You are not logged in.

Pages: 1

Topic closed

#1 2020-01-27 13:21:46

Rafael Castellar
Member
From: Brazil
Registered: 2017-05-11
Posts: 19

Network restricting access: certificate restriction

Network restricting access:  certificate restriction


Hi all!

I've just came from vacations and mine and my friends Archlinux are suffering with some restrictions from my workplace network.

Every time we connect a window is opened with the title: Authentication to the access point (http://nmcheck.gnome.org/check_network_status.txt), showing:

Index of /

[ICO]    Name    Last modified    Size    Description
[TXT]    check_network_status.txt    2018-01-30 14:15    25    
Apache/2.4.6 (Red Hat Enterprise Linux) Server at nmcheck.gnome.org Port 80

This file content is just:

NetworkManager is online

Also, a question mark "?" is on the connection icon. A lot of website are restricted by certification. This (the forum) is one of them. Also, AUR is being restricted.

I've checked with internal IT and they assure there were no changes in network. It is happening only with Archlinux and Manjaro.

I've also update ca-certificates, run

trust extract-compat

Nothing changed.

Does anyone have any tips?

Tks!!

Offline

#2 2020-01-27 15:19:22

Head_on_a_Stick
Member
From: The Wirral
Registered: 2014-02-20
Posts: 8,763
Website

Re: Network restricting access: certificate restriction

Rafael Castellar wrote:

A lot of website are restricted by certification.

In what way are they restricted? What actually happens when you try to connect?

Can you connect to other sites without problems? Have you checked the journal for errors?

Jin, Jîyan, Azadî

Offline

#3 2020-01-27 15:32:28

Scimmia
Fellow
Registered: 2012-09-01
Posts: 12,379

Re: Network restricting access: certificate restriction

Basic info is required here. Actual package version. Actual errors. ACTUAL OSs.

Offline

#4 2020-01-27 16:06:28

Rafael Castellar
Member
From: Brazil
Registered: 2017-05-11
Posts: 19

Re: Network restricting access: certificate restriction

Hi!

It blocks the site with the following message (translated from portuguese):

Your connection is not private
Attackers may be trying to steal your information from bbs.archlinux.org (for example, passwords, messages or credit cards). know more
NET :: ERR_CERT_AUTHORITY_INVALID
-------------------------------------------------------------------------

The bbs.archlinux.org uses encryption to protect your information. When Chromium uses bbs.archlinux.org this time, the site returns incorrect and incorrect credentials. This can happen when an attacker is accessing bbs.archlinux.org or when a Wi-Fi login screen interrupts the connection. Your information is still protected, because Chromium interrupts the connection before the data is exchanged.

You cannot visit bbs.archlinux.org now, because the site uses HSTS. Network errors and attacks are usually temporary. This page will probably work later.

I don't have any option to accept this (some problems with certification allows me to accept on my own).

A lot of sites open normally. It seems forums, AUR, wiki and other related to Arch and Manjaro are with problems. Pacman itself can't update.

Evolution's calendar also have problems with outlook (exchange) certifications.


Hi Scimmia, what info should I provide?
I'm using Archlinux fully updated about 3 hours ago.

uname -a
Linux lp1582 5.4.13-arch1-1 #1 SMP PREEMPT Fri, 17 Jan 2020 23:09:54 +0000 x86_64 GNU/Linux


Thanks you all!

Offline

#5 2020-01-27 16:23:15

ewaller
Administrator
From: Pasadena, CA
Registered: 2009-07-13
Posts: 20,344

Re: Network restricting access: certificate restriction

It looks like a man in the middle attack.  It appears your company is intercepting the request and is providing its own content.  Maybe they are blocking the site.

https://en.wikipedia.org/wiki/HTTP_Stri … t_Security

Last edited by ewaller (2020-01-27 16:24:17)

Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way

Offline

#6 2020-01-27 17:06:10

Rafael Castellar
Member
From: Brazil
Registered: 2017-05-11
Posts: 19

Re: Network restricting access: certificate restriction

We just find a guy here from IT department that told us there were a change related to this. They are trying to fix it, it is a mess right now, but they are taking care.

Thank you friends, let us close this thread...

Best regards!

Last edited by Rafael Castellar (2020-01-27 17:07:44)

Offline

#7 2020-01-27 17:08:17

ewaller
Administrator
From: Pasadena, CA
Registered: 2009-07-13
Posts: 20,344

Re: Network restricting access: certificate restriction

Closed, by request

Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way

Offline

Pages: 1

Topic closed

Board footer

Powered by FluxBB