PGTS PGTS Pty. Ltd.   ACN: 007 008 568

point Site Navigation

point Other Blog Threads



  Valid HTML 4.01 Transitional

   Brilliant XED lighting!
   Australian XED Lighting

   AXL

   Australia/NZ Distributor of
   Reming XED Lighting Products






PGTS Blog Archive

Thread: Internet Security/Malware/Spam

GP JPG
Jojo was a man who thought he was loner --- But he knew it couldn't last.

Gold in them thar hills


Chronogical Blog Entries:



Date: Wed, 02 Feb 2005 16:49:40 +1100

At long last my dreaded BAS is completed. Now a brief respite before it comes around again in another 3 months.

Recently working behind a proxy server, I got the following message when I tried to look up a website called e-gold.com.

IWSS Security Event (meliwss01)
Access to this URL is currently restricted due to a blocking rule.

URL: http://www.e-gold.com/e-gold.asp?cid=105347
Rule: Block URLs of type Known Phishing/fraud site

Access to this URL is currently restricted due to a blocking rule.

I tried looking up this site on the websense categories list:

                   URL: http://www.e-gold.com
              Category: Financial Data and Services
      Database version: 92197
         Database date: 01 Feb 2005

Out of curiosity I thought I would try the "Fingerprint Remote Host" option on the RingOfSaturn tools menu. Here is what it reported:

    Interesting ports on 63.240.230.10:
    (The 59 ports scanned but not shown below are in state: filtered)
    PORT   STATE SERVICE
    80/tcp open  http
    Device type: firewall|media device|general purpose
    Running (JUST GUESSING) : Checkpoint Windows NT/2K/XP (93%), Turtle
    Beach embedded (93%), Microsoft Windows 95/98/ME|NT/2K/XP (92%), Linux
    2.4.X (86%), OpenBSD 3.X (86%)
    Aggressive OS guesses: Checkpoint Firewall-1 on Windows NT 4.0 Server
    SP4-SP5 (93%), Turtle Beach AudioTron network MP3 player (93%),
    Microsoft Windows NT 3.51 SP5, NT 4.0 or 95/98/98SE (92%), Linux
    2.4.23-grsec w/o timestamps (86%), Microsoft Windows 98SE (86%), OpenBSD
    3.2 (x86) (86%)
    No exact OS matches for host (test conditions non-ideal).

And while I was about it I thought I would try my own site. Here is what came back:

    Interesting ports on 203-213-17-10-vic.tpgi.com.au (203.213.17.10):
    (The 58 ports scanned but not shown below are in state: filtered)
    PORT   STATE SERVICE
    53/tcp open  domain
    80/tcp open  http
    Device type: general purpose
    Running: Linux 2.4.X|2.5.X
    OS details: Linux 2.4.0 - 2.5.20
    Uptime 63.923 days (since Tue Nov 30 01:23:00 2004)

Also found an interesting article about a new version of Netscape (version 8).

AOL will be setting up their own list of scam sites. This list of suspect URLs will be marked in red. Might be some competition for Websense?

Of course if Google and ODP ever went into the site categorisation business, I should think that it would be time for the competition to ... "be afraid, be very afraid" ... just a thought there ...

Note: Phishing will not work on my system (I use mutt and w3m).


Other Blog Posts In This Thread:

Copyright     2005, Gerry Patterson. All Rights Reserved.