Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is this safe?


  • Please log in to reply
20 replies to this topic

#1 jusebeezy

jusebeezy

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 11 June 2014 - 02:40 AM

When I try to access my vps, it says "The identity of the remote computer cannot be authenticated due to problems with its security certificate. It may be unsafe to proceed."
 
Am I ok to still log in or have I compromised my computer?


Edited by jusebeezy, 11 June 2014 - 02:42 AM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:31 AM

Posted 13 June 2014 - 10:03 AM

You receive various certificate related error messages when connecting to a Terminal server

 

The issue occurs because an incorrect certificate is used to make the Terminal server session or remote desktop session.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 jusebeezy

jusebeezy
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 27 June 2014 - 02:03 AM

Would you suggest not connecting to the vps then or can I ignore the warning? 



#4 Guest_Kaosu_*

Guest_Kaosu_*

  • Guests
  • OFFLINE
  •  

Posted 27 June 2014 - 09:52 PM

Would you suggest not connecting to the vps then or can I ignore the warning? 

 

You should never ignore this type of error! Instead, try to find the cause of the problem and find a suitable solution, because this could be an attempt to snoop on your communications. Try these steps out, read the accompanying link and see if this helps you sort it out.

 

1) Are you trying to connect to the VPS by IP address?

 

It is common for this error to be thrown up if you are trying to connect using the IP address instead of by name, because the IP address isn't actually on the certificate. Try connecting by name and see if this does not correct the issue.

 

2) This type of error could be the sign of someone trying to snoop on your connection.

 

This error is common when someone is trying to get you to accept a malicious certificate so they can sniff your encrypted connection. If this is a malicious certificate and you accept it, then the attacker will be able to intercept all contents of this connection in plain-text. This would include, but not be limited to: key exchanges, passwords, take control of the current session, etc.

 

3) What would be the impact of accepting a malicious certificate?

 

Well, it largely depends on how often you reuse passwords, if you're exchanging files back and forth to the server, etc. Since all of your VPS communications would then be compromised, it would be trivial for an attacker to place malicious files on the VPS for you to download, serve you with malicious files during transmission, use the VPS to attack your home network - since you most likely allow it through your firewall, etc.

 

For additional help, check out:

 

http://support.microsoft.com/kb/2000960


Edited by Kaosu, 27 June 2014 - 09:57 PM.


#5 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,001 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA

Posted 27 June 2014 - 11:13 PM

 

 

It may be unsafe to proceed

When you see this as part of a message, VPN or simply connected via a router, take it seriously. Don't proceed. 

 

There has been times when I would get numerous such errors within a few minutes, usually a reboot the router will clear this up. Or reboot the router & modem. I do this weekly as network maintenance, keeps the connection fast. Plus if there's any junk on either, this will remove it. 

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:31 AM

Posted 28 June 2014 - 05:00 AM

Warnings are provided for a reason and should not be dismissed or ignored. You need to investigate further.

As the link I provided to the Microsoft article indicates....

The identity of the remote computer cannot be verified.Do you want to connect anyway?

The remote computer could not be authenticated due to problems with its security certificate. It may be unsafe to proceed

Name mismatch
Requested remote computer is <computer name 1>
Name in the certificate is <computer name 2>

Certificate errors
The server name on the certificate is incorrect
the certificate is not from a trusted certiying authority.

Do you want to connect despite these certificate errors?


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Guest_Kaosu_*

Guest_Kaosu_*

  • Guests
  • OFFLINE
  •  

Posted 28 June 2014 - 03:06 PM

Warnings are provided for a reason and should not be dismissed or ignored. You need to investigate further.

As the link I provided to the Microsoft article indicates....

The identity of the remote computer cannot be verified.Do you want to connect anyway?

The remote computer could not be authenticated due to problems with its security certificate. It may be unsafe to proceed

Name mismatch
Requested remote computer is <computer name 1>
Name in the certificate is <computer name 2>

Certificate errors
The server name on the certificate is incorrect
the certificate is not from a trusted certiying authority.

Do you want to connect despite these certificate errors?

 

 

I didn't realize that we posted the same advice. Your link was named differently and I don't normally click on links. After coming back to this thread, I realize you had basically said the same thing first. I am sorry about that, haha.



#8 cyberSAR

cyberSAR

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 28 June 2014 - 03:16 PM

It's very common on a VPS to use a self-signed cert and you will receive those errors. If that's the case it should be safe to accept. Check with your VPS provider if you are unsure.



#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA

Posted 28 June 2014 - 10:21 PM

I didn't realize that we posted the same advice. Your link was named differently and I don't normally click on links. After coming back to this thread, I realize you had basically said the same thing first. I am sorry about that, haha.

Not a problem...it happens to all of us from time to time. BTW, you should be able to view the link url by hovering your mouse over it without having to click on the actual link.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,001 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:10:31 PM

Posted 29 June 2014 - 12:18 AM

It's very common on a VPS to use a self-signed cert and you will receive those errors. If that's the case it should be safe to accept. Check with your VPS provider if you are unsure.

"Should" leaves room for error, potentially a dangerous one. In this case, could be adding an untrusted security certificate. 

 

Though I agree to check with the provider. 

 

These warnings aren't shown for the sake of it. It's really imperative to think before one clicks. Because Malware prevention is much less work than cleanup. When I see such an error, VPN or not, will close the page w/out proceeding. Too risky of a chance to take, 

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:31 AM

Posted 29 June 2014 - 06:39 AM

When I see such an error, VPN or not, will close the page w/out proceeding. Too risky of a chance to take,

Yes, it is always better to err on the side of caution.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 cyberSAR

cyberSAR

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 29 June 2014 - 08:00 AM

Are we talking VPN or VPS? I don't know any VPS provider that uses anything but self-signed certificates by default. After you are provided your login credentials you can purchase an SSL certificate for your hostname and install it.



#13 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,001 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:12:31 AM

Posted 29 June 2014 - 09:31 PM

Are we talking VPN or VPS? I don't know any VPS provider that uses anything but self-signed certificates by default. After you are provided your login credentials you can purchase an SSL certificate for your hostname and install it.

Actually my post was speaking of either, no matter the network connection. 

 

If I see something fishy, or a warning staring me in the face, will close the page. I don't have my own site, so am unfamiliar about purchasing SSL certificates. However I have enabled the option "Check for server certificate revocation" in the HTTPS/SSL setting of the browser. 

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#14 Offset

Offset

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United Kingdom
  • Local time:10:31 PM

Posted 29 June 2014 - 10:04 PM

Self signed certificates are fairly common actually but that doesn't automatically mean you should ignore the error. I wouldn't say you are 'unsafe' to browse because you're receiving this error but definitely as other have said, you should investigate as soon as possible as there is the potential for this to be something serious.

 

Check with your provider to see whether this behaviour is normal, and until you receive confirmation from them, don't engage in any sensitive activities. Change your passwords regularly, don't do any online banking and if you have banked online since receiving this error, call the bank and check your balance and account status just to be sure.

 

In general, accepting a self signed certificate is always risky. If I need to accept one to visit a site (that I know is safe), I will remove the certificate afterwards (though this practise is certainly not advisable, if you're in any doubt of the risks).



#15 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,001 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:12:31 AM

Posted 29 June 2014 - 11:28 PM

The few times that I seen certificate errors pop up, it's always either for Google during Web searches or when about to sign onto Outlook/Hotmail.com. To the best of my recollection, this takes place when running a Windows OS. Not saying it hasn't happened on Linux Mint, but don't recall it. 

 

When it does happen, I simply switch to the Bing search engine & wait it out on Outlook.com. 

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users