Whats up with this?
- Thread starter skeets
- Start date
Daren Todd
Well-known member
Lifetime Member
Equipment
Massey Ferguson 1825E, Kubota Z121S, Box blade, Rotary Cutter
I got a similar message, but it was for the site certificate. Cleared out my browsing history and it went away.
Also wasn't able to respond to any posts till I cleared my browsing history and signed back in.
Sent from my SM-G920V using Tapatalk
Also wasn't able to respond to any posts till I cleared my browsing history and signed back in.
Sent from my SM-G920V using Tapatalk
torch
Well-known member
Equipment
B7100HSD, B2789, B2550, B4672, 48" cultivator, homemade FEL and Cab
Because you can't reach it via https://
http sites are unencrypted. Whatever you type -- including passwords, etc. can be intercepted, read, modified, etc.
https sites use encryption to secure your communications against interception. Assuming you are talking to the site you think you are talking to. DNSCrypt is require to ensure someone hasn't hijacked the DNS record of a site they are spoofing, as is done with "man in the middle" attacks.
https is becoming much more common. Search engines are showing preference for secure sites and browsers are actively preferring them or even blocking http sites. DNS security is unfortunately lagging behind.
http sites are unencrypted. Whatever you type -- including passwords, etc. can be intercepted, read, modified, etc.
https sites use encryption to secure your communications against interception. Assuming you are talking to the site you think you are talking to. DNSCrypt is require to ensure someone hasn't hijacked the DNS record of a site they are spoofing, as is done with "man in the middle" attacks.
https is becoming much more common. Search engines are showing preference for secure sites and browsers are actively preferring them or even blocking http sites. DNS security is unfortunately lagging behind.
torch
Well-known member
Equipment
B7100HSD, B2789, B2550, B4672, 48" cultivator, homemade FEL and Cab
torch
Well-known member
Equipment
B7100HSD, B2789, B2550, B4672, 48" cultivator, homemade FEL and Cab
If the site address starts with https://, then it uses encryption to protect communications.
DNS is the Domain Name System -- an index of the internet that your computer uses to turn website names (like https://www.orangetractortalks.com) into an actual IP address (192.168.0.0) that your computer uses to connect.
If you send your password to an http site, then anyone in the chain can listen in and read it, giving them access as you. Probably not an issue here, but would be if you are doing online purchasing or banking and sending valuable personal info.
If someone spoofs the DNS (eg: changes the address to something else, like 176.10.0.0), then they can redirect traffic from the intended site to their own site. Your computer will happily send encrypted communications to the wrong site. That site can relay to the intended site so you won't realize what is going on and the malicious site harvests all your info, such as credit card or banking passwords. That is called a "man in the middle" attack.
DNSCrypt encrypts the DNS communications to prevent DNS spoofing and ensure you are really talking to your bank's website when you log in. Just another layer of security.
DNS is the Domain Name System -- an index of the internet that your computer uses to turn website names (like https://www.orangetractortalks.com) into an actual IP address (192.168.0.0) that your computer uses to connect.
If you send your password to an http site, then anyone in the chain can listen in and read it, giving them access as you. Probably not an issue here, but would be if you are doing online purchasing or banking and sending valuable personal info.
If someone spoofs the DNS (eg: changes the address to something else, like 176.10.0.0), then they can redirect traffic from the intended site to their own site. Your computer will happily send encrypted communications to the wrong site. That site can relay to the intended site so you won't realize what is going on and the malicious site harvests all your info, such as credit card or banking passwords. That is called a "man in the middle" attack.
DNSCrypt encrypts the DNS communications to prevent DNS spoofing and ensure you are really talking to your bank's website when you log in. Just another layer of security.
BAP
Well-known member
Lifetime Member
Equipment
2012 Kubota 2920, 60MMM, FEL, BH65 48" Bush Hog, 60"Backblade, B2782B Snowblower
The Russian’s are coming! The Russian’s are coming! Orange Tractor is under Attack. Man your tractors. 
It is long overdue for sites to become secure.
Some banks won't even let you log in if your browser isn't secure. It protects them also.
Some banks won't even let you log in if your browser isn't secure. It protects them also.
torch
Well-known member
Equipment
B7100HSD, B2789, B2550, B4672, 48" cultivator, homemade FEL and Cab
Not just the Russians. China, US, Turkey, Brazil are also in the top 5 but it can come from just about anywhere.The Russian’s are coming! The Russian’s are coming! Orange Tractor is under Attack. Man your tractors.
And while it may not cause irreparable harm if one's password to OTT leaks, many (most?) people use the same password for multiple sites and never change it. Some attacks plant keyloggers and trojans. Or extortionware and ransomware. Or simply use your computer to shield themselves from tracing other illegal activities.
A note to the Admin: At one time it cost money and effort to obtain a trusted certificate to enable https connections to your website. However, several years ago the Internet Security Research Group introduced the "Lets Encrypt" project, offering free DV security certificates for simple, non-transactional websites like this one. (Paid OV and EV certificates are still in use by transactional websites as they not only verify the domain, but also the organization that owns the domain). "Lets Encrypt" is very easy to set up and certificate renewals are automated, so it's "fire and forget" for the site admin. Maybe it's time to consider this for OTT?
Update: I just ran a whois on OTT and see it is hosted by inmotionhosting. I found an inmotion support page detailing how to install Lets Encrypt certificates but apparently they also offer free Comodo certificates via their c-panel. So you have 2 choices.