Answer the question
In order to leave comments, you need to log in
What to do if your Wi-Fi is intercepted?
Good afternoon.
I have a problem and I don't have the skills to take steps to fix it.
The bottom line is that when you connect to your Wi-Fi router, ads are loaded on any resource that I open via http. I found out the following on my own:
When requesting any JavaScript file via http, a dummy js file comes in response, which contains the script for introducing ad units, and then connecting the original js.
The scheme of work is as follows: For any request for a js file, if the Referer header with the original host is present, then a decoy js comes, if there is no Referer, then the original file comes.
I don't think that this nonsense happens at the provider level, but at the same time I don't understand how this can be done and how to get rid of it. The router is old - WPA2-Personal encryption
Changed all passwords, hid the SSID - nothing helps.
Embeds only in http, https cannot.
Tell me what to do, what to check, how can it be blocked? I'm a Web developer, the dev stack often hangs on http, well, it's not at all comfortable to work.
UPD: the problem appears only when connected to the router on all devices (laptop, phones, tablets) in other places everything is fine, if you distribute the Internet from the phone, everything is also fine.
This exactly manifests itself only when connected to this router, so the fact of the presence of a virus disappears. any guest who comes to the house and connects to the network sees this ad
Answer the question
In order to leave comments, you need to log in
Directly connect the Internet cable to the PC and check:
1. There will be advertising - the problem is either in the laptop or in the provider.
2. No - it means in the router (what mitm's slip here - the probability is <1%).
I am a web developer, the dev stack often hangs on http
Most likely, your router had access to the web UI from the outside, and through simple actions, the enemies sewed a modified firmware into the router.
You need to upgrade to standard firmware and immediately disable Web UI, ssh, telnet on WAN.
Check the network details on the router.
Quite often it happens that the web muzzle of the router looks out, and the password admin / admin, respectively, makes a banal dns substitution, which in turn causes an advertising parade.
Connect a fresh PC bypassing the router. The same thing - roll the barrels on the provider.
ps. In general, in my practice, some providers allowed themselves to mimic any trash in http. Treated by scandal!!! If the scandal did not help - change the provider .... And if you still have a hundred points with this provider - then there too.
If sla is specified, you can consider the transition time as unavailable time. To do this, you need to collect metadata.
Some providers do this. I won’t say anything about wired ones, but specifically Megafon does this 100%.
I have a sim card of a megaphone and a sim card of MTS on my phone, plus wifi (which is connected to a router on Rostelecom). Megafon: If you download via http, not https - on frequently visited sites (only http!) An ad block is inserted, if you click it by accident - you can run into a mobile subscription (so if you go through a mobile browser), or get a corrupted file (if something was downloaded via http from a computer connected via usb to this smartphone, i.e. smartphone as a modem). The settings are everywhere automatically, on a Linux computer, and nothing has changed after installing another distro. It comes to the point that even the system cannot be updated - the files are downloaded, and one will definitely fail during installation. It is worth clearing the cache, connecting to another provider - everything is ok.
Those. when connected to Rostelecom, mts - this does not happen.
Fight how? No way, apparently, you need to change the provider, and that's it. You can also organize a connection through vpn, but I did not check how it would work.
Sergey, log in) - How to add information on top of a web page through a Wi-Fi access point?
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question