Full Disclosure mailing list archives
RE: Amazon Phishing Scam - Tech Details
From: "DAN MORRILL" <dan_20407 () msn com>
Date: Fri, 16 Dec 2005 15:02:27 +0000
Todd,Good point, well made. Again the idea that I had was to share the information, and yes I agree with you that manually blocking things would be a pain in the butt, no issues there. If it would be more suitable to post to some other list I am ok with that too.
I know that people are being touchy since the n3td3v/joe average thing has been going on for what seems like forever, and annoying the population of FD is not my intention, I have posted to this list for years, and in general find the inforamation interesting and in many cases amusing. I am more than happy to conceide the groups desire not to have phishing information posted unless it is new or somehow novel reflecting a new trend or technique.
As we are all security folks, security wanna be's, or just interested bystanders, I think many of us have good intentions (which I had this morning). If it is not suitable, that is cool, I'll wait until I have something technical and interesting/new to post. Unfortunately most of my work is done on the business side of the house working with management setting course direction and technology buys lately, and I rarely get to deal with new things unless it is security certification of software and web systems, which is cool in its own way, but usually not content for FD.
Cheers folks, no worries and no issues on my part. Regards, DanSometimes MSN E-mail will indicate that the mesasge failed to be delivered. Please resend when you get those, it does not mean that the mail box is bad, merely that MSN mail is over worked at the time.
From: "Todd Towles" <toddtowles () brookshires com>To: "DAN MORRILL" <dan_20407 () msn com>,<sgmasood () yahoo com>,<full-disclosure () lists grok org uk>Subject: RE: [Full-disclosure] Amazon Phishing Scam - Tech Details Date: Fri, 16 Dec 2005 08:40:11 -0600 MIME-Version: 1.0Received: from msweep.brookshires.com ([216.38.240.199]) by bay0-mc10-f6.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Fri, 16 Dec 2005 06:40:13 -0800 Received: from dc1ms2.msad.brookshires.net (dc1ms2.brookshires.com [10.1.250.135]) by msweep.brookshires.com (Clearswift SMTPRS 5.1.7) with ESMTP id <T753f22b1e4ac10010aa2c () msweep brookshires com>; Fri, 16 Dec 2005 08:40:12 -0600X-Message-Info: JGTYoYF78jEfjPDms5sZsYv5UfY49ViHc+KUgsBeXRY= X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:messageX-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [Full-disclosure] Amazon Phishing Scam - Tech DetailsThread-Index: AcYCTg+yfwUkOTfTTm+KJyOIRFrOegAACwdQ Return-Path: toddtowles () brookshires comX-OriginalArrivalTime: 16 Dec 2005 14:40:13.0369 (UTC) FILETIME=[9F85D290:01C6024E]Dan wrote: > Oh, I don't know, maybe someone might want to block the IP > addres or shun them, maybe someone might want to put it in > their exchange server as a known bad IP, maybe someone might > want to black hole them at some point, just little things > like that, and that is why I posted this to this list. > > Just a thought. > r/d Dan, you have a very valid idea and it works, but it will only work for the short temp. Static blocking of phishing sites doesn't work too well in the long run - but works well for the time the site is up. You put this one address into your block list to protect your users but what about the 10 other address you haven't put in there? Trying to run a manually updated content/security filtering system will crazy you insane in no time. Believe me ;) -Todd
_________________________________________________________________On the road to retirement? Check out MSN Life Events for advice on how to get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Amazon Phishing Scam - Tech Details DAN MORRILL (Dec 16)
- Re: Amazon Phishing Scam - Tech Details S G Masood (Dec 16)
- Re: Amazon Phishing Scam - Tech Details DAN MORRILL (Dec 16)
- Re: Amazon Phishing Scam - Tech Details Dave Korn (Dec 16)
- <Possible follow-ups>
- RE: Amazon Phishing Scam - Tech Details Todd Towles (Dec 16)
- RE: Amazon Phishing Scam - Tech Details S G Masood (Dec 16)
- RE: Amazon Phishing Scam - Tech Details DAN MORRILL (Dec 16)
- Re: Amazon Phishing Scam - Tech Details S G Masood (Dec 16)