Is my ISP injecting JS line ?
Moderator: General Moderators
by s.dot » Fri Jan 04, 2008 12:25 pm
I recently read an article about an ISP inserting stuff into google's home page.
"This place is old, it feels just like a beat up truck. I turn the engine but the engine doesn't turn. Smells of cheap wine and cigarettes, this place is always such a mess. Sometimes I think I'd like to watch it burn."
-
s.dot - Tranquility In Moderation
- Posts: 4654
- Joined: Sun Feb 06, 2005 8:18 pm
- Location: Indiana
by califdon » Fri Jan 04, 2008 3:21 pm
I hope there's a special room in Hell for those who deliberately interfere with the operations and enjoyment of other people by hacking like that.
I think Heisenberg was probably right, but I can't be certain.
-
califdon - Jack of Zircons
- Posts: 3174
- Joined: Thu Nov 09, 2006 9:30 pm
- Location: California, USA
by Jonah Bron » Sat Jan 05, 2008 2:16 pm
Talk to your ISP:idea:
Premature Developer | Nucleussystems.com
pyBookmarkSync | My Computer, Nucleus One | Dvorak Layout
Search first, ask questions later
pyBookmarkSync | My Computer, Nucleus One | Dvorak Layout
Search first, ask questions later
-
Jonah Bron - DevNet Resident
- Posts: 1029
- Joined: Thu Mar 15, 2007 6:28 pm
- Location: Sunny California
by RobertGonzalez » Sat Jan 05, 2008 7:10 pm
You need a new ISP. The only thing I could suggest, as a test, is to connect to a network that serves internet from another ISP than yours and see if the sites you visit are still throwing that mess in your browser.
PHPDN's Most Friendly 2006, Most Helpful, Friendliest 2007, Friendliest, Peacemaker 2008 | Zend Certified Engineer, Zend Framework Certified Engineer
Common Forum Answers | PHPDN Forum Tour | <?php $me = `whoami`; ?> | <?php while (!$succeed) $try++; ?>
I don't offer solutions via PM. I's much more helpful to the community to solve problems in the open so others can benefit from the solution as well.
Help keep our boards online and ad-free. to support our forums.
Common Forum Answers | PHPDN Forum Tour | <?php $me = `whoami`; ?> | <?php while (!$succeed) $try++; ?>
I don't offer solutions via PM. I's much more helpful to the community to solve problems in the open so others can benefit from the solution as well.
Help keep our boards online and ad-free. to support our forums.
-
RobertGonzalez - Site Administrator
- Posts: 14254
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
by anjanesh » Sat Jan 05, 2008 10:13 pm
Inkyskin wrote:Have you tried other browsers yet too?
I started this thread explaining why its not the browser at fault here.
Its coming in directly through the network. The line is getting injected into the html page before its received in my PC.
Apparently, some script is attacking PCs with open ports.
Anjanesh
-
anjanesh - DevNet Resident
- Posts: 1677
- Joined: Sat Dec 06, 2003 10:52 pm
- Location: Mumbai, India
by Chris Corbyn » Sat Jan 05, 2008 11:44 pm
anjanesh wrote:Inkyskin wrote:Have you tried other browsers yet too?
I started this thread explaining why its not the browser at fault here. ....
Apparently, some script is attacking PCs with open ports.
And you have a firewall?
-
Chris Corbyn - Breakbeat Nuttzer
- Posts: 13081
- Joined: Wed Mar 24, 2004 8:57 am
- Location: Melbourne, Australia
by anjanesh » Sun Jan 06, 2008 12:00 am
default, Windows Firewall.
But this is seems to affect the gateways at which point it modifies the HTML source.
But this is seems to affect the gateways at which point it modifies the HTML source.
Anjanesh
-
anjanesh - DevNet Resident
- Posts: 1677
- Joined: Sat Dec 06, 2003 10:52 pm
- Location: Mumbai, India
by Chris Corbyn » Sun Jan 06, 2008 12:10 am
anjanesh wrote:default, Windows Firewall.
But this is seems to affect the gateways at which point it modifies the HTML source.
And your ISP have said...? When you request a file from 'localhost' this line isn't there then?
For now I'd just disable JavaScript in your web browser and hassle your ISP for answers. Do you know other people using the same ISP as you who are experiencing the same issue?
-
Chris Corbyn - Breakbeat Nuttzer
- Posts: 13081
- Joined: Wed Mar 24, 2004 8:57 am
- Location: Melbourne, Australia
by anjanesh » Sun Jan 06, 2008 12:35 am
Tech support from ISP at this level are no good. Called them once - tried explaining - same answer over & over again - pl contact hardware engineer.
For now, I've made 2 precautions :
1. Using AdBlock Plus extension on FF
2. Added entries in hosts file mapping them to 127.0.0.1
1. It doesnt seem to be from one ISP alone (btw, there seems to be just one major ISP called AirTel that provide the groundwork for other ISPs)
2. I dont think other users, who are affected know abt this.
3. I've come across 2 other Indians voicing their issues on the net regarding this - all on Windows XP SP2, different locations, different ISPs.
There arent many google results on 222360.com. Most of them in chinese.
Not very sure - but it seems to attack open ports resulting in slow internet.
How can I know & block the ports opened by FireFox & ThunderBird ? I understand FF uses some ports for bookmarks, etc.
I can see it in netstat
Obviously.When you request a file from 'localhost' this line isn't there then?
For now, I've made 2 precautions :
1. Using AdBlock Plus extension on FF
2. Added entries in hosts file mapping them to 127.0.0.1
Do you know other people using the same ISP as you who are experiencing the same issue?
1. It doesnt seem to be from one ISP alone (btw, there seems to be just one major ISP called AirTel that provide the groundwork for other ISPs)
2. I dont think other users, who are affected know abt this.
3. I've come across 2 other Indians voicing their issues on the net regarding this - all on Windows XP SP2, different locations, different ISPs.
There arent many google results on 222360.com. Most of them in chinese.
Not very sure - but it seems to attack open ports resulting in slow internet.
How can I know & block the ports opened by FireFox & ThunderBird ? I understand FF uses some ports for bookmarks, etc.
I can see it in netstat
Anjanesh
-
anjanesh - DevNet Resident
- Posts: 1677
- Joined: Sat Dec 06, 2003 10:52 pm
- Location: Mumbai, India
by RobertGonzalez » Sun Jan 06, 2008 2:32 am
Have you at least disabled javascript for now?
PHPDN's Most Friendly 2006, Most Helpful, Friendliest 2007, Friendliest, Peacemaker 2008 | Zend Certified Engineer, Zend Framework Certified Engineer
Common Forum Answers | PHPDN Forum Tour | <?php $me = `whoami`; ?> | <?php while (!$succeed) $try++; ?>
I don't offer solutions via PM. I's much more helpful to the community to solve problems in the open so others can benefit from the solution as well.
Help keep our boards online and ad-free. to support our forums.
Common Forum Answers | PHPDN Forum Tour | <?php $me = `whoami`; ?> | <?php while (!$succeed) $try++; ?>
I don't offer solutions via PM. I's much more helpful to the community to solve problems in the open so others can benefit from the solution as well.
Help keep our boards online and ad-free. to support our forums.
-
RobertGonzalez - Site Administrator
- Posts: 14254
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
Who is online
Users browsing this forum: No registered users and 1 guest