Got Spooked - Somebody may be trying to eavesdrop on you [Archive]

Jose Amaral Rego

Mon 7th Jan '08, 8:18pm

What is this from, as I get this only on this page.
http://www.vbulletin.com/forum/showthread.php?t=255110&page=2
- The server's name "login.leda.lunarmania.com" does not match the certificate's name "leda.lunarmania.com". Somebody may be trying to eavesdrop on you.
- The root certificate from "leda.lunarmania.com" is not known to Opera. Opera cannot decide if this certificate can be trusted.

Certificate name

leda.lunarmania.com
Unknown
Unknown
Unknown
Unknown, US
emailAddress: ssl@leda.lunarmania.com

Issuer

leda.lunarmania.com
Unknown
Unknown
Unknown
Unknown, US
emailAddress: ssl@leda.lunarmania.com

Details

Connection : TLS v1.0 256 bit AES (RSA/SHA)

The server's name "login.leda.lunarmania.com" does not match the certificate's name "leda.lunarmania.com". Somebody may be trying to eavesdrop on you.

The root certificate from "leda.lunarmania.com" is not known to Opera. Opera cannot decide if this certificate can be trusted.

Certificate version: 3
Serial number: 0x01E19B6ACA
Not valid before: Nov 2 22:11:29 2007 GMT
Not valid after: Nov 1 22:11:29 2008 GMT
Fingerprint(MD5) C9 CC 0D 2A 50 8A F8 06 A9 DC 14 04 E5 28 37 7C
Fingerprint(SHA-1) 28 A4 11 3B 02 55 17 82 FF 1F D0 16 B7 4B 02 6A 30 26 AC 8C

Public key algorithm: rsaEncryption
Public-Key (1024 bit):
Modulus:
00: 37 5B 31 34 2F 3C A8 76 E6 74 4F 76 60 D5 1E B6
10: 4C 18 F8 61 61 84 8C 2D BD 2D DA 9F B9 14 A3 33
20: 54 8A 0C 07 E7 2D 48 76 0B 8F D0 B1 78 62 D6 5B
30: BB 6D 88 03 E4 69 C0 01 B4 68 F0 4E C8 1E 3E F3
40: 8B FC 28 B0 5E D7 93 3F 0C FC 48 F1 68 17 FD 3C
50: 28 93 99 12 ED 65 0C 35 6C 0F 7D 2A A2 9E 1C 31
60: D3 C8 31 CE 29 9E 1B 79 C3 7B A8 49 C6 12 E4 AB
70: 55 2C 4A 8E 89 04 44 A5 A3 BB 68 8F 69 8B 2C C0

Exponent:
01 00 01

Public key algorithm: md5WithRSAEncryption
00: AD E6 B5 BA 17 32 71 B3 0E A8 C7 E4 32 3B E1 F9
10: C2 6D 3F F4 BC 46 4B 1F F2 CB 77 F9 BF A2 E9 1F
20: 83 CC B2 A4 2E 15 69 9C 9D B3 15 14 D9 E5 4B 07
30: 26 B0 1D EC 7A A8 C5 4F DD 06 04 20 EA 6B 32 DF
40: 59 FC A5 67 72 47 3D 36 77 36 B8 51 06 81 90 D4
50: 3A AB E0 5E F6 5F A6 49 8B CF DC F1 F4 A9 AB DA
60: 4E B6 B7 5C 7B 0C 13 49 B8 B5 CB 80 1C 69 08 7B
70: FC C7 5A 57 99 9B 9D F3 50 AD 95 34 35 5E 1A C0

Extensions
X509v3 Subject Key Identifier: 80:19:B6:B0:95:ED:4F:04:3F:29:B5:6B:79:06:B3:77:84 :84:FE:21
X509v3 Authority Key Identifier:
keyid:80:19:B6:B0:95:ED:4F:04:3F:29:B5:6B:79:06:B3 :77:84:84:FE:21
DirName:/C=US/ST=Unknown/L=Unknown/O=Unknown/OU=Unknown/CN=leda.lunarmania.com/emailAddress=ssl@leda.lunarmania.com
serial:01:E1:9B:6A:CA
X509v3 Basic Constraints: CA:TRUE

Ok, I found it.
http://www.vbulletin.com/forum/showpost.php?p=1483322&postcount=22
http://www.vbulletin.com/forum/showpost.php?p=1483343&postcount=25

Chousho

Mon 7th Jan '08, 8:46pm

I found what it was. Check the source of those posts. Here's an example of what's in it:

<img src="https://login.leda.lunarmania.com:2083/3rdparty/phpMyAdmin/themes/original/img/b_help.png" border="0" alt="" />

It's asking you to log in so you can view the image. Since you're not, the image won't show up.

Wayne Luke

Tue 8th Jan '08, 10:12am

Removed the images that were causing the problems.