<div dir="ltr">Wow. That's a riot.<div><br></div><div style>So, DNS in the space should be handing out 172.30.0.4 as a local caching resolver. That's minotaur.</div><div style>And, querying the cache, it seems that it has indeed cached some bunk data:</div>
<div style><br></div><div style><div>`--> dig +short @<a href="http://172.30.0.4">172.30.0.4</a> <a href="http://graph.facebook.com">graph.facebook.com</a>. in a</div><div>204.246.122.84</div><div><br></div><div style>
It's dnsmasq, so I can't easily dump or debug the cache without restarting it, losing the contents.</div><div style><br></div><div style>I'll restart the cache now. Hopefully whomever was messing around is done now, and you can continue onward.</div>
<div><br></div><div style>I would never count on Noisebridge for interference-free internet connectivity. Such a concentration of hackers is going to lead to tomfoolery, one day or another.</div><div style>I always SSH-tunnel out.</div>
<div style><br></div><div style>Cheers,</div><div style>jof</div></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Sun, Jun 2, 2013 at 1:42 PM, Joe Black <span dir="ltr"><<a href="mailto:joeblack949@gmail.com" target="_blank">joeblack949@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>
I was just logging into Readmill, which is a social book reading app for the ipad, and got a very fishy response, a screenshot is worth a thousand words
</div><div><br></div><div><img src="cid:470D6B77-C1C4-439B-82F5-CACDA988EE7F" style="width:904px;min-height:711px">
</div><div><br></div><div>I was noticing yesterday some ads in the sidebar were doing something similar. Immediately it seemed like someone had poisoned the DNS cache so I switched my dns server to google's (8.8.8.8) and all the problems went away.</div>
<div><br></div><div>I would hardly like to call that a permanent solution however. I'm sure many of us know google uses that DNS server to log even more personal information about those that use it. There are alternatives like of course but I just thought this seemed kinda shady, if I were new to the space or computing I'd wonder why noisebridge's wiki was trying to catch an open auth request.</div>
<div><br></div><div>Also I'm wondering since I'm not all that versed in mediawiki, are you able to embed javascript into mediawiki? how hard would it be for someone with the basic credentials to create a new page on the wiki to create this page for nefarious purposes?</div>
<div><br></div><div>I knew I shouldn't have let that VPN subscription lapse a month ago…</div><div><br></div><div><small style="font-size:13px"><font face="Helvetica"><big><big style="color:rgb(0,0,153)"><big><big><span style="font-weight:bold;color:rgb(102,102,102)">joe</span><font color="#000000">black</font></big></big></big></big></font></small><div style="font-size:13px">
<span style="color:rgb(255,102,0);font-weight:bold"><span style="color:rgb(153,153,153)"><span style="color:rgb(255,102,0)">:</span> joeblack949<span style="color:rgb(51,102,255)">@</span>gmail<span style="color:rgb(51,102,255)">.</span>com</span></span></div>
<font color="#666666"><b><br></b></font></div>
<br>_______________________________________________<br>
Noisebridge-discuss mailing list<br>
<a href="mailto:Noisebridge-discuss@lists.noisebridge.net">Noisebridge-discuss@lists.noisebridge.net</a><br>
<a href="https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss" target="_blank">https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss</a><br>
<br></blockquote></div><br></div>