Hello, when I open http://umap.openstreetmap.fr/de/map/2016-06-24-seehamersee-7km_91831#6/51.000/2.000 ,then "eset nod32 antivirus 9"says:

The adress has been locked. URL: http://atile.opentopomap.org/12/2192/1444.png IP-Adress: 131.188.76.144

This message may have up to 100 part Messages,each per xxxx.png and the "eset anti virus" does not show the map. Is there a virus or is it a mistake of "eset anti virus" ? Thx in advancefor your help. Josef alias osmwichtel

asked 19 Aug '16, 19:15

osmwichtel's gravatar image

osmwichtel
1679
accept rate: 0%

closed 08 Sep '16, 06:48

aseerel4c26's gravatar image

aseerel4c26 ♦
32.2k16241552

The question has been closed for the following reason "Problem is outdated - summary by best guess: in the meantime ESET have changed their classification and likely there never was a problem with the site." by aseerel4c26 08 Sep '16, 06:48


No, I doubt that opentopomap is malicious. Especially not the PNG map images (that would need a big security hole in your browser/OS graphics library to be possible) which are loaded on your umap. Yes, so, I think this is a mistake of ESET.

Details:
Yes, ESET currently reports this site as "Malware site" - see https://www.virustotal.com/de/url/b61c54f47be2087dce1bd1659047e5506af757eb9c2b93af850e66e39bdc62b3/analysis/1471636694/ . No other of the 68 scanners at this scanner comparison site does so. In fact ESET categorizes the whole opentopomap site as "Malware site" - see https://www.virustotal.com/de/url/b71976f85ec657d2859ed12a2bd2ebb045b0339954c78b6c3e38d5d7fdefa19f/analysis/1471636840/ .

I could not see calls to third party resources by the opentopomap website (which often happens for infected sites).

I have written the opentopomap developer derstefan an osm message, asking if he is aware of any recent issues.

Update: now ESET changed its assessment of http://opentopomap.org/ into "clean" - see https://www.virustotal.com/de/url/b71976f85ec657d2859ed12a2bd2ebb045b0339954c78b6c3e38d5d7fdefa19f/analysis/

permanent link

answered 19 Aug '16, 21:06

aseerel4c26's gravatar image

aseerel4c26 ♦
32.2k16241552
accept rate: 18%

edited 08 Sep '16, 06:44

I can't tell why ESET thinks it is a malware site. We don't have any external scripts and don't have the interest to track the users. And because we don't have any commercial interests, I don't care too much if some users are blocked by their anti-malware software - as long as there is no issue...

Is it possible to get a more detailed report by ESET somehow?

The only possible issue could be our Let's Encrypt SSL certificate.

permanent link

answered 19 Aug '16, 22:13

derstefan's gravatar image

derstefan
19313
accept rate: 0%

in principle it could be that someone hacked into your server and injected malicious code into your html and js files. But as long as only ESET thinks there is some (whatever "Malware") problem, I would not be too concerned about this.

(19 Aug '16, 23:23) aseerel4c26 ♦

Hello aseerel4c26 and derstefan, thx for your hints.

Is it possible to get a more detailed report by ESET somehow?

No, I have no more detailed informations reported by eset. What I did: I changed my local eset configuration. The IP of opentopomap.org will never checked by my local eset.

Josef alias osmwichtel

---Problem solved---

permanent link

answered 20 Aug '16, 10:09

osmwichtel's gravatar image

osmwichtel
1679
accept rate: 0%

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×8
×2
×1

question asked: 19 Aug '16, 19:15

question was seen: 2,115 times

last updated: 08 Sep '16, 06:48

powered by OSQA