[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] COELACANTH: Phreak Phishing Expedition
- To: <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [Full-Disclosure] COELACANTH: Phreak Phishing Expedition
- From: "Scott Phelps" <scottp@xxxxxxxxxxxxxxx>
- Date: Thu, 10 Jun 2004 23:20:56 -0400
Yeah, it seems to be the host header as "Thor Larholm [thor@xxxxxxxx]"
pointed out.
I set up a site hard to an IP with no host header defined, and can redirect
this way to it.
If you keep trying random sites you will probably find another that works,
but who can really afford to set up every web site on it's own IP these
days.
Scott P
-----Original Message-----
From: full-disclosure-admin@xxxxxxxxxxxxxxxx
[mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx] On Behalf Of Larry Seltzer
Sent: Thursday, June 10, 2004 10:23 PM
To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: RE: [Full-Disclosure] COELACANTH: Phreak Phishing Expedition
>>http://www.malware.com/golly.html
I see no pattern at all, but this works on some systems for me and not on
others. On
some I get to Microsoft, some to e-gold.com.
And WTF is it with www.e-gold.com? Nothing else seems to work at all.
Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
larryseltzer@xxxxxxxxxxxxx
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html