Full Disclosure mailing list archives
Re: NiX API
From: nix () myproxylists com
Date: Thu, 9 Jun 2011 18:42:35 +0300
It definitely does somethingWell, what?
Example 1: Your run a forum and ban a user for reason or another. You also blacklisted his whole ISP subnet because you was very pissed due to abuse. If he wants to, he will be back in less than five minutes with a proxy. NiX API is effectily blocking 85% of all open proxies 24/7/365 fully automatically. Exampe 2: You run an online shop as hundreds of thousands others do and you sell iPhones and you accept credit card payments and more likely our lovely PayPal. A poor guy from africa does not have money to pay this nice phone. He definitely want to have this phone, no matter what it takes. He either give a good fuck about anything else. He purchases stolen credit card information or he is cabable of hacking sites to get this data. He will not for sure use his own IP for this purpose unless he is an A plus idiot. (sorry for my language but I wanted to explain it as it is in real life) :) He will hack a web site from godaddy and set up a proxy to this hacked shell to bounce him. Without the NiX API, a majority of payment gateways will blindly pass this purchase through including our 'well-known and secure PayPal'. We have proved this issue over 50 times in two months period at our sites. At this point this guy from africa has already caused enough damage, whether or not he received the phone. If u would have this API protection implemented, this guy access would have been denied before he was able to even get to form that takes payments. --- That's it, if i would tell all examples and advantages of it's use, this email would be 58 pages long. Thanks for reading and understanding (english is my 2nd language) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- NiX API nix (Jun 08)
- Re: NiX API phocean (Jun 08)
- Re: NiX API mrx (Jun 08)
- Re: NiX API nix (Jun 09)
- Re: NiX API James Rankin (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API Rove Monteux (Jun 10)
- Re: NiX API mrx (Jun 08)
- Re: NiX API Valdis . Kletnieks (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API David Ford (Jun 09)
- Re: NiX API phocean (Jun 08)
- Re: NiX API mrx (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API adam (Jun 09)
- Re: NiX API jabea (Jun 09)
- Re: NiX API nix (Jun 09)
- Message not available
- Message not available
- Re: NiX API Aaron Turner (Jun 09)