Security Basics mailing list archives
RE: Password trading problem
From: "Hamish Stanaway" <koremeltdown () hotmail com>
Date: Wed, 04 Aug 2004 22:59:49 +0000
Hi there Jason, One idea is that you could develop this list, and either:Sell it to adult sites so that they can block these referrers, monitor advsertised logins on these sites and close them, or
Send it to all the adult sites you can find for free. Kindest of regards, Hamish Stanaway, CEO Absolute Web Hosting / -= KoRe WoRkS =- Internet Security Auckland, New Zealand http://www.webhosting.net.nz http://www.buywebhosting.co.nz http://www.koreworks.com
From: Jason Humes <jhumes () acs on ca>To: "'security-basics () securityfocus com'" <security-basics () securityfocus com>Subject: Password trading problem Date: Tue, 3 Aug 2004 15:50:19 -0400 MIME-Version: 1.0Received: from outgoing3.securityfocus.com ([205.206.231.27]) by mc2-f25.hotmail.com with Microsoft SMTPSVC(5.0.2195.6713); Wed, 4 Aug 2004 10:16:33 -0700 Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])by outgoing3.securityfocus.com (Postfix) with QMQPid 85C0F2370BC; Wed, 4 Aug 2004 10:26:35 -0600 (MDT)Received: (qmail 27936 invoked from network); 3 Aug 2004 13:23:34 -0000 X-Message-Info: JGTYoYF78jEe0kYrkzgXl0Vb/JRNjO/b Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <security-basics.list-id.securityfocus.com> List-Post: <mailto:security-basics () securityfocus com> List-Help: <mailto:security-basics-help () securityfocus com> List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com> List-Subscribe: <mailto:security-basics-subscribe () securityfocus com> Delivered-To: mailing list security-basics () securityfocus com Delivered-To: moderator for security-basics () securityfocus com Message-ID: <43DFCFBAFD93D411B3F7000629A8748FD42179 () memnoch acs uucp> X-Mailer: Internet Mail Service (5.5.2653.19)Return-Path: security-basics-return-29558-koremeltdown=hotmail.com () securityfocus com X-OriginalArrivalTime: 04 Aug 2004 17:16:33.0607 (UTC) FILETIME=[CA734D70:01C47A46]Hi I've got a client who has an adult themed, password protected, web site and I'm in charge of doing a security review of it. This was brought about bythe admin noticing a huge amount of logins from a single account across manydifferent IP addresses. I imagine that this is the result of password trading online and as part of my security audit I would like to develop alist of these sites which offer message forums for password 'testing', adult'testing', web 'testing' etc...meaning password cracking, and scan for myclients site within their lists to make sure no passwords/accounts have beencracked and being shared. Does anyone have any ideas? Thanks. -- Jason D. Humes Applied Computer Solutions Inc. 3020 St. Etienne Blvd. Windsor, Ontario Phone: (519) 944-4300 x211 Fax : (519) 944-4247 Email : jhumes () acs on ca ********************************************************************** Confidentiality Notice: The information contained in this e-mail and any attachments may be legally privileged and confidential. If you are not an intended recipient, you are hereby notified that any dissemination, distribution or copying of this e-mail and any attachments is strictly prohibited. If you received this e-mail in error, please notify the sender and permanently delete the e-mail and any attachments immediately. You should not retain, copy or use this e-mail or any attachment for any purpose, nor disclose all or any part of the contents to any other person. Thank you. --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-fieldpen testing experience in our state of the art hacking lab. Master the skillsof an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
_________________________________________________________________Dont just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/
---------------------------------------------------------------------------Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Current thread:
- Password trading problem Jason Humes (Aug 04)
- Re: Password trading problem John S . Whitford (Aug 04)
- Re: Password trading problem pingywon MCSE (Aug 04)
- Re: Password trading problem Tomek Perlak (Aug 05)
- <Possible follow-ups>
- RE: Password trading problem Barber, Chris Mr. ATEC/Contractor (Aug 05)
- RE: Password trading problem Hamish Stanaway (Aug 05)