On 9/9/2015 8:46 AM, shi wrote:
Hi gurus,
We have a website running at a tomcat. Its web pages looks good.
Recently, we, however, find some of web pages contain the filthy AD at the
bottom of the page.
Here are the ways this could be happening:
1. Your server is compromised and it's your server that's inserting the
ads.
2. Your client is compromised by a virus and it's inserting the ad.
3. Your internet service provider is evil and inserting ads.
4. You are suffering from hijacked DNS on your network. I've seen this
where the router at the site had been hacked and was passing out DNS
entries for a server in Russia.
5. Someone's actually compromised your DNS records at the registrar.
The 1st step to figuring out what's going wrong is to get a known clean
client on a known clean network and see what the page looks like. If
it's good, then you eliminate 1,2,3, and 4.
to test number 5 use any of the DNS lookup tools on the internet and
check your domain.
To check number 4, look at the IP addresses of the DNS servers being
handed out by your DHCP server.
We really could not understand why there are these filthy AD at the web page.
We make sure the web page doesn't contain any ADs at tomcat.
But when we access these webpage via internet, we find these filthy AD added..
We search related knowledge and find it looks like some DNS is hijacked. It
causes when the client is accessing the website, the hijacked DNS will be used
to translate the webname to its IP. During this process, the hijacked DNS adds
the filthy AD at the web page.
So my current question is:
how to avoid/resolve this issue at java server side? Are there many good
solutions to resolve it?
Thanks,
Shi
--
George Sexton
*MH Software, Inc.*
Voice: 303 438 9585
http://www.mhsoftware.com
