Page 4 of 4

Re: 2015 RCE - LouieMacGoo/The_Professor

Posted: Mon Dec 14, 2015 4:11 pm
by LouieMacGoo
When I copy your user setting and use them on my account I don't see any problem. If you want PM me your password and I will take a look at it.

Re: 2015 RCE - LouieMacGoo/The_Professor

Posted: Mon Dec 14, 2015 6:27 pm
by mashani
The_Professor wrote:
mashani wrote:This is an example of what I see. This was in Chrome, but I see it in IE 11, Firefox, and also Edge too.
Untitled.png
Does the pic show with a direct link?

EDIT: I didn't see it was just in Chrome at first.
Not just chrome, any browser, and no direct link didn't work. But I know why now.

OpenDNS thinks that servebeer.com is full of phishing domains and by default for phishing sites, it simply kills any request to them returning "nothing" instead without popping up the usual "domain is blocked on this network" message. Since phising is blocked at pretty much any security level besides custom configurations and automatically propogated to all subdomains by default, that entire domain is just toast for anyone who uses OpenDNS.

So since it is returning nothing, that is why I'm seeing a whole lot of nothing.

I'm telling it to allow your little sub domain. That should in theory fix it. Except it's not fixing it so far... I'll keep tinkering.

I didn't realize what was going on because usually OpenDNS returns a message explaining why it blocked something. But apparently not in this scenario.

If this is your domain and you want to advocate for yourself to be taken off their black list/filters, you should go to opendns and tell them your not a creep.

Re: 2015 RCE - LouieMacGoo/The_Professor

Posted: Mon Dec 14, 2015 8:50 pm
by mashani
So to make that domain work with OpenDNS, I have to unblock it, and *also* totally disable phishing protection. Basically they hate it.

So since I will not disable phishing protection (too many people here that might click through) I guess I'm not seeing the Professors images unless he posts them using the "normal" method, unless he can convince OpenDNS that the web site is not evil.

Re: 2015 RCE - LouieMacGoo/The_Professor

Posted: Mon Dec 14, 2015 9:10 pm
by The_Professor
mashani,

Not sure I can convince opendns that I am not evil but I sent an email this evening.
I use the dynamic DNS service noip.com to be able to make my Raspberry Pi home server available online.
I did mention that I have used this address since 2009.

I am aware that a while back there was an issue with noip domains, servebeer being one of them, but that they had actively taken care of some bad sites.

We'll see what happens with the email.