My router's firewall URL filter unsuccessful against websites like reddit and godlikeproductions ( conspiracy )

submitted by shbbougter

Anyone else noticed this phenomenon: I'll put every conceivable iteration of the same URL on my ban list, restart the router, and it doesn't work. My computer is somehow rerouted to those sites anyway.

x13

MITM ATTACK?!?!?

US LEA FED MITM? Check the certificate in your browser when attached to https (secure) verison of www.reddit.com

The feds might have been rerouting your social media access within your machine to a ip location and even a false CERTIFICATE for the MITM (man in the middle attack)

Why? To spy on YOU YOU YOU!

IS THIS WEB SITE TOTALLY GREEN BACKGROUND?

https://mitm.watch/

Its green on 4 of 5 of my browsers and machines.

firefox safety check too addon :

https://checkmyhttps.net/info.php?language=en

But you can verify total 100% security by looking at the hash on the reddit certificate and comparing to a special test website.

The website also tries to do this in a automated way for you

https://caddyserver.com/docs/mitm-detection

but the REAL test is just for reddit alone no all domains.

going to this site tells you what your browser SHOULD get in the reddit certificate if you were really https connected to reddit.com

https://www.sslshopper.com/ssl-checker.html#hostname =reddit.com

for me i see : Valid from August 16, 2018 to September 2, 2020 Serial Number: 075b02df9da416512f64ce7071fc8c07

when i click on the padlock in the browser when attached to https : https://www.reddit.com/

I look at the serial number : 07:5B:02:DF:9D:A4:16:51:2F:64:CE:70:71:FC:8C:07

so they MATCH. My browser had a 100% military grade end to end non-tappable connection to the official reddit.com service with no spies in the middle

no MITM (man in the middle)

But maybe you are NOT GETTING serial number : 07:5B:02:DF:9D:A4:16:51:2F:64:CE:70:71:FC:8C:07

maybe the feds installed clumsy hack to spy on you.

SIDE NOTE if you get false scare :

a few americans install a free russian tool to take away all your connections and run it through a local redirected https service around your browser.
You can disable the Russian tool and reboot if the russian tool is confusing you. : https://usa.kaspersky.com/internet-security

x13

not across boots. no os does. none.

he needs to block all ip ranges of reddit perhaps, or he has a white list precedence out of order in his ban design.

I have effectively banned thousands of sites (over 3 thousand) I had to ban on a public service but I only block the main reddit domains to prevent casual login attempts.

TwitterBannedIt

That makes sense.

totes_magotes

Https and compressed streams/connections usually can’t be filtered at the router level

Skirmish

Hosts, Sites, and State Filters block most VPN ranges. My own hosts block my websites "for me" while using a vpn.

Your traffic doesn't go where you think it goes. We're in a silo.

Fateswebb

What kind of router? Why would you block godlike productions they have some damning stories for sure. I know some think it's fake news but I have seem very well proven shit on there

But anyway what kind of router is it? I may be able to help.

shbbougter

Thanks, it's probably the DNS server.

TwitterBannedIt

Are you using the 8.8.8.8 trick? Otherwise flush DNS like they said may fix it, but should have only been a problem if you had visited it prior to enacting the ban.

You'd want to get your DNS from your router. It's also possible (((they))) just sold you a crappy router, shit routers are pretty common. Updating the router firmware might help.

shbbougter

Adding the addresses to the hosts file might work

x13

a lot of possible addresses depending on his region.

dan_k

If you're browsing thru a VPN the route filter is defeated.

shbbougter

I'm not, though.

x13

multi-pathing out on a second interface? (wifi? a second NIC?)