lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Fri Dec 16 14:40:24 2005
From: toddtowles at brookshires.com (Todd Towles)
Subject: Amazon Phishing Scam - Tech Details

Dan wrote:
> Oh, I don't know, maybe someone might want to block the IP 
> addres or shun them, maybe someone might want to put it in 
> their exchange server as a known bad IP, maybe someone might 
> want to black hole them at some point, just little things 
> like that, and that is why I posted this to this list.
> 
> Just a thought.
> r/d

Dan, you have a very valid idea and it works, but it will only work for
the short temp. Static blocking of phishing sites doesn't work too well
in the long run - but works well for the time the site is up. You put
this one address into your block list to protect your users but what
about the 10 other address you haven't put in there? 

Trying to run a manually updated content/security filtering system will
crazy you insane in no time. Believe me ;)

-Todd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ