[aprssig] who forgot to renew aprs-is.net?
Andrew Pavlin
spam8mybrain at yahoo.com
Mon Jan 10 15:05:06 EST 2022
Well, my ISP (he who reported the problem first) is Verizon Business Fios. But I certainly don't use their nameservers; I run my own caching nameservers.
Seems a lot of ISPs are running corrupted nameservers in the name of "security" or censorship or business steering (or just negligence), because there were some complaints (and seriously misled people) on another mailing list I'm on. But that couldn't have forced me to https: when I typed http: to get to aprs-is.net. I wonder how much of it has to do with no web browser allowing you to go to an URL without running it through a search engine first.
Andrew, KA2DDO
On Monday, January 10, 2022, 02:48:21 PM EST, wa7skg <wa7skg at wa7skg.com> wrote:
Who is your ISP? Xfinity recently made some strange changes to their
security protocols which has caused many websites to resolve oddly. Big
topic of discussion on many other forums.
Michael WA7SKG
Kenneth Finnegan wrote on 1/10/22 11:28 AM:
> This doesn't look like any kind of DNS attack.
>
> www.ametx.com <http://www.ametx.com> and aprs-is.net
> <http://aprs-is.net> are both hosted on the same web server, so it looks
> like there's some problems happening on the hosting side as far as the
> web server serving the wrong virtual host domain to clients.
>
> --
> Kenneth Finnegan
> http://blog.thelifeofkenneth.com/
>
>
> On Sat, Jan 8, 2022 at 6:18 PM Earl Needham <earl.kd5xb at gmail.com
> <mailto:earl.kd5xb at gmail.com>> wrote:
>
> Just for info, I got the AME site a few times as well.
>
> In fact, I got it again just now, but a reload got me to aprs-is.
>
> Vy 7 3
> Earl
> KD5XB
>
>
> e e
>
> On Sat, Jan 8, 2022 at 7:12 PM Andrew Pavlin via aprssig
> <aprssig at lists.tapr.org <mailto:aprssig at lists.tapr.org>> wrote:
>
> Looks like I had a DNS spoofing attack. After clearing all my
> nameserver caches and restarting them, I can see the site now.
> I'm not sure why earlier it was automatically upgrading from
> http to https to take me to the AME website.
>
> Andrew, KA2DDO
>
> On Saturday, January 8, 2022, 02:38:04 PM EST, Pete Loveall
> AE5PL Lists <hamlists at ametx.com <mailto:hamlists at ametx.com>> wrote:
>
>
> Working just fine for me. AME Corp. is the base web site for
> that IP address so if you were going to the IP address or you
> were trying to use https, you will see the base site, not
> aprs-is.net <http://aprs-is.net>. Been this way since its
> inception.
>
> 73,
>
> Pete Loveall AE5PL
> pete at ae5pl dot net
>
>
>
> -----Original Message-----
> From: aprssig <aprssig-bounces at lists.tapr.org
> <mailto:aprssig-bounces at lists.tapr.org>> On Behalf Of Andrew
> Pavlin via aprssig
> Sent: Saturday, January 8, 2022 12:33 PM
> To: TAPR APRS Mailing List <aprssig at lists.tapr.org
> <mailto:aprssig at lists.tapr.org>>
> Subject: [aprssig] who forgot to renew aprs-is.net
> <http://aprs-is.net>?
>
> Greetings.
>
> I was going to visit the aprs-is.net <http://aprs-is.net>
> website to check a protocol specification, and now it's
> displaying a webpage for AME Corporation. Did someone forget to
> renew the domain name lease? Or am I dealing with DNS spoofing?
>
> Someone might want to check why this corporation is showing up
> for a ham radio domain name.
>
> Andrew, KA2DDO
> author of YAAC
>
_______________________________________________
aprssig mailing list
aprssig at lists.tapr.org
http://lists.tapr.org/mailman/listinfo/aprssig_lists.tapr.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.tapr.org/pipermail/aprssig_lists.tapr.org/attachments/20220110/7e7904f6/attachment-0001.html>
More information about the aprssig
mailing list