On Sat, May 07, 2016 at 08:25:29AM -0400, Matthew Gillen wrote:
> On 5/4/2016 5:37 PM, Kent Borg wrote:
> > -kb, the Kent who admits he doesn't know how https works through Akamai
> > and the like.
>
> It doesn't. Akamai is a TLS termination point. They have the private
> keys of any domain they
On Sat, May 07, 2016 at 01:27:46PM -0400, Kent Borg wrote:
> On 05/07/2016 01:05 PM, Dan Ritter wrote:
> >x509 certs don't care about IPs; the browser matches the cert's CN (Common
> >Name) against the domain name it was requesting.
>
> That makes sense.
>
> So it should be possible to do an
On 05/07/2016 01:05 PM, Dan Ritter wrote:
x509 certs don't care about IPs; the browser matches the cert's CN
(Common Name) against the domain name it was requesting.
That makes sense.
So it should be possible to do an anti-DDos service with tons of IP
addresses, but still forward on in
On Sat, May 07, 2016 at 12:46:32PM -0400, Kent Borg wrote:
> On 05/07/2016 08:25 AM, Matthew Gillen wrote:
> >On 5/4/2016 5:37 PM, Kent Borg wrote:
> >>-kb, the Kent who admits he doesn't know how https works through Akamai
> >>and the like.
> >It doesn't. Akamai is a TLS termination point. They
On 05/07/2016 08:25 AM, Matthew Gillen wrote:
On 5/4/2016 5:37 PM, Kent Borg wrote:
-kb, the Kent who admits he doesn't know how https works through Akamai
and the like.
It doesn't. Akamai is a TLS termination point. They have the private
keys of any domain they are proxying for, so they can
On 5/4/2016 5:37 PM, Kent Borg wrote:
> -kb, the Kent who admits he doesn't know how https works through Akamai
> and the like.
It doesn't. Akamai is a TLS termination point. They have the private
keys of any domain they are proxying for, so they can act as the TLS
endpoint. Once your connection
Actually I was on a VPN so maybe that's why
Sent from my iPhone
> On May 4, 2016, at 7:39 PM, John Hall wrote:
>
>
>> On Wed, May 4, 2016 at 6:24 PM, Joe Polcari wrote:
>> same answer – what’s the point?
>
> Hey! Your queries showed that comcast has
On Wed, May 4, 2016 at 6:24 PM, Joe Polcari wrote:
> same answer – what’s the point?
Hey! Your queries showed that comcast has faster dns now.
Comcast was also faster for me for this same query. My results
(google/comcast):
(45 msec / 22 msec), were both faster than your
On 05/04/2016 07:21 PM, Joe Polcari wrote:
The domain did not expire. It was renewed in 2015 for 2 years. Look at the
Whois output.
Hmmm, I don't know what I saw on Friday (did I see a global whois update
timestamp, that happens always?), but I saw it exactly 1-year before the
new (I
The domain did not expire. It was renewed in 2015 for 2 years. Look at the
Whois output.
Sent from my iPhone
> On May 4, 2016, at 6:53 PM, Kent Borg wrote:
>
>> On 05/04/2016 05:51 PM, John Hall wrote:
>> Are you using your ISP's DNS ? Is it comcast?
>
> Various. I did
On 05/04/2016 05:51 PM, John Hall wrote:
Are you using your ISP's DNS ? Is it comcast?
Various. I did manual lookups on 8.8.8.8, but at home I run my own DNS,
on my phone I get T-Mobile's, at Linode I must be using theirs.
So what is the difference between my bank using Incapsula to run its
John Hall
Date: Wednesday, May 4, 2016 at 6:06 PM
To: Joe Polcari
Cc: Kent Borg, "discuss@blu.org"
Subject: Re: [Discuss] My Bank's Web Site is Behaving Oddly
On Wed, May 4, 2016 at 5:54 PM, Joe Polcari <j...@polcari.com> wrote:
I’m actually inside comcast – no browser j
On Wed, May 4, 2016 at 5:54 PM, Joe Polcari wrote:
> I’m actually inside comcast – no browser jacking – pure unhindered network.
>
You could try resolv.conf setting your mahcine to use the google dns
8.8.8.8 , 8.8.4.4
I believe this will override setting returned by dchp
In fact there is a javascript on their login page with a named copyright holder
that encrypts your login information before it’s even sent over ssl.
Looks good to me.
On 5/4/16, 5:53 PM, "Discuss on behalf of Joe Polcari"
I’m actually inside comcast – no browser jacking – pure unhindered network.
From: John Hall
Date: Wednesday, May 4, 2016 at 5:51 PM
To: Joe Polcari
Cc: Kent Borg, "discuss@blu.org"
Subject: Re: [Discuss] My Bank's Web Site is Behaving Oddly
Updates can take quite a
I just did a dig - the output indicates they have a private listing - that;s
all.
I looked at the site and it looks legit.
I clicked through a lot of the pages and looked at the source - it all looks
good.
On 5/4/16, 5:37 PM, "Kent Borg" wrote:
>On 05/04/2016 05:31 PM,
Updates can take quite a long time to be disseminated, and also some DNS
servers are just flat out terrible.
Are you using your ISP's DNS ? Is it comcast?
A few years ago I ditched comcast DNS for Google public DNS servers. I
configure this in the router. IP v4 addresses are 8.8.8.8 and 8.8.4.4.
On 05/04/2016 05:31 PM, Joe Polcari wrote:
More than likely they got their domain back and DNS is updating
How long should a "whois leaderbank.com" take to update? The output I
get is still cloaked and that seems odd for a bank. And, shouldn't the
certificate mention the bank?
-kb, the
More than likely they got their domain back and DNS is updating
On 5/4/16, 5:28 PM, "Discuss on behalf of Kent Borg"
wrote:
>On 05/04/2016 04:43 PM, Kent Borg wrote:
>> The domain leaderbank.com is acting odd for me...
The domain leaderbank.com is acting odd for me...
Last Friday the URL I paste to go to my bank
(https://www.leaderbank.com) quit working. After some futzing, I tried
switching form https and doing just http, and I got what looks like a
parking page. I looked at the whois and the domain got
20 matches
Mail list logo