I ran
$ gem fetch -V github-linguist
GET http://rubygems.org/latest_specs.4.8.gz
302 Moved Temporarily
GET http://production.s3.rubygems.org/latest_specs.4.8.gz
200 OK
ERROR: While executing gem ... (Zlib::GzipFile::Error)
not in gzip format
then to my shock I opened the link in my browser and see
this message
Norton DNS
Malicious Web Site Blocked
You attempted to access: production.s3.rubygems.org
This is a known malicious web site. It is recommended that you do NOT visit
this site. This site points to production.s3.rubygems.org.s3.amazonaws.com,
which is malicious.
On pencil’s suggestion I ran
namebench and have switched to OpenDNS-2.
Probably someone used AWS to distribute malware and some buggy automatism now blockes *.amazonaws.com
Must be a filter anywhere between you and Amazon (Router/Firewall, Proxy, ISP, Name Server, ...). Start by using different name servers (like Google's 8.8.8.8).
Related
Quite a while ago I started using an ssh tunnel so I could access services back in the Uk that require a UK client address (such as my library and my doctor).
So I have been using "ssh -fTnN -D 1080 chris#isbd.uk" and setting up the proxy configuration in Firefox to use host 127.0.0.1 and port 1080.
However this didn't work when I was in France last week, I'm not sure when it stopped working (maybe in the last year or so), it now give an error:-
Secure Connection Failed
The connection to the server was reset while the page was loading.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the web site owners to inform them of this problem.
Has anyone any idea how to fix this? The proxy works for things like curl and lynx so it would seem to be a Firefox issue brought about by security paranoia.
Found this because I had the same problem today - same error message, no useful information - on fedora-34 using Firefox 94.0 and OpenSSH_8.6p1. Also tried GNU Icecat 78.15.0esr same result. Can't test cromium-browser because the system proxy settings need Network Manager, curl with --preproxy sockst5://127.0.0.2:3128 works fine.
Thought my server config was broken but it also applied to all other connections while the browser was set to use the proxy and the system I was worked from other setups where one ff version is in between the two I tested on fedora-33 and the other being version 94.0.1-1 on arch.
that's as far as I'm willing to invest time to debug this for now
When I open vs installer to install updates, it asks to update installer first and then fails to download packages. I'm getting "Unable to download installation files. Check your internet connection and try again" error.
I tried to capture installer's requests with fiddler and it looks like it can't establish connection to https://aka.ms because of expired/wrong root certificate on my computer.
And I can't open aka.ms in browser, getting ERR_SSL_PROTOCOL_ERROR, which IMO proves that this is the issue.
I have latest windows version (20H2), no new updates in updates center.
How can I install new certificate to be able to connect to aka.ms? Where can I get it?
If you live in contries with strict Internet regulations (like Russia, China, Turkey) you should try using VPNs or proxies.
Regulators make ISPs to block some IPs/URLs. And some ISPs display their own stub webpages instead of the original web content. These stub pages usually says that you are not allowed to look at "restricted content". When using SSL/HTTPS some ISPs also try to response to your queries which can result in certificate errors.
Also it can turn out that some several IPs from MS IP addresses pool are blocked. And some MS functionality stop working.
I'm currently running MAMP Pro (osX 10.9.4) with several different virtual servers on my local machine, one for each of my client's projects. I've been trying to connect to the Google API use OAuth and have everything working just fine when 'REDIRECT URIS' is set to:
http://localhost:8888
However, as mentioned I've got several of these servers running,
e.g. 'https://clientname1:8890' or 'https://clientname2:8890'
Whenever I enter those into the API console I just get a 'Whoops' message telling me something has gone wrong Google's end:
"Server Error: Whoops! Our bad."
It seems as though only 'localhost' is allowed via the API for local testing, is there anyway I can set it up so I can test off any of my local servers?
I had to add my localhost to the allowed referrers list to test locally. Without that inclusion, I get 403 Forbidden errors. You probably just need to add clientname1 and clientname2 or clientname1:8890 and clientname2:8890 to the allowed referrers list in the Google Developers Console. Mine's set under public api access, so maybe it's going to be another problem for you depending what API you're using and how you're using it. Hope it helps -
I've just read http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256/ , a report about an XSS exploit in RDoc.
I'm on Ubuntu 12.04, and I doubt Ubuntu will be dealing with this vulnerability any time soon.
Will deleting all RDoc documentation, and uninstalling the rdoc executable make me safe from this vulnerability?
I don't host RDoc documents to the public, but I occasionally might run gem server for my own viewing if I forget about this vulnerability.
In your case you are safe unless you had a malicious user give you a crafted link to your own server. Basically if someone was hosting rdoc with this exploit a malicious user can send someone a crafted link to this by putting code in a target reference in a URL. If you look at the diff in the CVE you can see that originally the variable "target" was being passed in to the wrapping code unprotected. Then someone could send something like http://example.com/rdoc/File.html#code to inject cookie stealing stuff and that would be rendered by the victims browser.
Running gem server locally should be safe if you adjust how it launches:
gem server -b 127.0.0.1
Server started at http://127.0.0.1:8808
Notice it's on IP 127.0.0.1, which isn't accessible from other machines, only yours. It's the loopback, used for internal connections only.
I started the above server on one of my development hosts, and tried to hit it from my desktop. The connection failed saying it couldn't establish a connection.
Hitting it from that box using OpenURI and Nokogiri inside IRB returns:
Nokogiri::HTML(open('http://127.0.0.1:8808')).at('title').text
=> "RubyGems Documentation Index"
so somethin's alive out there and my log shows:
localhost - - [06/Feb/2013:16:08:56 MST] "GET / HTTP/1.1" 200 52435
- -> /
I'm hosting my downloads on GitHub, to save bandwidth on my own server, but when Sparkle updater tries to download updates from GitHub, it fails with error:
Sparkle Error (continued): The operation couldn’t be completed. (NSURLErrorDomain error -1100.)
I figured out that this is due to a certificate mismatch from GitHub, as you can see from this attempt to use wget to download my app from GitHub:
$ wget http://github.com/downloads/chetan51/sidestep/Sidestep%20v0.2.1.zip
--2010-11-21 16:29:26-- http://github.com/downloads/chetan51/sidestep/Sidestep%20v0.2.1.zip
Resolving github.com... 207.97.227.239
Connecting to github.com|207.97.227.239|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://github.com/downloads/chetan51/sidestep/Sidestep%20v0.2.1.zip [following]
--2010-11-21 16:29:27-- https://github.com/downloads/chetan51/sidestep/Sidestep%20v0.2.1.zip
Connecting to github.com|207.97.227.239|:443... connected.
ERROR: certificate common name `*.github.com' doesn't match requested host name `github.com'.
To connect to github.com insecurely, use `--no-check-certificate'.
Unable to establish SSL connection.
Are there any workarounds for this problem?
I suspect you’re not actually getting as far as the certificate error. I had a similar error this weekend, and found that Sparkle (incorrectly) performs %-escaping on attachment URLs. If you change the %20 to a plain space, you’ll probably get a different error indicating the problem you thought you were having.
Not really very helpful, I know.