lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri Dec 16 15:02:22 2005
From: sgmasood at yahoo.com (S G Masood)
Subject: Amazon Phishing Scam - Tech Details



--- Todd Towles <toddtowles@...okshires.com> wrote:

> Dan wrote:
> > Oh, I don't know, maybe someone might want to
> block the IP 
> > addres or shun them, maybe someone might want to
> put it in 
> > their exchange server as a known bad IP, maybe
> someone might 
> > want to black hole them at some point, just little
> things 
> > like that, and that is why I posted this to this
> list.
> > 
> > Just a thought.
> > r/d
> 
> Dan, you have a very valid idea and it works, but it
> will only work for
> the short temp. Static blocking of phishing sites
> doesn't work too well
> in the long run - but works well for the time the
> site is up. You put
> this one address into your block list to protect
> your users but what
> about the 10 other address you haven't put in there?
> 
> 
> Trying to run a manually updated content/security
> filtering system will
> crazy you insane in no time. Believe me ;)
> 
> -Todd
> 

Well Dan, in the context of phishing scams, you are
naive! :p

In the real world, hundreds of IPs get tainted and are
added to blocklists everyday and there is an avalanche
of new phishing scams in the wild. If people were to
post just one instance of each new scam to this list,
this list would be crippled for any other business.

IMO, unless a phishing scam uses a new and interesting
technique, it is not appropriate content for FD.

There are dedicated forums/databases/lists for
submissions of this kind. See www.millersmiles.co.uk
for instance. 

--
Cheers,
SG




__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ