[Owasp-Malaysia] Email Scam In Malay

Hasanuddin Abu Bakar hasanuddin at sigmarectrix.com
Thu Oct 7 23:14:58 EDT 2010


On Fri, Oct 8, 2010 at 10:59 AM, Mohd Harpizi Anuar <pizi at bnm.gov.my> wrote:

> IDS detect this alert but nothing wrong with related server....I just want

to know is it because this server or application on this server have mis
> configuration such as programming or server setting that can be possibility
> cause this alert.
>

That's why we need to calibrate IDS. Initially IDS need to run in test mode
and monitor the alert it produces and justify which one is true or false
positive so you can disable the alert. False positive alarm WILL raise no
matter how secure your network is because of web applications or
non-standard communication protocols. If you want to see what I mean, setup
a standard snort gateway and open www.bharian.com.my within your client and
snort will warn you that bharian is trying to hijack your connection, and
this is an example of false positive alert.

Post Script: IDS is not plug and play system




>
>
>             Faizul
>             <faizul at mysecurit
>             y.my>                                                      To
>             Sent by:                  "Open Web Application Security
>             owasp-malaysia-bo         Project (OWASP) Malaysia Local
>             unces at lists.owasp         Chapter"
>             .org                      <owasp-malaysia at lists.owasp.org>
>                                                                        cc
>
>             08/10/2010 10:54                                      Subject
>                                       Re: [Owasp-Malaysia] Email Scam In
>                                       Malay
>             Please respond to
>                 "Open Web
>                Application
>             Security Project
>                 \(OWASP\)
>              Malaysia Local
>                 Chapter"
>             <owasp-malaysia at l
>              ists.owasp.org>
>
>
>
>
>
>
> boleh terangkan di mana silapnya ?
>
> On Fri, Oct 8, 2010 at 10:13 AM, Hasanuddin Abu Bakar <
> hasanuddin at sigmarectrix.com> wrote:
>  On Fri, Oct 8, 2010 at 9:57 AM, Mohd Harpizi Anuar <pizi at bnm.gov.my>
>  wrote:
>   Hi...Salam perkenalan.....
>    Saya ni budak baru belajar...ada tak sesiapa yang boleh bagi info pasal
>   TCP
>    Hijack false positive alert...dan apa puncanya
>   Thanks
>
>  False positive alert maksudnya amaran yang salah/silap.
>
>
>
>
>
>   The information in this e-mail and any attachment(s) here to is only for
>   the use of the intended recipient and may be confidential or privileged.
>   If you are not the intended recipient, any use of, reliance on,
>   reference to, disclosure of, alteration to or copying of the information
>   for any purpose is prohibited. Any information not related to BNM's
>   official business is solely the author's and does not necessarily
>   represent BNM's view and is not necessarily endorsed by BNM. BNM shall
>   not be liable for loss or damage caused by viruses transmitted by this
>   e-mail or its attachments. BNM is not responsible for any unauthorised
>   changes made to the information or for the effect of such changes.
>
>   _______________________________________________
>   Owasp-Malaysia mailing list
>   Owasp-Malaysia at lists.owasp.org
>   https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
>   OWASP Malaysia Wiki
>   http://www.owasp.org/index.php/Malaysia
>
>   OWASP Malaysia Wiki Facebook
>   http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>
>
>
>  --
>  Hasanuddin Abu Bakar
>  GSEC #28858
>  IT Security Engineer
>  +6017 913 1983
>
>  Sigma Rectrix Systems (M) Sdn Bhd
>  No.15 & 15-1, Jalan Equine 9A,
>  Equine Park, Bandar Putra Permai
>  43300 Seri Kembangan Selangor
>  URL             : www.sigmarectrix.com
>
>  Phone        : 03-89486696
>  Fax              : 03-89487796
>  Helpdesk  : 03-89486596
>
>
>  _______________________________________________
>  Owasp-Malaysia mailing list
>  Owasp-Malaysia at lists.owasp.org
>  https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
>  OWASP Malaysia Wiki
>  http://www.owasp.org/index.php/Malaysia
>
>  OWASP Malaysia Wiki Facebook
>  http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>
>
>
> --
> 73 de 9W2PJU
>
> http://9w2pju.hamradio.my
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>
>
> The information in this e-mail and any attachment(s) here to is only for
> the use of the intended recipient and may be confidential or privileged. If
> you are not the intended recipient, any use of, reliance on, reference to,
> disclosure of, alteration to or copying of the information for any purpose
> is prohibited. Any information not related to BNM's official business is
> solely the author's and does not necessarily represent BNM's view and is not
> necessarily endorsed by BNM. BNM shall not be liable for loss or damage
> caused by viruses transmitted by this e-mail or its attachments. BNM is not
> responsible for any unauthorised changes made to the information or for the
> effect of such changes.
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>



-- 
Hasanuddin Abu Bakar
GSEC #28858
IT Security Engineer
+6017 913 1983

Sigma Rectrix Systems (M) Sdn Bhd
No.15 & 15-1, Jalan Equine 9A,
Equine Park, Bandar Putra Permai
43300 Seri Kembangan Selangor
URL             : www.sigmarectrix.com

Phone        : 03-89486696
Fax              : 03-89487796
Helpdesk  : 03-89486596
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-malaysia/attachments/20101008/921984dc/attachment-0001.html 


More information about the Owasp-Malaysia mailing list