Re: mystery redirect

[Benjamin Brown <optikali () gmail com>]

So a number of other people have had the same issue on various other sites
(mostly forums) having them redirected to that AOL Remote Access Web Portal
over and over to have it go away after a day or so. Does not seem to be
browser specific and the users had varied ISPs. Looks like this domain is
run by the AOL NOC. You might be able to get some more info out of them.
Maybe a bugged AOL ad? But then again I don't think there are ads inside the
BoA accounts area =/

* 64.236.128.78* *Record Type:* IP Address

OrgName:    AOL Transit Data Network
OrgID:      ATDN
Address:    22000 AOL Way
City:       Dulles
StateProv:  VA
PostalCode: 20166
Country:    US


NetRange:   64.236.0.0 - 64.236.255.255
CIDR:       64.236.0.0/16
NetName:    ATDN-ISP
NetHandle:  NET-64-236-0-0-1
Parent:     NET-64-0-0-0-0
NetType:    Direct Allocation

NameServer: DNS-01.ATDN.NET
NameServer: DNS-02.ATDN.NET
Comment:    ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate:    2000-02-02

Updated:    2002-06-19

RTechHandle: AOL-NOC-ARIN
RTechName:   America Online, Inc.
RTechPhone:  +1-703-265-4670
RTechEmail:  domains () aol net



On Fri, Jan 22, 2010 at 1:35 PM, Larry Seltzer <larry () larryseltzer com>wrote:

>  Nope. I’m on my own private wifi connected to Verzon FiOS
>
>
>
> Larry Seltzer
> Contributing Editor, PC Magazine
>
> larry_seltzer () ziffdavis com
>
> http://blogs.pcmag.com/securitywatch/
>
>
>
> *From:* Benjamin Brown [mailto:optikali () gmail com]
> *Sent:* Friday, January 22, 2010 1:33 PM
> *To:* Larry Seltzer
> *Cc:* funsec () linuxbox org
> *Subject:* Re: [funsec] mystery redirect
>
>
>
> So to use this service it looks like you need
> https://remote.aol.com/clients.html
>
> All of the FAQ / Documentation stuff looks like it requires a corporate
> partners.aol login
>
> On Fri, Jan 22, 2010 at 1:10 PM, Benjamin Brown <optikali () gmail com>
> wrote:
>
> Are you using a public wireless connection?
>
> On Wed, Jan 20, 2010 at 10:43 PM, Larry Seltzer <larry () larryseltzer com>
> wrote:
>
>   So I’m sitting here watching the tube with my Bank of America account
> open in Chrome.
>
>
>
> Suddenly I see the browser redirect to
> https://mtc.remote.aol.com/dana-na/auth/url_default/welcome.cgi. I have
> attached a screen shot.
>
>
>
> WTF?
>
>
>
> Larry Seltzer
> Contributing Editor, PC Magazine
>
> larry_seltzer () ziffdavis com
>
> http://blogs.pcmag.com/securitywatch/
>
>
>
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.