-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Shi,
On 9/9/15 10:46 AM, shi wrote: > Hi gurus, > > We have a website running at a tomcat. Its web pages looks good. > > Recently, we, however, find some of web pages contain the filthy AD > at the bottom of the page. > > We really could not understand why there are these filthy AD at the > web page. We make sure the web page doesn't contain any ADs at > tomcat. But when we access these webpage via internet, we find > these filthy AD added.. > > We search related knowledge and find it looks like some DNS is > hijacked. It causes when the client is accessing the website, the > hijacked DNS will be used to translate the webname to its IP. > During this process, the hijacked DNS adds the filthy AD at the web > page. > > So my current question is: how to avoid/resolve this issue at java > server side? Are there many good solutions to resolve it? So, the *client's* DNS has been hijacked? The only thing you can really do about that is require your users to use DNSSec or something like that... not sure if that's even possible. You could require HTTPS for everything and request certificate pinning, but again there are ways around that. You may not be able to do anything other than contact some authority and try to get the rogue site shut down. - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJV8E4vAAoJEBzwKT+lPKRY5lkP/j6nfHoEydxcqbKeZxM7jVHG /jxFbTdbt4qATsRj50IyEaZF2wTfhq17O1pfUQWa1zqXPxehJobl0otNmOTjoOwB R5y3C5EUQPS8Umox1Tw+3liEDPDrOesqSPBm7XrvbS5u3kukOqBLC61KJgzsgDAu YTqrMjODNffa7qIHOFSn6Wjy0R0dVVGa5RcxJ9f+Et7DPbHdtVa4Y7zXiltrVFBg BHwTVSxCv8QrfTmSZgEJ819v+UZrh8lmytHnXsF4tkBvxubEEiKS3lDwTucrR/jl mTbQDgEjra88heRl1cAU8xDVoy7y29TEZXlZcLzXG84BoAH82fOhFfo3PcMx0YI1 1W0zqCyuu7BYfgbkbtqRL76h2Nj7XPBL0qS3FmxctjZNLPAvs+2KUadkU6ecK0/6 ELnXJDZz6VzAm+cEr4Wynah42EGXBEq6y32t1Iv/s5WGv0CYmM7+TByE/s24ozzr 2BucnH1kH/3v8m5Dn6/MGpCkzaCT5+mJCR7da6nyzDN/Rupu+JAjjkj1jXjLkVgf 2EnKhN52t+Rdl+0UwV/e9qoPJgWQfBcpLQ6SkyD5h/L+SI6OPVMvHtT9w7py0EJf LOdSAqSYt8a5CcICJFOKjip0O5icMqIwr4kwwFS0oKuUk1g8EfuiDjMlxylbLYvL sU7+8Aa6cdyB1N+p38z7 =J+8s -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
