RE: [in] Warning about accessing / attacking phising and spoofing sites

["Curt Purdy" <purdy () tecman com>]

Amir Herzberg wrote:
> You both probably meant this as a joke, but just for safety, 
> let me warn anybody against doing this, or entering phishing 
> sites `just for fun`. 
> Since we're doing research on secure user-interface 
> extensions to browsers to prevent web spoofing and phishing, 
> I've been looking at many phishing and spoofing web sites 
> (see article at 
> http://www.cs.biu.ac.il/~herzbea//Papers/ecommerce/spoofing.ht
> m or extension for Mozilla/FireFox at 
> http://trustbar.mozdev.org). However, this should  be done 
> very carefully (read: from a specially protected, not 
> sensitive machine), since many of these sites try (also) to 
> use different browser vulnerabilities to break into machines. 
<snip>

Which is why I always use a VMWare image to do this type of research.  As a
SOP, I always throw away the image after doing my research and start up
another copy next time.  This is about the only way I will run windows
anyway and is defentately the only way I will run IE.

Curt Purdy CISSP, GSEC, CNE, MCSE+I, CCDA
Information Security Engineer 
DP Solutions

-----------------------------

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke