lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed Jun 14 22:21:36 2006
From: cardosolistas at contraditorium.com (Cardoso)
Subject: Phishing and Spammers

I was not clear, sorry. A good "semi-unique-id" must use IP, browser
version and other data collected from the http headers. Of course the IP
alone is not enough. 

(except for marketing guys, who trully believe we can magically know
exactly now many people are browsing the site..)

On Wed, 14 Jun 2006 23:14:06 +0200
Michael Weinert <weinert@...2.de> wrote:

MW> Am Mittwoch, 14. Juni 2006 21:30 schrieb Cardoso:
MW> 
MW> > A simple SQL query can delete all records from the same IP/machine, if
MW> > the counter is above 2.
MW> Ha, you think phisher are that smart? I for myself hit the button
MW> only once with fake credentials from my dynamic IP.
MW> If everybody does it... Well...
MW> 
MW> Besides many networks are natted so you see the same IP very often.
MW> 
MW> just my 2 cents.
MW> 
MW> -- 
MW> 
MW>           SysQuadrat    Systeme mit Sicherheit
MW>     Michael Weinert Stuttgart Filderstadt-Plattenhardt
MW>   Tel.: 0711-9970288 Fax: 5360559 Mobil: 0170-4141273
MW>    http://www.linux-firewall.de  weinert@...2.de
MW>            KeyServer hkp://pgp.mit.edu

Allgemeinen Anschulterlaubnis
Cardoso <cardoso@...ox.com> - SkypeIn: (11) 3711-2466 / (41) 3941-5299
vida digital: http://www.contraditorium.com site pessoal e blog: http://www.carloscardoso.com

Powered by blists - more mailing lists