Can't reach Wilders' site on my XP desktop since yesterday...

"Mitsogo ?" No, I don't have an iPhone.

 

I just flushed the DNS cache on the XP desktop. That didn't help change the situation.

 

Rebootski?

 

"Rebootski?" ...Nonski ...Should I?

 

It's Windows so sure, why not.

 

I am in the process of doing that...a reboot.

 

oops, I just spotted your comment. I will give that a go. Thanks.

 

I was able to reproduce the warning when typing in the Hosts IP manually: https://104.236.97.180, same domain etc so removing those should do the trick as ronjor thought.

104.236.97.180 uses an invalid security certificate. The certificate is only valid for the following names: *.hexnodemdm.com, hexnodemdm.com

 

Yeah, removing these entries from the HOSTS-file should definitely solve the issue.

 

Thanks, all ...With the input our great members, a good result has been achieved.

 

I am just rebooting after make the necessary changes to the HOSTS file. Will see how it goes, shortly.

 

I have to wait...awhile. My computer is 10 years 'young', and when it boots, the main screen is not showing up properly. More ghostly! I have to hard shutdown, and wait for it to settle. Then I restart, and it usually will boot up. Crossed fingers! It only started doing that in the last year, or so, and only intermittently.

P.S. That is why I decided to buy a Surface Book, last year in anticipation that the XP desktop will give up the ghost, eventually.

 

And, finally the proof.

 

I notice that domain in your Navigation links as "nofollow." I don't know what that refers to.

Screen shot:




----
rich

 

I know why I put those two Wilders' entries as shown in the screenshot I posted in #19 above - https://www.wilderssecurity.com/thr...-desktop-since-yesterday.396511/#post-2704057

It was because of this Wilders' thread back in January 2015 -
Forum moving network segments at host - New IP address - https://www.wilderssecurity.com/threads/forum-moving-network-segments-at-host-new-ip-address.372190/

 

Posting this comment from my XP desktop, because the Surface Book is back on the charger. Battery is getting less hours use. I think I will need to get the battery replaced before my warranty runs out on the laptop.

 

What happened here is, Wilders has a new IP address.
45.33.17.126

Tarnak had Wilders old IP address in his host file.
104.236.97.180

So when he typed in or clicked on a bookmark to,
https://www.wilderssecurity.com
The windows host file sent his browser to the old IP address which is now assigned to,
*.hexnodendm.com

I'm a little surprised no one else noticed this especially as
104.236.97.180 had been Wilders IP address for the longest time.

It goes to show, had that been a mitm attack that used a poison dns to redirected to a fake Wilders website, the only one here that would have been protected was Tarnuk, by using the host file which prevented the DNS lookup.
The other thing is, if you do use a host file, and you get a warning that you are not at the website you are supposed to be at, check to see if the website has changed IP addresses.

This is actually a great demonstration of why the old host file (which I believe MS disabled in later versions of Windows to prevent it being used to block data mining servers) is/was a great security feature because the browsers own security features then check if the site cert matches the domain in the address bar.
This is why I was talking about IP address/Cert/Domain name pinning in one of the other threads. If you pin all three it makes mitm attacks close to impossible, unless you ignore the warnings.

 

Hosts file can be hijacked so make sure you keep an eye on it. Set it to "read-only" can help.
Some firewalls IIRC can monitor the Hosts file for changes.

Malware can use it to block detection by security software and also to redirect traffic to
servers of their choice.