Web - Forum Security

This section is for general discussions surrounding digital phone service.
godot2012
Active Poster
Posts: 77
Joined: 07/28/2012
SIP Device Name: GrandStream ATA
Firmware Version: Fongo shipped
ISP Name: 295.ca
Computer OS: WIN 7
Router: NETGEAR DB WNDR4000
Smartphone Model: Nexus4
Android Version: 4.3

Web - Forum Security

Post by godot2012 »

I have Trusteer Rapport installed on my PC. When I try to log non to this site it tells me that this is 'possibly' not a safe site. :o I suppose this can be fixed.
User avatar
Bloodsong
Tried and True
Posts: 362
Joined: 09/18/2009
SIP Device Name: Zoiper| Grandstream GXP2000
ISP Name: Tek Savvy Internet (DSL)
Computer OS: CentOS, Arch, Widows 7, AIX, AS/400
Router: Cisco ASA 5520
Smartphone Model: Samsung Galaxy Ace Q
Android Version: 2.3.6
Location: Simcoe County

Re: Web - Forum Security

Post by Bloodsong »

http://krebsonsecurity.com/2010/04/a-cl ... -trusteer/

Here's a quick review on it from a slightly-technical standpoint. Not as indepth as I'd like to go, but I generally tend to "foofoo" this type of software in lieu of common sense. It seems mostly aimed at protecting the trust relationship of SSL keys and the sites to which they belong, in which case I imagine there's probably several false positives from Rapport such as the one you're receiving on this site.

Or in this case it appears to be using a cert from another 519 area code company "eyesurf.net" (So what's the relation between FPL and eyesurf?)
forum.freephoneline.ca uses an invalid security certificate.

The certificate is only valid for the following names:
eyesurf.net , www.eyesurf.net
The certificate expired on 11/03/2011 11:34. The current time is 03/08/2012 17:20.

(Error code: ssl_error_bad_cert_domain)


And it could be as simple as you're going to forum.freephoneline.ca and Rapport does not like the automated redirect to forum.fongo.com.

Or that an SSL key for a higher level domain is being used on a lower one directly.

Finally some software designed similar to Rapport (I don't say Rapport specifically as I haven't personally tested it.) Simply do not like log-in screens that are not using HTTPS, so if you don't double check that you're on an SSL encrypted form login, that can happen as well with some such software.

Rapport for me gets filed under the same category as EMET (which my security researchers like.) the AVG Safe Search tool bar, and other web-page security applications. "Great for Grandma, but not necessary for me."

Not that I never run security software, but if you were to look at my task bar presently you certainly wouldn't notice any. I use security software on an as-needed basis, and if I'm doing anything that actually worries me about my security against being compromised/hacked, I slip into Linux, or do it through a sandbox environment such as a Virtual Machine or Threat Fire, or all of the above.

Note on Threat Fire: This is a sophisticated mixture of Heuristic scanning, behavioural analysis and sand-boxing (running a program in an emulation layer to make it appear that you are interacting with the host operating system when you are not.)

TLDR;

This can be fixed if we know exactly why Rapport doesn't like the site you're trying to log-on to. (The forum? Or you phone account?) But depending upon the cost of implementation you simply may find that pandering to a nuisance created by unnecessary and uncommon software is not on top of Freephoneline's list of priorities.

I suspect it's the SSL Certificate mis-match however... which any half decent web browser will warn you about as you access the website anyway.

--------
I feel a disclaimer is necessary here: I am not now, nor have I ever been under the employ of Fibernetics.ca, I am a user and volunteer my time to support what I believe to be an amazing and freeing use of technology. (Free as in speech and as in beer, though it could be more free by opening the source of the soft phone, we won't punish the company for that or the service they do provide us would suffer, or worse yet cost. ;) )

By day, I work in I.T. as a Systems Operator and a Network Security Administrator. I moonlight as an I.T. consultant/I.T. Solutions Architect. I study and dabble in many things, and as soon as I'm done getting my next M$ certification I'm turning my in-home lab into a penetration testing playground, where I will allow various malware to run ammock in a computer network segregated from my primary home network, and I will observe and exploit their behaviours, doesn't it sound like fun?
godot2012
Active Poster
Posts: 77
Joined: 07/28/2012
SIP Device Name: GrandStream ATA
Firmware Version: Fongo shipped
ISP Name: 295.ca
Computer OS: WIN 7
Router: NETGEAR DB WNDR4000
Smartphone Model: Nexus4
Android Version: 4.3

Re: Web - Forum Security

Post by godot2012 »

Thanks for your 'not in depth' explanation. A couple of notes:
1. Rapport is strongly suggested by by at least one Canadian bank - the one I use for on line banking.
2. It has no problem with FPL or Fongo.com. It only flags this site.

Thanks again.