Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: https MITM attack via user page
Special Forums Cybersecurity https MITM attack via user page Post 302525301 by GSO on Thursday 26th of May 2011 06:02:49 PM
Old 05-26-2011
I though I'd make a quick test post having just signed up with StrongVPN - note there is no OpenVPN password with this provider, it's all done with certs by the looks.

Anyway as soon as I login to unix.com the mouse point usually gets locked into the SELinux sandbox, within a few minutes - I thought I'd try though with StrongVPN - and sure enough, the mouse pointer will not exit from the browser sandbox window.

StrongVPN also though has quite a few options (e.g., connection port of your choosing) - so I will duly experiment.


---------- Post updated at 03:49 PM ---------- Previous update was at 03:09 PM ----------

OK, have changed the openvpn port to a random setting and this login to unix.com hasn't gone doolaly yet (the mouse pointer can freely move between SELinux sandbox and desktop), also I was getting an encrypted page contains unencrypted content error after logging into StrongVPN which is now no longer there, and also the usual same error which pops up after approx. 5 mins of being logged into Google docs has not materialised yet.

If local crime has a TEMPEST setup (I get the feeling they have at least one that they move around) then they would have been able to see the new port.

---------- Post updated at 04:20 PM ---------- Previous update was at 03:49 PM ----------

The unencrypted content in encrypted page error has just popped up on Google docs (note the page was open for about 15 mins, I hadn't just navigated to it - a few spreadsheets open at the same time).

---------- Post updated at 05:11 PM ---------- Previous update was at 04:20 PM ----------

Mouse has just locked itself in the browser sandbox on the StrongVPN forum. The usual hacks getting through it seems, though not the worst as yet.

---------- Post updated at 05:46 PM ---------- Previous update was at 05:11 PM ----------

In short, I think with whatever these computer criminals have installed it is a change of IP that causes them inconvenience, not much else.

---------- Post updated at 11:02 PM ---------- Previous update was at 05:46 PM ----------

StrongVPN went rapidly downhill, some of the details can be found here: Unencrypted content on StrongVPN https page? (Page 1) - Security Discussion - StrongVPN Forum - including the messages log from openvpn connection attempts - I wonder nowadays if when openvpn fails to connect this is not symptomatic of hackers breaking the connection.

iVPN seems about the best VPN I've used so far.
Last edited by GSO; 05-26-2011 at 07:16 PM..
 

5 More Discussions You Might Find Interesting

1. Web Development

HTTPS-Home Page issue.

Hi Folks, This might be a very question,but i have not been able to find the solution. While accessing http://16.138.32.128/ in my LAN, i am able to read the index.html placed in DocumentRoot(/var/www/html). However if i tab in https://xx.xx.xx.xx/ ,i am only able to access the default... (0 Replies)
Discussion started by: Hari_Ganesh
0 Replies

2. What is on Your Mind?

Fedora Man Pages Reported Attack Page?

Is firefox complaining to anyone else that this is a Reported Attack Page!? I have used this site a million times and now it feels like complaining. Fedora Manpages: Home (5 Replies)
Discussion started by: cokedude
5 Replies

3. Shell Programming and Scripting

help pulling ${VARS} out of a web page user curl

Here is the code I have so far #!/bin/bash INFOF="/tmp/mac.info" curl --silent http://www.everymac.com/systems/apple/macbook_pro/specs/macbook-pro-core-2-duo-2.8-aluminum-17-mid-2009-unibody-specs.html "$INFOF" I want help putting these specs into a vars Standard Ram: value into $VAR1... (1 Reply)
Discussion started by: briandanielz
1 Replies

4. UNIX for Dummies Questions & Answers

How to switch the user before executing a shell script from web page??

hi, i want to execute a shell script as a different user. the flow is like this. there is a html web page from which i have to call a shell script. web server is apache. to call the shell script from html page, a perl script is required. so the html page calls the perl script and the perl... (2 Replies)
Discussion started by: Little
2 Replies

5. Solaris

Need suggestion:- Failed HTTPS transfer to https://supportfiles.sun.com/curl

Hi Guys, I have recently started reciving below Error message Failed HTTPS transfer to https://supportfiles.sun.com/curl whenever I run /usr/local/bin/sudo /opt/SUNWexplo/bin/explorer -P -q -v from all Servers. Looks like the SSL certificate as Expired. Whenever I type... (4 Replies)
Discussion started by: manalisharmabe
4 Replies
All times are GMT -4. The time now is 04:00 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy