Snort mailing list archives
Re: Fwd:
From: Eric G <eric () nixwizard net>
Date: Tue, 29 Jan 2013 20:57:39 -0500
On Tue, Jan 29, 2013 at 4:10 PM, waldo kitty <wkitty42 () windstream net> wrote:
On 1/29/2013 15:02, Jeff Jarmoc wrote:Obfuscated redirect tohxxp://www.news.com.december.bestdrops.2012.fxsprime<dot>com yeah, i don't know what they are doing, either, but i've seen quite a few of these types of postings... they are easily recognized by their subject line containing only "Fwd:" and nothing else... i'm suspecting that they might be looking for specific connections to facilitate infectious processes... "they" are getting smarter and narrowing their targets which also assists them in avoiding researchers from determining what they are doing and how they are doing it :?That site in turn gives a 302 to pinterest. Weird that it doesn't seemto doanything; maybe it's fingerprinting browsers?
I find it hilariously appropriate that a spam posting to a mailing list results in analysis and discussion on the URL contained in said spam message... guess that's what you get when you post spam to Snort-users :0) -- Eric http://www.linkedin.com/in/ericgearhart
------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_jan
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!