 Graz, Austria
> 
>  
> 
> T | +43 316 380 6711 <tel:%2B43%20316%20380%206711> (office)
> 
> M | +43 676 701 7175 <tel:%2B43%20676%20701%207175> (mobile)
> 
> F | +43 316 380 9455 <tel:%2B43%20316%20380%209455>
> 
> E | matthias.kettemann at uni-graz.at <mailto:matthias.kettemann at uni-graz.at>
> 
> Blog | internationallawandtheinternet.blogspot.com <http://internationallawandtheinternet.blogspot.com>
> 
 http://lists.internetrightsandprinciples.org/listinfo.cgi/irp-internetrightsandprinciples.org

More information about the IRP mailing list