Re: Warning about accessing / attacking phising and spoofing sites
Yes I agree - the same applies to visiting know hackers sites, to see what they are up to. I picked something up by downloading a document, or possibly clicking on the 'about this site' button, on a well known hackers site. Obviously a bobby-trapped link somewhere, and as I was the one that initiated the connection, it got through my firewall as an established or related connection. (If you want the URL of the hackers site, please email me off list and request it). No I'm NOT a hacker, I was just curious to know what their latest Linux exploits were. I noticed that after visiting the hackers site, whenever I connected to the net, there was activity on my modem, and some IP packets were being sent to two IP's in Australia. The IP's actually resolved to an IT firms website in Aus. I had to do a fresh installation to cure the problem. So my advice would be, use a dedicated machine, with it's own single connection and dynamic IP address to the internet, if you want to go poking around hackers or phishers sites. That way, if your machine gets infected, you can reformat your hard drive, and do a fresh O/S installation, which should hopefully wipe out any viruses your machine may have picked up. Alternatively, use a low capacity HDD, that you can afford to bin if it gets infected. Whatever you do, don't try this on a machine that is networked, or you could end up infecting all machines on the entire network. Just my 2 pence worth. Kind Regards - Keith Roberts http://www.karsites.net/ On Sun, 19 Dec 2004, Amir Herzberg wrote: --snip--
You both probably meant this as a joke, but just for safety, let me warn anybody against doing this, or entering phishing sites `just for fun`. Since we're doing research on secure user-interface extensions to browsers to prevent web spoofing and phishing, I've been looking at many phishing and spoofing web sites (see article at http://www.cs.biu.ac.il/~herzbea//Papers/ecommerce/spoofing.htm or extension for Mozilla/FireFox at http://trustbar.mozdev.org). However, this should be done very carefully (read: from a specially protected, not sensitive machine), since many of these sites try (also) to use different browser vulnerabilities to break into machines. While I am sure you are all trying to maintain your browsers and OS updated and configured securely, there is always the risk of some exploit you were not aware of. So, I suggest you don't visit these pages `just for fun`.
participants (1)
-
suse@karsites.net