You are not logged in.

#1 2017-09-08 09:39:44

l0b0
Member
Registered: 2014-10-21
Posts: 13
Website

Is superproxy dot crushus dot com slash bbs.archlinux.org legit?

When searching for the literal string '"arch linux" "Unknown eventid: 90118" ath10k_pci' on Google I got a result pointing to https://superproxy dot crushus dot com slash bbs.archlinux.org/viewtopic.php?id=228793 (obfuscated to avoid referencing them). It looks identical to the original, and has a valid certificate, so I almost submitted my forum credentials there. Are they affiliated with Arch Linux?

Offline

#2 2017-09-08 14:53:37

ewaller
Administrator
From: Pasadena, CA
Registered: 2009-07-13
Posts: 20,085

Re: Is superproxy dot crushus dot com slash bbs.archlinux.org legit?

Nope.  But, they appear to be attempting to be a workaround for those who live places that block or censor our site.   They seem to be a proxy; they pick up changes on this site as fast as they happen.
They are probably benign (except in the eyes of those doing censoring of sites).  Their DNS record looks reasonable and fully populated with seeming legitimate data

ewaller@turing ~ [1]1002 %whois crushus.com 
   Domain Name: CRUSHUS.COM
   Registry Domain ID: 1995037496_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.google.com
   Registrar URL: http://domains.google.com
   Updated Date: 2017-07-21T05:43:35Z
   Creation Date: 2016-01-17T13:26:00Z
   Registry Expiry Date: 2019-01-17T13:26:00Z
   Registrar: Google Inc.
   Registrar IANA ID: 895
   Registrar Abuse Contact Email: registrar-abuse@google.com
   Registrar Abuse Contact Phone: +1.8772376466
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Name Server: NINA.NS.CLOUDFLARE.COM
   Name Server: ROB.NS.CLOUDFLARE.COM
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2017-09-08T14:46:12Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar.  Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability.  VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: crushus.com
Registry Domain ID: 1995037496_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.google.com
Registrar URL: https://domains.google.com
Updated Date: 2017-07-21T05:43:35Z
Creation Date: 2016-01-17T13:26:00Z
Registrar Registration Expiration Date: 2019-01-17T13:26:00Z
Registrar: Google Inc.
Registrar IANA ID: 895
Registrar Abuse Contact Email: registrar-abuse@google.com
Registrar Abuse Contact Phone: +1.8772376466
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: Contact Privacy Inc. Customer 1241350266
Registrant Organization: Contact Privacy Inc. Customer 1241350266
Registrant Street: 96 Mowat Ave
Registrant City: Toronto
Registrant State/Province: ON
Registrant Postal Code: M4K 3K1
Registrant Country: CA
Registrant Phone: +1.4165385487
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: bjmdnq1mxkmm@contactprivacy.email
Registry Admin ID:
Admin Name: Contact Privacy Inc. Customer 1241350266
Admin Organization: Contact Privacy Inc. Customer 1241350266
Admin Street: 96 Mowat Ave
Admin City: Toronto
Admin State/Province: ON
Admin Postal Code: M4K 3K1
Admin Country: CA
Admin Phone: +1.4165385487
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: bjmdnq1mxkmm@contactprivacy.email
Registry Tech ID:
Tech Name: Contact Privacy Inc. Customer 1241350266
Tech Organization: Contact Privacy Inc. Customer 1241350266
Tech Street: 96 Mowat Ave
Tech City: Toronto
Tech State/Province: ON
Tech Postal Code: M4K 3K1
Tech Country: CA
Tech Phone: +1.4165385487
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: bjmdnq1mxkmm@contactprivacy.email
Name Server: NINA.NS.CLOUDFLARE.COM
Name Server: ROB.NS.CLOUDFLARE.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2017-09-08T14:45:20Z <<<

For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en

Please register your domains at: https://domains.google.com/
This data is provided by Google for information purposes, and to assist
persons obtaining information about or related to domain name registration
records. Google does not guarantee its accuracy.
By submitting a WHOIS query, you agree that you will use this data only for
lawful purposes and that, under no circumstances, will you use this data to:
1) allow, enable, or otherwise support the transmission of mass
   unsolicited, commercial advertising or solicitations via E-mail (spam); or
2) enable high volume, automated, electronic processes that apply to this
   WHOIS server.
These terms may be changed without prior notice.
By submitting this query, you agree to abide by this policy.

ewaller@turing ~ 1003 %

Edit:  That said, I would not post my credentials there.  First and foremost, my credentials could do damage to this site.  But, this site could certainly be a man-in-the-middle and could do anything it wanted with your credentials (Well, your username/password credentials.  Other parts of the Arch Linux infrastructure use Public Key Encryption and would be less subject to a MITM attack)

Edit2:  Morning  fsckd; we were posting at the same time again wink

Last edited by ewaller (2017-09-08 15:01:27)


Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way

Offline

#3 2017-09-08 14:58:45

fsckd
Forum Fellow
Registered: 2009-06-15
Posts: 4,173

Re: Is superproxy dot crushus dot com slash bbs.archlinux.org legit?

It is a web proxy by the looks of it. You should never enter your credentials to a web proxy unless you're OK with them being intercepted.


aur S & M :: forum rules :: Community Ethos
Resources for Women, POC, LGBT*, and allies

Offline

Board footer

Powered by FluxBB