redirects

i use firefox for browsing the net.
under tools>options>advanced>general i have "warn me when sites try to redirect my browser" checked.
i have noticed that quite a few pages i visit try to redirect my browser.
what is causing this?

 

Log in or Sign up to hide all adverts.

That's caused by someone trying to redirect your browser.

Please Register or Log in to view the hidden image!

Please download FixWareout from one of these sites:

http://downloads.subratam.org/Fixwareout.exe

or

http://www.bleepingcomputer.com/file...Fixwareout.exe


Save it to your desktop and run it.
Click "Next", then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin: Please follow the prompts.
You will be asked to reboot your compute: Please do so.
Your system may take longer than usual to load and this is normal.

 

Log in or Sign up to hide all adverts.

Redirects aren't always rogue, for instance on a standard website a page might be removed (a file from the server deleted) however a replacement page might be made to take it's place. They aren't of course the same page, in fact the server will be told to use a "301 - Permanent Redirect" code to make sure any future attempts to access that page point there.

That page could exist within that servers DOM, or it could exist within another website altogether, generating an out of DOM redirect (Which will often be flagged as potentially rogue)

There are also the potential of scripted redirects using the webpage's HEADER both within serverside inclusion scripts and also through the use of META TAGS in HTML.

Again the idea of a redirect is just to redirect one requested page to an alternative location, which is initially quite innocent. It can have it's uses, for instance redirects will be used in instances where the URL contains server manufactured input to define what page to move to. This forum software is by no means an exception, in fact you'll have a "redirection" during login which to my knowledge is apart of an attempt on making it more secure (while also triggering site software functions for logging, server prefetching and other automated tasks in the background associated with your account)

Redirection can also be handy to force people to use particular parenthesis. For instance it's possible to force the domain to only ever respond to affixed www. URL's and force any domain uses without a www. prefix to redirect to a www. prefix. Handy for SEO purposes.
Redirects can also allow someone that enters a normal HTTP site to be forced to a HTTPS page when logging in to make sure than no plain-text transmissions between the server can be intercepted where a plain-text password could be intercepted.

Of course redirects CAN BE ROGUE. Pointing you to false websites or pages to get credit details, or hijack your browser session if they can X-Script an Attack. Any browsers built in method to identify a redirect is done purely to bring redirects to your attention so you can review or overview where the redirect goes and if you truly want to go there.

 

Log in or Sign up to hide all adverts.

okay.
maybe i didn't ask the right question.

if my browser says it's being redirected when i go to a page and nothing shows up on the page should i allow the redirect?

a lot of these redirect have no effect on what i view, but some pages will not load if i do not allow the redirect.

also:
when i went to the second link in cosmics post my browser said it was being redirected but the page loaded without allowing the redirect.

cosmic:
first link is dead.
the second return 404 file not found (fixwareout)

 

I'll remove it from my "favorites" list, I've not used it since I bought Win 7, sorry about that.

Please Register or Log in to view the hidden image!

 

Don't allow anyone to steal your sandwich.

 

i don't get what people think they will find on my machine.
passwords for the forums i visit?
anyway . . .
the DVD rom in my machine went south so i can't reinstall my OS.
can't use a CD rom.
i will replace it soon so i will have all the original anti everything on it.

 

If you want to be a bit of a detective and learn about what is being served up to your browser, read the page in it's Source format.

Namely right click a link and copy the URL, paste it to your URL bar but don't start it's attempt to resolve, instead rewrite the URL.

Code:

view-source:http://whateverwebsite

view-source will show you all the code outputted in it's HTML format, it's links and javascript etc however nothing will be reformatted how the page is usually viewed by the browser, so it can't force redirects or load viruses etc while viewed like this.

It's very handy for identifying where websites are attempting to send you and doesn't raise flags to the server to serve you a page that is different from what you'd usually receive if you allowed your browser to access normally.

 

Stryder is lying; if you follow those instructions you will very possibly get a virus.

 

It's not a lie, even if you download a file to your cache, you still have to execute it to be able to be infected. Since the browser isn't interpreting the code to cause an execution it stop's the files from being executed.

If you are ubber concerned, just make sure you wipe your cache afterwards.

I've done this with sites to delve further into identifying payloads and never had an infection.

In fact if you are ultra paranoid, why not use an TELNET client and access the server through TELNET commands and just get the raw HTML.

Here's how to use Telnet on an XP system (might or might not have differences with other OS's):

Firstly open a Notepad and type in the following:

Code:

GET / HTTP/1.1
Host: www.sciforums.com

Leave that notepad open on your desktop as it will be of use later!

use the CMD console (START > RUN.... CMD)

type in the prompt:

Code:

TELNET

once it's loaded set some variables:

Code:

set localecho
(press enter)
set crlf
(press enter)

now to access the webpage, first you have to connec to the server with:

Code:

o www.sciforums.com 80

now all you have to do is copy the lines from the notepad (CTRL+A then CTRL+C) and then paste them to the CMD window (Right-click the mouse on the window and use Paste)

Once those two lines are there, press enter twice.

You should find the telnet client outputs the RAW HTML of the webpage. Obviously if you intend to check other pages you need to note that the domain needs to be changed for which ever site it is and any folder depth or actual file name replaces the / (backslash).

i.e.

Code:

GET /afolder/file.html HTTP/1.1

 

I'm sorry Stryder, I was just kidding. That was very thorough though. I used to use telnet way back and I wonder if it's even installed on Win machines anymore. For html grabs I use wget or curl. I just thought the thread was absurd as it was -- I've never heard of anyone being worried about redirects. They're not dangerous...but are very annoying. Redirects placed on SourceForge are so frustrating I almost always use mirror sites when possible.

 

Redirects occur on most websites.

 

You actually believe that you know what you're talking about, don't you?

 

Well, I'm not a WebAdmin, but in most cases which I involve myself, yes. What have I said incorrect?