Interesting experience: trying to get a ... / 2010-10-30

Koos van den Hout

2010-10-30 Interesting experience: trying to get a ... 12 years ago

Interesting experience: trying to get a peek at a spamvertised website with lynx, and all of a sudden all the IPs of the site stop responding on port 80. Makes me think research with a bit of caution is unwanted. Maybe time to fake the user-agent to be a vulnerable Internet Explorer (although things like p0f will still detect linux, that's a bit harder to fake).
The spam was a faked facebook notification:
   Hi,
   You haven't been back to Facebook recently. You have received
   notifications while you were gone.
Easy to spot as fake: I can't go back to facebook because I don't have an account there. "Facebook" makes Echelon look like a childish attempt at gathering information about people so I'll skip.
All links in the mail were to http://yourrxpress.net/ which resolves to:
yourrxpress.net has address 88.255.78.101
yourrxpress.net has address 88.255.78.102
yourrxpress.net has address 86.55.211.121
yourrxpress.net has address 86.55.211.122
yourrxpress.net has address 86.55.211.123
Interesting that *all* IPs started to firewall after I tried two times with lynx.

Tags: english, privacy, security, spam

IPv6 check

Running test...

Interesting experience: trying to get a ... / 2010-10-30

Koos van den Hout

IPv6 check

Archive