[OTR-dev] OTR homepage DNS poisoned?

Paul Wouters paul at cypherpunks.ca
Sun Dec 20 20:38:52 EST 2015

On Wed, 9 Dec 2015, Dionysis Zindros wrote:

> The OTR homepage at http://otr.cypherpunks.ca/ seems to be
> man-in-the-middled in certain networks. I have checked through various
> different networks with various results.

> In the man-in-the-middled OTE connection I can see this trace:

> HTTP/1.1 302 Moved Temporarily

> Location: http://www.zeroredirect1.com/otr.cypherpunks.ca?rpm=1&domainerId=18f6e5d1-1b47-11e5-ae0f-0edec89589c7&keywords=otr.cypherpunks.ca&fallbackUrl=http%3A%2F%2Finvestdollar.net%3FsubID%3Dotr.cypherpunks.ca%26fb%3Dhttp%3A%2F%2Fww9.otr.cypherpunks.ca

Googling for zeroredirect gives me a lot of links about the "google
redirect" virus. I'd throw away that machine and build a new one.

If you want to avoid DNS redirects I can recommend installing
"dnssec-trigger" from NLnetlabs.


More information about the OTR-dev mailing list