1
1
Recently employees in my office (about 5 people) have reported that sometimes web pages can not load for no reason, but after pressing refresh button in the browser, it first shows 'Redirecting you to www.....' then the page loads normally.
This only started to happen this week and it has happened to all users (so I've ruled out spyware / virus on individual PCs.)
Could this be a man-in-the-middle attack? I.e. someone is intercepting all web requests and forwarding them onto the real server. If so how could you tell?
Network configuration:
internet --> |ADSL |--> wireless router --> office PCs
|modem |--> web server
3What did you do to rule out SpyWare and viruses? – Randolf Richardson – 2011-06-14T07:54:29.137
What kind of router is it? Have you been into the routers configuration and checked that the DNS and other settings are all aquired from the ISP rather than manually entered? – Mokubai – 2011-06-14T07:59:23.030
Just because it is happening to all users does not rule out a virus at all. It REALLY sounds like your computers are infected. – KCotreau – 2011-06-14T13:38:22.040
If they are redirecting you, there has probably been a virus or something. Try resetting proxy servers? – Simon Verbeke – 2011-06-14T11:19:16.687