[Python-Dev] [RELEASED] Python 3.4.0b2 (original) (raw)
Stephen J. Turnbull stephen at xemacs.org
Mon Jan 6 06:36:33 CET 2014
- Previous message: [Python-Dev] [RELEASED] Python 3.4.0b2
- Next message: [Python-Dev] [RELEASED] Python 3.4.0b2
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Bob Hanson writes:
On Sun, 5 Jan 2014 20:09:23 -0600, Tim Peters wrote:
As Benjamin asked, could you please flesh out what "blah-blah-blah-dot-com" means - what, exactly, was the site your firewall warned you about?
Forgive me, but I'm an old man with very poor vision. Using my magnifying glass, I see it is two very long URLs ending with something like after the blah-blah: < ... akametechnology.com>
I suppose you tried cutting and pasting? Note that you don't need to be exact as long as you're pretty sure you got the whole thing -- your readers who have better eyesight can parse out the URL easily enough.
More precisely, these two IP addresses: 23.59.190.113:80 23.59.190.106:80
Somebody who doesn't know the rules of capitalization (see ww1.akamitechnologies.com) appears to be spoofing Akamai (the web caching/distribution service used by President Obama among other prominent users).
The domain referenced is presumably some variation on .deploy.static.akamitechnologies.com (according to host ), and the long URL is rooted at /ses/ so it's trying to convince you it's a session (whether that is actually true or not I don't know, that's just what I would guess if I were trying to reverse engineer an honest URL, which this sure doesn't seem to be).
So your alarm seems to be verified, but why this happened to a Python download I don't know. It could be DNS hacking between you and python.org, as well as something in the Python MSI.
HTH
Steve
- Previous message: [Python-Dev] [RELEASED] Python 3.4.0b2
- Next message: [Python-Dev] [RELEASED] Python 3.4.0b2
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]