|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-disclosure] How we caught an Identity Thief
From: Barrie Dempster (barrie
reboot-robot.net)
Date: Mon Feb 20 2006 - 07:53:08 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
From the article linked:
> 1. The domain name
> 2. Who registered it
> 3. Who was serving DNS for it
> 4. The IP address of the web site
> 5. The Service Provider for the IP address
> 6. The OS of the host
> 7. The Web Server
> 8. Some general information about the application the site was using
>
> Within hours we had collected all of the above information. It was my
recommendation to > the client that we contact the FBI at this point.
It took you "hours" to run nmap/dig/whois ?
Not a very good advertisement of your talents, which the post seemed to
be attempting. Even giving you the benefit of the doubt and assuming the
phishers employed basic obfuscation of the host (Which I would doubt as
usually it's someone else machine anyway) hours is a seriously long time
to run a few basic commands.
--
With Regards..
Barrie Dempster (zeedo) - Fortiter et Strenue
"He who hingeth aboot, geteth hee-haw" Victor - Still Game
blog: http://reboot-robot.net
sites: http://www.bsrf.org.uk - http://www.security-forums.com
ca: https://www.cacert.org/index.php?id=3
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- application/x-pkcs7-signature attachment: smime.p7s
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]