If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
Sucuri URL test site query
Why does the Sucuri URL test site now report this?
"Site returning error (40x): HTTP/1.1 403 Forbidden" https://sitecheck.sucuri.net/results/www.tekrider.net# Is there something wrong with the Sucuri tool or is something wrong with Tekrider.net? |
Ads |
#2
|
|||
|
|||
Sucuri URL test site query
Steve Carroll wrote:
Why does the Sucuri URL test site now report this? "Site returning error (40x): HTTP/1.1 403 Forbidden" https://sitecheck.sucuri.net/results/www.tekrider.net# Is there something wrong with the Sucuri tool or is something wrong with Tekrider.net? According the the site certificate information, the cert is valid. Use your unidentified web browser to look at the details of a site's cert. However, I noticed that the cert's CA (certificate authority) is using the freebie Let's Encrypt which really isn't a CA. Many sources consider those certs as insecure. Let's Encrypt never validates who asked to get a certificate. Since no money was exchanged, there is no way to "follow the money". The whole process is automated so there is no overseer on issuance of the certs. Sites using Let's Encrypt might as well as use their self-signed certs for as "secure" as those would be regarding actually identifying the registrant of a cert. This is like users getting freebie e-mail certs to do x.509 SMIME digital signing and encryption of their e-mails but there is no validation of just WHO got that e-mail cert, only that the registrant used the mailbox for which the e-mail cert was issued which is hardly identifying who owns the cert. Similar to sending the free e-mail cert via e-mail to whoever requested it (to verify the registrant has, at least, access to that e-mail account), Lets Encrypt uses ACME (Automated Certificate Management Environment) to check the server is the one that gets the site cert. Uh huh, yep, that really identified the registrant: the one asking for the cert is the one that validates it was them that asked for it. That's like getting a blank driver's license and whatever you write on it, oh sure, that must be you. Only because web browsers pre-install the Let's Encrypt root cert lets users of those web browsers visit sites using that pseudo-CA. The Let's Encrypt root certificate is pre-installed in Google Chrome (wasn't a while ago so Chrome would complain the Let's Encrypt-ed site was not secure). Mozilla added the root cert to Firefox because, gee, Mozilla is one of the founders of Let's Encrypt (and, no, if you've used Firefox for a long time then you know Mozilla does NOT have the user's security fully prioritized but add lots of **** to assist web sites). In Chrome, you'll see the cert listed under Lets Encrypt. In Firefox, it is listed as IdenTrust. Sites going cheap by getting free certs from Lets Encrypt had problems at first because web browsers didn't have that pseudo-CA listed/added to their cert store. https://www.theregister.co.uk/2018/0...ificate_drama/ (do a search and you'll find other gotchas with Lets Encrypt) It was a nuisance to have to pay for site certs and having to trust a 3rd party as the regulator but that had some validity and checking as who got the cert. With the freebies from Lets Encrypt, the registrant validates themself (rolls eyes). As for Securi, well, the part you omitted in your post was they said: Our automated scan was unable to run on your website. Okay, that could be something as simple as the site uses robots.txt with a directive telling web crawlers to NOT crawl their web site. I tried clicking on Securi's "More details" button for "Scanning errors" but they just re-painted the same web page. I was trying to see WHY they report they cannot scan/crawl that web site. I had to allow the mxpnl.com source for scripts in both uMatrix and uBlock Origin to get the script needed when clicking on the "More details" button. Then all they said was the same forbidden error they reported above. No further information. They won't even tell you that actual error status that was returned by the server when attempt to visit that page. Instead they just show "40x" as the error status. Yeah, right, very unhelpful. Apparently to get more details means having to sign-up at Securi. Go read: https://sucuri.net/website-security-platform/signup Then you'll see Securi is using their so-called web site scan as a lure to get users (perhaps only the site owner) to buy into their site scan service. Dump Securi. They're a lureware site. If you want to externally validate a site's SSL certificate rather than trusting what your own web browser reports, go to: https://www.ssllabs.com/ssltest/ That will test lots of aspects of a site (SSL) cert. That it reports deficiencies does not mean the cert is invalid or misleading, only that the site needs to improve. Note that for www.tekrider.net, SSLlabs reports it supports TLS 1.0 but not SSL 3.0. Alas, TLS 1.0 was just a renaming of SSL 3.0 but with some incompatibilities to differentiate it from SSL 3.0. A site using TLS 1.0 is no more secure than one using SSL 3.0. SSllabs will note which ciphers are supported by the site, including those the site will accept that are considered weak. Although not specifically an overt red flag, I ponder what dixie-metal-detectors.com (2nd site cert issued by GoDaddy but which SSLlabs says is not trusted probably due to a SA [Subject Alternative] mismatch on multiple domains to which the cert is registered) has to do with tekrider.net (1st cert using free Lets Encrypt). Also: nslookup www.tekrider.net gives an IP address of 192.251.238.3 (which hides using a private domain registration at GoDaddy) but a reverse DNS lookup on 192.251.238.3 gives alvin.genwebserver.com (which hides using a private domain registration at privacygarden.org) and the IP address of 192.251.238.3 is in the IP pool owned by Webby Enterprises LLC (webbytech.net) who appears to be the webhoster. I'm not sure Securi is trying to provide for information on a site's certificate but it appears they are a lure to a paid service. Use SSLlabs if you want more info on a site's cert than what your web browser tells you. |
#3
|
|||
|
|||
Sucuri URL test site query
On Fri, 25 May 2018 08:30:53 +0100, Steve Carroll
wrote: Why does the Sucuri URL test site now report this? "Site returning error (40x): HTTP/1.1 403 Forbidden" https://sitecheck.sucuri.net/results/www.tekrider.net# Is there something wrong with the Sucuri tool or is something wrong with Tekrider.net? Hi David. New nym? |
#4
|
|||
|
|||
Sucuri URL test site query
On 25/05/18 10:49, VanguardLH wrote:
Steve Carroll wrote: Why does the Sucuri URL test site now report this? "Site returning error (40x): HTTP/1.1 403 Forbidden" https://sitecheck.sucuri.net/results/www.tekrider.net# Is there something wrong with the Sucuri tool or is something wrong with Tekrider.net? According the the site certificate information, the cert is valid. Use your unidentified web browser to look at the details of a site's cert. However, I noticed that the cert's CA (certificate authority) is using the freebie Let's Encrypt which really isn't a CA. Many sources consider those certs as insecure. Let's Encrypt never validates who asked to get a certificate. Since no money was exchanged, there is no way to "follow the money". The whole process is automated so there is no overseer on issuance of the certs. Sites using Let's Encrypt might as well as use their self-signed certs for as "secure" as those would be regarding actually identifying the registrant of a cert. This is like users getting freebie e-mail certs to do x.509 SMIME digital signing and encryption of their e-mails but there is no validation of just WHO got that e-mail cert, only that the registrant used the mailbox for which the e-mail cert was issued which is hardly identifying who owns the cert. Similar to sending the free e-mail cert via e-mail to whoever requested it (to verify the registrant has, at least, access to that e-mail account), Lets Encrypt uses ACME (Automated Certificate Management Environment) to check the server is the one that gets the site cert. Uh huh, yep, that really identified the registrant: the one asking for the cert is the one that validates it was them that asked for it. That's like getting a blank driver's license and whatever you write on it, oh sure, that must be you. Only because web browsers pre-install the Let's Encrypt root cert lets users of those web browsers visit sites using that pseudo-CA. The Let's Encrypt root certificate is pre-installed in Google Chrome (wasn't a while ago so Chrome would complain the Let's Encrypt-ed site was not secure). Mozilla added the root cert to Firefox because, gee, Mozilla is one of the founders of Let's Encrypt (and, no, if you've used Firefox for a long time then you know Mozilla does NOT have the user's security fully prioritized but add lots of **** to assist web sites). In Chrome, you'll see the cert listed under Lets Encrypt. In Firefox, it is listed as IdenTrust. Sites going cheap by getting free certs from Lets Encrypt had problems at first because web browsers didn't have that pseudo-CA listed/added to their cert store. https://www.theregister.co.uk/2018/0...ificate_drama/ (do a search and you'll find other gotchas with Lets Encrypt) It was a nuisance to have to pay for site certs and having to trust a 3rd party as the regulator but that had some validity and checking as who got the cert. With the freebies from Lets Encrypt, the registrant validates themself (rolls eyes). As for Securi, well, the part you omitted in your post was they said: Our automated scan was unable to run on your website. Okay, that could be something as simple as the site uses robots.txt with a directive telling web crawlers to NOT crawl their web site. I tried clicking on Securi's "More details" button for "Scanning errors" but they just re-painted the same web page. I was trying to see WHY they report they cannot scan/crawl that web site. I had to allow the mxpnl.com source for scripts in both uMatrix and uBlock Origin to get the script needed when clicking on the "More details" button. Then all they said was the same forbidden error they reported above. No further information. They won't even tell you that actual error status that was returned by the server when attempt to visit that page. Instead they just show "40x" as the error status. Yeah, right, very unhelpful. Apparently to get more details means having to sign-up at Securi. Go read: https://sucuri.net/website-security-platform/signup Then you'll see Securi is using their so-called web site scan as a lure to get users (perhaps only the site owner) to buy into their site scan service. Dump Securi. They're a lureware site. Sucuri is much promoted on Facebook. They employ a lot of people too. If you want to externally validate a site's SSL certificate rather than trusting what your own web browser reports, go to: https://www.ssllabs.com/ssltest/ That will test lots of aspects of a site (SSL) cert. That it reports deficiencies does not mean the cert is invalid or misleading, only that the site needs to improve. Note that for www.tekrider.net, SSLlabs reports it supports TLS 1.0 but not SSL 3.0. Alas, TLS 1.0 was just a renaming of SSL 3.0 but with some incompatibilities to differentiate it from SSL 3.0. A site using TLS 1.0 is no more secure than one using SSL 3.0. SSllabs will note which ciphers are supported by the site, including those the site will accept that are considered weak. Although not specifically an overt red flag, I ponder what dixie-metal-detectors.com (2nd site cert issued by GoDaddy but which SSLlabs says is not trusted probably due to a SA [Subject Alternative] mismatch on multiple domains to which the cert is registered) has to do with tekrider.net (1st cert using free Lets Encrypt). Also: nslookup www.tekrider.net gives an IP address of 192.251.238.3 (which hides using a private domain registration at GoDaddy) but a reverse DNS lookup on 192.251.238.3 gives alvin.genwebserver.com (which hides using a private domain registration at privacygarden.org) and the IP address of 192.251.238.3 is in the IP pool owned by Webby Enterprises LLC (webbytech.net) who appears to be the webhoster. I'm not sure Securi is trying to provide for information on a site's certificate but it appears they are a lure to a paid service. Use SSLlabs if you want more info on a site's cert than what your web browser tells you. I really appreciate your long and informative post, VanguardLH. You'll mostly find me posting on the 'comp.sys.mac.system' group but because I assist folk who use all manner of operating systems, I follow what goes on here in this unique Usenet group. The SSLlabs site is highly informative and, as you say, provides a great deal of information which is otherwise hidden. Thank you very much for your help. SC |
#5
|
|||
|
|||
Sucuri URL test site query
On Fri, 25 May 2018 20:06:55 +0100, Steve Carroll
wrote: On 25/05/18 10:49, VanguardLH wrote: Steve Carroll wrote: Why does the Sucuri URL test site now report this? "Site returning error (40x): HTTP/1.1 403 Forbidden" https://sitecheck.sucuri.net/results/www.tekrider.net# Is there something wrong with the Sucuri tool or is something wrong with Tekrider.net? According the the site certificate information, the cert is valid. Use your unidentified web browser to look at the details of a site's cert. SNIP I really appreciate your long and informative post, VanguardLH. David, this would have been a great opportunity to let VanguardLH know that you copied/pasted the text of his post into another thread over on alt.computer.workshop, WITHOUT attribution and thereby claiming it as your own. You shouldn't really do that. You'll mostly find me posting on the 'comp.sys.mac.system' group but because I assist folk who use all manner of operating systems, I follow what goes on here in this unique Usenet group. You've never assisted anyone, unless you count the copy/paste of other peoples' posts (claiming them as your own) or providing the same links that have already been posted multiple times. No actual assistance, though. You've made the claim before, you've been asked for examples, and you've been unable to provide any. SC Why the new nym, David? Trying to start over with a clean slate? People know you as David Brooks, your real name. You might as well stick with that. |
#6
|
|||
|
|||
Sucuri URL test site query
Char Jackson wrote:
Steve Carroll STALKER wrote: SC Why the new nym, David? Trying to start over with a clean slate? People know you as David Brooks, your real name. You might as well stick with that. It was obvious in the first second that Steve Carroll is David Brooks, the well-known stalker. In fact, mere moments later the Carroll nym was added to his 'Special page.' 'BoaterDave', '~BD~', 'BD1', 'BD2', 'Beady', 'Imbeady2', 'David B', 'David B.', 'DavidB', 'David_B', 'David DewGud', 'DavidDewgud ', 'BDonTJ', ', 'CommanderB', 'Commander_B', 'Angela Bennett', 'Byker', 'DonOldham', 'Tony Smith', 'Tinkerer', 'Davoud1945', 'Brawdy14', 'HunterBD', 'Steve Carroll'. (That's 25 nyms that I know about.) -- -bts |
#7
|
|||
|
|||
Sucuri URL test site query
Steve Carroll wrote:
On 25/05/18 10:49, VanguardLH wrote: Steve Carroll wrote: Why does the Sucuri URL test site now report this? "Site returning error (40x): HTTP/1.1 403 Forbidden" https://sitecheck.sucuri.net/results/www.tekrider.net# Is there something wrong with the Sucuri tool or is something wrong with Tekrider.net? Apparently to get more details means having to sign-up at Securi. Go read: https://sucuri.net/website-security-platform/signup Then you'll see Securi is using their so-called web site scan as a lure to get users (perhaps only the site owner) to buy into their site scan service. Dump Securi. They're a lureware site. Sucuri is much promoted on Facebook. I was not aware that anyone could submit negative feedback upon a Facebook member. Facebook ratings are WORTHLESS. You can only vote positively. You cannot vote negatively. The number of positive votes is not tallied against a count of users that could vote, would vote, or voted Nay. It's the stupidity of yes-only voting. That's like no one ever complaining at a restaurant. The manager only knows of the glowing reviews by a few of his patrons while not how many were disappointed with their experience. The stupidity of a Likes button is pervasive. When trying to read product reviews, lots of BOOBS think a review is just a Like post ("great", "liked it", "better than the rest", "love it"). Those are NOT reviews and exhibit voting by morons that haven't a clue how to write an actual review. Even worse is that sites will rank a product based on voting but the users are allowed to vote without qualifying (commenting) why they voted that way; for example, there could 100 5-point Likes but only 2 bothered to write a review of which you're very lucky if one of those actually wrote a review. Drive-by yes-voting sucks. A voting scheme of Likes is meaningless without contrasting Dislikes. Obviously such voting will NEVER reflect the entire populace that visits a Facebook member's page. They employ a lot of people too. 228 (according to Hoover's). Doesn't seem very high considering they want to present a worldwide image plus not very much to perform all the research and analysis on security issues. The own site is more reserved: https://sucuri.net/company/ says on 125 employees. Since that shows 28 corporate offices, that's only an average of 4-5 employees per office which is about the minimum what you need to have an office with "staff": a [regional or office] manager, secretary/receptionist, and a couple grunts so the manager has a purpose. Alas, no way to know how large and often they use contractors. Some "offices" may merely be a presence, a room in a building, manned by just 1 person. |
#8
|
|||
|
|||
Sucuri URL test site query
Steve Carroll wrote:
Why does the Sucuri URL test site now report this? "Site returning error (40x): HTTP/1.1 403 Forbidden" https://sitecheck.sucuri.net/results/www.tekrider.net# Is there something wrong with the Sucuri tool or is something wrong with Tekrider.net? It means tekrider site is blocking the stupid misguided sucuri tool from scanning its site. Previously the sucuri site was giving a bogus malware alert, so the site blocked its tool. So, historically something was wrong with the sucuri tool. Now, nothing is 'wrong'; tekrider justifiably doesn't want the tool scanning it. -- Mike Easter |
#9
|
|||
|
|||
Sucuri URL test site query
Char Jackson wrote:
On Fri, 25 May 2018 08:30:53 +0100, Steve Carroll wrote: Why does the Sucuri URL test site now report this? "Site returning error (40x): HTTP/1.1 403 Forbidden" https://sitecheck.sucuri.net/results/www.tekrider.net# Is there something wrong with the Sucuri tool or is something wrong with Tekrider.net? Hi David. New nym? No. See comp.lang.c for the long-term bombing campaign by the Steve Carroll bot. The bot just copies text it finds. Paul |
#10
|
|||
|
|||
Sucuri URL test site query
In article , Paul
wrote: On Fri, 25 May 2018 08:30:53 +0100, Steve Carroll wrote: Why does the Sucuri URL test site now report this? Hi David. New nym? No. See comp.lang.c for the long-term bombing campaign by the Steve Carroll bot. The bot just copies text it finds. he is now using the identity of the steve carroll bot. check the headers. |
#11
|
|||
|
|||
Sucuri URL test site query
Steve Carroll news:OYONC.388869$XF1.225599
@fx27.fr7 Fri, 25 May 2018 07:30:53 GMT in alt.comp.os.windows-10, wrote: From: Steve Carroll Subject: Sucuri URL test site query User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Lines: 8 Message-ID: X-Complaints-To: Really David? You're socking now in order to phish for new suckers (I mean, people)? Who aren't aware of your known activities and incorrectly assume they're being helpful by answering your questions. Not realizing at the time, they're actually helping you stalk and or slime someone else. Such a shame. -- To prevent yourself from being a victim of cyber stalking, it's highly recommended you visit he https://tekrider.net/pages/david-brooks-stalker.php ================================================== = It's a good thing we don't get all the government we pay for. |
#12
|
|||
|
|||
Sucuri URL test site query
Char Jackson
Fri, 25 May 2018 19:49:03 GMT in alt.comp.os.windows-10, wrote: On Fri, 25 May 2018 20:06:55 +0100, Steve Carroll wrote: On 25/05/18 10:49, VanguardLH wrote: Steve Carroll wrote: Why does the Sucuri URL test site now report this? "Site returning error (40x): HTTP/1.1 403 Forbidden" https://sitecheck.sucuri.net/results/www.tekrider.net# Is there something wrong with the Sucuri tool or is something wrong with Tekrider.net? According the the site certificate information, the cert is valid. Use your unidentified web browser to look at the details of a site's cert. SNIP I really appreciate your long and informative post, VanguardLH. David, this would have been a great opportunity to let VanguardLH know that you copied/pasted the text of his post into another thread over on alt.computer.workshop, WITHOUT attribution and thereby claiming it as your own. You shouldn't really do that. This post? MID: http://al.howardknight.net/msgid.cgi?ID=152730024400 You'll mostly find me posting on the 'comp.sys.mac.system' group but because I assist folk who use all manner of operating systems, I follow what goes on here in this unique Usenet group. You've never assisted anyone, unless you count the copy/paste of other peoples' posts (claiming them as your own) or providing the same links that have already been posted multiple times. No actual assistance, though. You've made the claim before, you've been asked for examples, and you've been unable to provide any. ROFL! So true. SC Why the new nym, David? Trying to start over with a clean slate? People know you as David Brooks, your real name. You might as well stick with that. Ayep. I don't think his efforts to reinvent himself since his reputation online is pretty much just as bad now as his rl one is will help. He did this entirely on his own, though. Too much booze. OTH, Vanguard obviously didn't even examine the contents of the site David Asked him about. [g] So, he was easy to phish for help, and, happily assisted a known stalker in attempting to learn more about another of his known stalking victims. Bravo I says, great job! High five and all that. -- To prevent yourself from being a victim of cyber stalking, it's highly recommended you visit he https://tekrider.net/pages/david-brooks-stalker.php ================================================== = I think we're all Bozos on this bus. |
#13
|
|||
|
|||
Sucuri URL test site query
Paul news
May 2018 00:23:49 GMT in alt.comp.os.windows-10, wrote:
Char Jackson wrote: On Fri, 25 May 2018 08:30:53 +0100, Steve Carroll wrote: Why does the Sucuri URL test site now report this? "Site returning error (40x): HTTP/1.1 403 Forbidden" https://sitecheck.sucuri.net/results/www.tekrider.net# Is there something wrong with the Sucuri tool or is something wrong with Tekrider.net? Hi David. New nym? No. Yes. He's now using the bots name. See comp.lang.c for the long-term bombing campaign by the Steve Carroll bot. Which has nothing to do with the Steve Carroll who created this thread. The bot just copies text it finds. David and the bot both have that in common. However, in this case, it's David, not the bot responsible for the post which originated this thread. -- To prevent yourself from being a victim of cyber stalking, it's highly recommended you visit he https://tekrider.net/pages/david-brooks-stalker.php ================================================== = President Bush is rehearsing his speech for the Beijing 2008 Olympic Games. He begins with "Ooo! Ooo! Ooo! Ooo! Ooo!" Immediately his speech writer rushes over to the lectern and whispers in the President's ear: "Mr. President, those are the Olympic rings. Your speech is underneath." |
#14
|
|||
|
|||
Sucuri URL test site query
Mike Easter
Fri, 25 May 2018 23:21:12 GMT in alt.comp.os.windows-10, wrote: Steve Carroll wrote: Why does the Sucuri URL test site now report this? "Site returning error (40x): HTTP/1.1 403 Forbidden" https://sitecheck.sucuri.net/results/www.tekrider.net# Is there something wrong with the Sucuri tool or is something wrong with Tekrider.net? It means tekrider site is blocking the stupid misguided sucuri tool from scanning its site. Previously the sucuri site was giving a bogus malware alert, so the site blocked its tool. So, historically something was wrong with the sucuri tool. Now, nothing is 'wrong'; tekrider justifiably doesn't want the tool scanning it. So David managed to fool three? of you into thinking he's another poster who presents a harmless and valid question or a bot copying and pasting text elsewhere. Considering the small amount of us who've posted in this thread so far, that's not too bad an average for David. Either I've under estimated him by a significant margin here, or, several of you are extremely gullible people. I really doubt it's the former. -- To prevent yourself from being a victim of cyber stalking, it's highly recommended you visit he https://tekrider.net/pages/david-brooks-stalker.php ================================================== = Everyone loves a moose. They just may not know it. |
#15
|
|||
|
|||
Sucuri URL test site query
Steve Carroll
news in alt.comp.os.windows-10, wrote: On 25/05/18 10:49, VanguardLH wrote: [snip] I really appreciate your long and informative post, VanguardLH. Thanking the poor sod for falling for one of your phishing attempts is like pouring salt on an open wound, David. Although you're well known for doing it, I was surprised to see you do it in this manner to Vanguard. You'll mostly find me posting on the 'comp.sys.mac.system' group but because I assist folk who use all manner of operating systems, I follow what goes on here in this unique Usenet group. You don't assist anyone with anything. Especially not of a technical nature, David. Infact, this is what you did with his post: MID: You lifted it, verbatim no less, without attribution of any sort. And, you played him via socking to get the post in the first place. [g] The SSLlabs site is highly informative and, as you say, provides a great deal of information which is otherwise hidden. Thank you very much for your help. SC Hahaha. Cute, David. You even did a quickie fake 'signature'. Nice touch. -- To prevent yourself from being a victim of cyber stalking, it's highly recommended you visit he https://tekrider.net/pages/david-brooks-stalker.php ================================================== = Why are there Interstates in Hawaii? |
|
Thread Tools | |
Display Modes | Rate This Thread |
|
|