Author |
Topic |
|
cmerwitzer
New Member
63 Posts |
Posted - 25 April 2005 : 10:57:30
|
Now that I have your attention --
I posted a link on a Snitz forum this morning, and rather than linking to the proper place, the link was shortened and everything after the ".com" was removed.
The link is link removed due to inappropriate content
As you can see, the link should open a .swf file. If I put this link into my browser I have no problem. If I put the link into a post on Snitz forum, I go to the domain and am faced with porn.
Don't get me wrong, I like porn just as much as the next guy, but I do not expect a link to go elsewhere than what is posted.
Why is this happening? Is there a fix for it?
Thank you very much!
|
|
Shaggy
Support Moderator
Ireland
6780 Posts |
Posted - 25 April 2005 : 11:22:51
|
Scan your machine for spyware/adware - there are a couple of malicious scripts that will pick up on keywords in links and redirect you to innapropriate websites.
<edit> May be related to this. </edit>
|
Search is your friend “I was having a mildly paranoid day, mostly due to the fact that the mad priest lady from over the river had taken to nailing weasels to my front door again.” |
Edited by - Shaggy on 25 April 2005 11:25:16 |
|
|
cmerwitzer
New Member
63 Posts |
Posted - 25 April 2005 : 12:02:46
|
That was my first thought as well. Definately not a spyware problem. It is a Snitz issue as far as I can tell. I posted the same link on a vBulletin site and the same thing happens.
Try it yourself. Click the link above and see what you get. Does the .swf file run or do you get the porn site? Keep in mind, the site you are going to is the site in the link, but the link is being shortened so that the /flash/crash.swf portion is missing.
As a matter of fact, hover your cursor over the link above and look at the bottom of your browser. You will see that the link is correct. Then click the link and you will see what happens.
Thanks for your response. |
Edited by - cmerwitzer on 25 April 2005 12:03:51 |
|
|
Shaggy
Support Moderator
Ireland
6780 Posts |
Posted - 25 April 2005 : 12:08:30
|
I clicked through that link before my last post and got a flash movie. If the same thing is happening on VBulletin then it's definitely not a Snitz issue. Did you scan your system for spyware, etc. or are you just assuming your machine is clean?
|
Search is your friend “I was having a mildly paranoid day, mostly due to the fact that the mad priest lady from over the river had taken to nailing weasels to my front door again.” |
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
Posted - 25 April 2005 : 12:47:40
|
It is nothing to do with Snitz, the problem relates to the referrer string from the browser, if you type the URL directly there is no referrer and you get sent to the flash file, if the domain recieves something in the referrer it is sending you to the default page for the domain, you can test it by clicking on the link here
http://www.reddick.co.uk/test.html which is just a plain html file, but will send a referrer because it is a web page. |
|
|
cmerwitzer
New Member
63 Posts |
Posted - 25 April 2005 : 13:14:42
|
quote: Originally posted by HuwR
It is nothing to do with Snitz, the problem relates to the referrer string from the browser, if you type the URL directly there is no referrer and you get sent to the flash file, if the domain recieves something in the referrer it is sending you to the default page for the domain, you can test it by clicking on the link here
http://www.reddick.co.uk/test.html which is just a plain html file, but will send a referrer because it is a web page.
Please excuse my igorance here. I am a bit confused as to why it happens.
Why did Shaggy say that he (assuming Shaggy is a he) did not have a problem with the link? Shaggy is using the same link as we are, yet he says he got the .swf file. Should Shaggy not have been sent to the porn site like you and I were?
Also, how come when the link is used from a vBulletin site there is no referrer problem?
Please don't misunderstand my questions as questioning your answer. I am sure you are correct with what you say, but I just don't quite understand it.
Again, sorry for the ignorance, but I am learning slowly. |
Edited by - cmerwitzer on 25 April 2005 13:16:56 |
|
|
Shaggy
Support Moderator
Ireland
6780 Posts |
Posted - 25 April 2005 : 13:16:26
|
It may be different settings on our firewalls, mine is set up to only allow the sending of HTTP_REFERER and related server variables to domains I specify.
|
Search is your friend “I was having a mildly paranoid day, mostly due to the fact that the mad priest lady from over the river had taken to nailing weasels to my front door again.” |
|
|
cmerwitzer
New Member
63 Posts |
Posted - 25 April 2005 : 13:21:41
|
quote: Originally posted by Shaggy
It may be different settings on our firewalls, mine is set up to only allow the sending of HTTP_REFERER and related server variables to domains I specify.
The server that hosts the Snitz forum that I originally posted the link on has no such restrictions.
I'd like to better understand this. The link works as it should when used from a link within an email or when on a vBulletin forum site. It appears that so far the only problem I have had is when the link is used from a Snitz forum site. I have tried this site (sorry, did not mean to cause problems with an inappropriate link), the site run by my friend, and at another site run by someone else I know.
So far it is only a problem with Snitz forums.
The problem is, the two most popular forums that I know of are vBulletin and Snitz. Since it is not happening on the vB forum and I don't know of any non-Snitz or non-vB forums to try it on, I am limited as to my testing.
Thanks again for your explanations and patience.
I am very good with networking and hardware diagnostics, but a complete moron when it comes to web design. |
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
Posted - 25 April 2005 : 14:22:34
|
the test link I posted is a standard html page it has no such restrictions and is NOT a snitz forum but still it directs you to the default paege for the domain and not the flash file, if you right click on it and open in a new window, you can see the redirect occur, it has NOTHING to do with the website holding the link, this is done either by a dns server/router or the domian itself, it is not SNITZ or Your BROWSER |
|
|
cmerwitzer
New Member
63 Posts |
Posted - 26 April 2005 : 07:18:36
|
Now I understand how the test works. You sent me to a plain old HTML page that was not a part of the forum. That page had the link I posted. The link still took me to the porn site. This rules out Snitz and people's browsers. Now I understand the first part of the equation here. Thank you very much! I am not feeling quite as dumb now.
If you don't mind, and you have a minute or two, maybe the second part can be clarified, please. What causes some servers to direct the link to porn and other servers to direct it to the correct place? I gather from your last response that it has something to do with a DNS server or router, but whose? The ISP we are using?
Thanks again! You have been very helpful. |
|
|
pdrg
Support Moderator
United Kingdom
2897 Posts |
Posted - 27 April 2005 : 11:08:47
|
It's less likely to be related to the server hosting the link, more likely to be your ISP. Maybe the (stileproject) host server is redirecting based on client IP (from your ISP), maybe your ISP's DNS is unwell.
http://samspade.org has useful tools for helping diagnose this kinda issue. Also consider running a web proxy (your browser connects to the proxy to connect to the web - the proxy can then log all HTTP traffic & details). Some firewalls offer this, but I use @stake's webproxy - you may still be able to find legacy free versions, or look on sf.net for 'muffin' which is supposed to be pretty good.
hth |
|
|
cmerwitzer
New Member
63 Posts |
Posted - 28 April 2005 : 07:42:52
|
Interesting ideas. I will try that. The ISP we use it BellSouth for our DSL. The server running the site is also on the same ISP. That may explain quite a bit. I may try changing my DNS to another server to see what happens. Thanks again for the ideas. |
|
|
Doug G
Support Moderator
USA
6493 Posts |
Posted - 28 April 2005 : 13:00:41
|
You might take a look in your computer's hosts file, some spywares will add all sorts of entries. Usually it's to block you from antivirus sites and microsoft & similar sites, but it's certainly possible some trojan added some redirects of common sites to porn sites.
|
====== Doug G ====== Computer history and help at www.dougscode.com |
|
|
|
Topic |
|