[OTR-dev] OTR homepage DNS poisoned?
Paul Wouters
paul at cypherpunks.ca
Sun Dec 20 20:38:52 EST 2015
On Wed, 9 Dec 2015, Dionysis Zindros wrote:
> The OTR homepage at http://otr.cypherpunks.ca/ seems to be
> man-in-the-middled in certain networks. I have checked through various
> different networks with various results.
> In the man-in-the-middled OTE connection I can see this trace:
> HTTP/1.1 302 Moved Temporarily
> Location: http://www.zeroredirect1.com/otr.cypherpunks.ca?rpm=1&domainerId=18f6e5d1-1b47-11e5-ae0f-0edec89589c7&keywords=otr.cypherpunks.ca&fallbackUrl=http%3A%2F%2Finvestdollar.net%3FsubID%3Dotr.cypherpunks.ca%26fb%3Dhttp%3A%2F%2Fww9.otr.cypherpunks.ca
Googling for zeroredirect gives me a lot of links about the "google
redirect" virus. I'd throw away that machine and build a new one.
If you want to avoid DNS redirects I can recommend installing
"dnssec-trigger" from NLnetlabs.
Paul
More information about the OTR-dev
mailing list