-
Notifications
You must be signed in to change notification settings - Fork 88
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Whois this IP ? : 82.98.6.171 #241
Comments
There is no use of a proxy within the source. How did you get this ip? |
I confirm that there is no proxy un the sources, check caldav/CaldavFacade by yourself... Where did you get the app ? Le 25 juin 2015 10:38:14 GMT+02:00, timoberger [email protected] a écrit :
Envoyé de mon téléphone. Excusez la brièveté. |
This IP come from my apache's logs : http://txs.io/HO5b As you can read, credentials had not been given (3th column: the '-' before the date field); but all urls are exactly crafted to download my own 5 calendars (pro & familly). Furthermore, the port of this owncloud instance is not usual (8765), so I'm sure this setup is only in my phone. This app come from [google] PlayStore. My phone is a galaxy-note 3; rooted; I've just installed AF+ as a firewall to observe this IP. |
There are also entries from "CardDAV-Sync (Android) (like iOS/5.0.1 (9A405) dataaccessd/1.0) gzip". I guess, either your phone or service provider is using this ip. |
It's your mobile network provider that setup a transparent proxy, there is no problem with the app... Aside of this, there is a feature request about strict https negotiation and removal of some https algorithm to avoid man in the middle attacks... Please confirm that browsing your web version of OC from your mobile give the same results... Le 26 juin 2015 11:01:04 GMT+02:00, timoberger [email protected] a écrit :
Envoyé de mon téléphone. Excusez la brièveté. |
Why are you connecting my owncloud from this IP : 82.98.6.171 (as: OZONE-PARIS1 from Ozone-France).
Why didn't you use my own phone IP address: since you can connect to this server, you can use my own telephone ip. Unfortunately, my "owncloud" is restricted to only a few IP.
I've never seen nor accepted something about proxyfing my caldav traffic through this IP...
If this proxyfication is so well hidden in sources, what are you doing/trying to do with this host ?
This is a very suspicious behaviour.
I'll signal this software as malware to github's staff.
The text was updated successfully, but these errors were encountered: