Warning! Dangerous site! |
Warning! Dangerous site! |
Brian Chandler |
Jun 30 2021, 04:35 AM
Post
#1
|
Jocular coder Group: Members Posts: 2,476 Joined: 31-August 06 Member No.: 43 |
Here's an entry from my error log:
2021.06.30@1524 JST *** 404 /api.php?key=1 from http://216.92.213.57/api.php?key=1 Googlebot/2.1 (+http://www.google.com/bot.html) (Meaning: missing file /api.php?key=1; refer®er was 216...) Fairly obviously this is some kind of hack, but I wondered what the numeric IP address was. So it pasted it in, and Firefox went into a convulsion: cannot verify certificate etc etc, hackers, damage your computer, bank account, spontaneous combustion, the lot. I persisted in taking the RISK, and looked at http://216.92.213.57 - ha! It's my own site, imaginatorium.com. Since access to the website (imaginatorium.com) works without problem, how could the "certification" be any different using the numeric address? I admit I do not understand this stuff, but most explanations seem to start with logical confusion, then go downhill. Suppose I click a link to a site whose owners I do not know (most links, of course); what dangers could befall me if the page does not have a valid https certificate, which could not befall me if it did?? |
Brian Chandler |
Jun 30 2021, 04:39 AM
Post
#2
|
Jocular coder Group: Members Posts: 2,476 Joined: 31-August 06 Member No.: 43 |
Here's an entry from my error log:
2021.06.30@1524 JST *** 404 /api.php?key=1 from http://216.92.213.57/api.php?key=1 Googlebot/2.1 (+http://www.google.com/bot.html) (Meaning: missing file /api.php?key=1; refer(r*)er was 216...) Fairly obviously this is some kind of hack, but I wondered what the numeric IP address was. So it pasted it in, and Firefox went into a convulsion: cannot verify certificate etc etc, hackers, damage your computer, bank account, spontaneous combustion, the lot. I persisted in taking the RISK, and looked at http://216.92.213.57 - ha! It's my own site, imaginatorium.com. Since access to the website (imaginatorium.com) works without problem, how could the "certification" be any different using the numeric address? I admit I do not understand this stuff, but most explanations seem to start with logical confusion, then go downhill. Suppose I click a link to a site whose owners I do not know (most links, of course); what dangers could befall me if the page does not have a valid https certificate, which could not befall me if it did?? * the person who wrote this forum software is a f*cking moron |
Christian J |
Jun 30 2021, 02:31 PM
Post
#3
|
. Group: WDG Moderators Posts: 9,722 Joined: 10-August 06 Member No.: 7 |
Since access to the website (imaginatorium.com) works without problem, how could the "certification" be any different using the numeric address? Seems the certificates only apply to either IP or domain name, if I understood this correct: https://stackoverflow.com/questions/310003/...ers-domain-name QUOTE Suppose I click a link to a site whose owners I do not know (most links, of course); what dangers could befall me if the page does not have a valid https certificate, which could not befall me if it did?? I suppose the traffic may not be encrypted, despite using HTTPS, and the traffic can be actively listened in on or maybe modified. |
Brian Chandler |
Jul 1 2021, 11:23 AM
Post
#4
|
Jocular coder Group: Members Posts: 2,476 Joined: 31-August 06 Member No.: 43 |
Since access to the website (imaginatorium.com) works without problem, how could the "certification" be any different using the numeric address? Seems the certificates only apply to either IP or domain name, if I understood this correct: https://stackoverflow.com/questions/310003/...ers-domain-name Thanks Christian. I got the same answer from my nephew, who is pretty much up on this sort of thing. So that's OK... QUOTE QUOTE Suppose I click a link to a site whose owners I do not know (most links, of course); what dangers could befall me if the page does not have a valid https certificate, which could not befall me if it did?? I suppose the traffic may not be encrypted, despite using HTTPS, and the traffic can be actively listened in on or maybe modified. So it seems to be ludicrously exaggerated, given that this DANGEROUS! state of affairs is exactly what we were all doing all the time 10 years ago. |
Christian J |
Jul 1 2021, 02:24 PM
Post
#5
|
. Group: WDG Moderators Posts: 9,722 Joined: 10-August 06 Member No.: 7 |
So it seems to be ludicrously exaggerated, given that this DANGEROUS! state of affairs is exactly what we were all doing all the time 10 years ago. If the certificate failure is unintentional, yes (though we usually didn't do credit card payments on those unencrypted pages). But I suppose it could also be a sign of a man-in-the-middle-attack. |
Lo-Fi Version | Time is now: 5th October 2024 - 08:16 AM |