[ale] ASUS RT series routers

Lightner, Jeff JLightner at water.com
Wed Feb 26 14:10:11 EST 2014 

The way DNS works ".asus.com followed by "/" means it is in fact going to asus.com (unless someone has been able to do DNS cache poisoning on the DNS server you're using).   That is to say everything above ".asus.com/" and below it would be the sign of a delegation from asus.com's DNS servers.

If on the other hand you saw something like "asus.com.etrk.net" or "etrkasus.com" then there is no guarantee it goes to asus.com and a lot of fake links do that - put a valid domain name in the middle of something else to make you think it is the valid domain.  In such a case the "real" domain you're hitting is etrk.net or etrkasus.com rather than asus.com.

What you posted is "valid" for asus.com (again assuming no issues in your own DNS lookups or hack AT asus.com)  Therefore I'd be inclined to trust the link you pasted as having come from Asus.

However, as noted you should probably verify the headers of the FULL email to make sure it came from the path you think it did.   Often it will show something like "alerts at asus.com" as the sender but when you look through the full headers you find it came from somewhere like john at unrelated_business.com and may even have hopped through other email accounts like "why_trust at yahoo.ccom".

One thing I do often see in bogus email is a link that does appear to be valid as shown but on being checked is NOT actually the link.  (That is they mask the real link embedded in the email with label that LOOKs like a link. )   Often hovering over the link shown will show you what the real link is - if they're the same well and good - if they differ then it is almost certainly bogus.  If you click on a link like the one you sent us and it does a redirect that often happens on web servers (legitimately).  If however it immediately launches another URL without first having gone to the URL (albeit briefly) you clicked it is probably a sign that the embedded link isn't what it looked like.





-----Original Message-----
From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Dustin Strickland
Sent: Wednesday, February 26, 2014 12:27 PM
To: ale at ale.org
Subject: Re: [ale] ASUS RT series routers

Scott, so far as I can tell, the link is genuine, although asus.com does not appear to be using HTTPS, so... Perhaps you should look at the mail headers to see where it originated from.

On Wed, 26 Feb 2014 11:15:20 -0500
Scott Castaline <skotchman at gmail.com> wrote:

> Anyone with an ASUS RT series router? I have the RT-N66U and received
> and email today from ASUS_US at edm.asus.com, which I did not recognize
> as having received any prior emails from that particular address. The
> edm part concerns me the most. The email claims to a Customer Care
> Notice with a link (Click Here  button) to download firmware. With all
> that's been going on I just want to be sure that this is legite as the
> site I wind up at is somewhat different from what I had been to just
> after 2/14 for an update back then.
>
> http://etrk.asus.com/web_service/P/a.aspx?m=UnitedStates&c=website&e=8
> 0&s=19764&md=0&t=A_1
>
> The above is the link copied from the email I received. Again just
> checking, possibly just being overly paranoid, but just not sure.
> Also I seem to be having problems accessing their site from my old
> (worked fine last time I downloaded) bookmarks.
>
> Scott C.
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
_______________________________________________
Ale mailing list
Ale at ale.org
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo




Athena(r), Created for the Cause(tm)
Making a Difference in the Fight Against Breast Cancer

---------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------

More information about the Ale mailing list