Security Basics mailing list archives

Re: HOW TO PREVENT FHISHING ATTACKS

From: Patrick Webster <sflist () aushack com>
Date: Mon, 31 Jan 2011 14:42:59 +1100

Hi Marco,

Use Sender Policy Framework - see
http://en.wikipedia.org/wiki/Sender_Policy_Framework and
http://www.openspf.org/

SPF is a DNS txt record which indicates whether a MTA (such as
hotmail, gmail, good ISPs) should accept email purportedly from
@bank.com when the source IP is i.e. a botnet.

-Patrick
http://www.osisecurity.com.au/

On Fri, Jan 28, 2011 at 10:44 AM,  <mzcohen2682 () aim com> wrote:

Hi Guys,

I am preparing a set of recommendation for a client of mine which is a bank
, a set of controls against fhisging attacks, besides of telling the bank to
teach there customers how to protect against those attacks ( not opening
suspicious mails etc etc) what other recommendations are good? are there
some technological tools to prevent those attacks that the bank can
implement? I heard something about imperva radar service which should
protect against fishing attack, some one has experience with that tool? what
about other tools that the bank can implement?

many thanks!

Marco

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate.  We look at how SSL works, how it benefits your company and how
your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

HOW TO PREVENT FHISHING ATTACKS mzcohen2682 (Jan 28)
- Re: HOW TO PREVENT FHISHING ATTACKS Patrick Webster (Jan 31)
- Re: HOW TO PREVENT FHISHING ATTACKS Bill Kuhn (Jan 31)
- Re: HOW TO PREVENT FHISHING ATTACKS Marcel Grabher (sallas) (Jan 31)