Security Basics mailing list archives
Re: Password trading problem
From: pingywon MCSE <pingywon () gmail com>
Date: Wed, 4 Aug 2004 16:28:12 -0400
It is my experience that most of these "groups" do not operate off of websites. That is way too static a media for them. Most of the operate off off IRC. Now tracking them down and locating what sites they have is another story. Finally I also know that some of these groups dont have "lists" at all but rather work strickly off of "requests" by thier users. Good Luck ~pingywon MCSE, CIWA, DCSE On Tue, 3 Aug 2004 15:50:19 -0400 , Jason Humes <jhumes () acs on ca> wrote:
Hi I've got a client who has an adult themed, password protected, web site and I'm in charge of doing a security review of it. This was brought about by the admin noticing a huge amount of logins from a single account across many different IP addresses. I imagine that this is the result of password trading online and as part of my security audit I would like to develop a list of these sites which offer message forums for password 'testing', adult 'testing', web 'testing' etc...meaning password cracking, and scan for my clients site within their lists to make sure no passwords/accounts have been cracked and being shared. Does anyone have any ideas? Thanks. -- Jason D. Humes Applied Computer Solutions Inc. 3020 St. Etienne Blvd. Windsor, Ontario Phone: (519) 944-4300 x211 Fax : (519) 944-4247 Email : jhumes () acs on ca ********************************************************************** Confidentiality Notice: The information contained in this e-mail and any attachments may be legally privileged and confidential. If you are not an intended recipient, you are hereby notified that any dissemination, distribution or copying of this e-mail and any attachments is strictly prohibited. If you received this e-mail in error, please notify the sender and permanently delete the e-mail and any attachments immediately. You should not retain, copy or use this e-mail or any attachment for any purpose, nor disclose all or any part of the contents to any other person. Thank you. --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
-- ~pingywon MCSE http://www.pingywon.com --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Password trading problem Jason Humes (Aug 04)
- Re: Password trading problem John S . Whitford (Aug 04)
- Re: Password trading problem pingywon MCSE (Aug 04)
- Re: Password trading problem Tomek Perlak (Aug 05)
- <Possible follow-ups>
- RE: Password trading problem Barber, Chris Mr. ATEC/Contractor (Aug 05)
- RE: Password trading problem Hamish Stanaway (Aug 05)