[Owasp-Malaysia] Email Scam In Malay

Muhammad Najmi Ahmad Zabidi najmi.zabidi at gmail.com
Thu Oct 7 23:44:57 EDT 2010


ni bincang pasal IDS ke pasal scam ni, confuse jap.
bukan takleh bukak topik baru

On Fri, Oct 8, 2010 at 11:14 AM, Hasanuddin Abu Bakar
<hasanuddin at sigmarectrix.com> wrote:
>
>
> On Fri, Oct 8, 2010 at 10:59 AM, Mohd Harpizi Anuar <pizi at bnm.gov.my> wrote:
>>
>> IDS detect this alert but nothing wrong with related server....I just
>> want
>>
>> to know is it because this server or application on this server have mis
>> configuration such as programming or server setting that can be
>> possibility
>> cause this alert.
>
> That's why we need to calibrate IDS. Initially IDS need to run in test mode
> and monitor the alert it produces and justify which one is true or false
> positive so you can disable the alert. False positive alarm WILL raise no
> matter how secure your network is because of web applications or
> non-standard communication protocols. If you want to see what I mean, setup
> a standard snort gateway and open www.bharian.com.my within your client and
> snort will warn you that bharian is trying to hijack your connection, and
> this is an example of false positive alert.
> Post Script: IDS is not plug and play system
>
>
>>
>>
>>
>>             Faizul
>>             <faizul at mysecurit
>>             y.my>                                                      To
>>             Sent by:                  "Open Web Application Security
>>             owasp-malaysia-bo         Project (OWASP) Malaysia Local
>>             unces at lists.owasp         Chapter"
>>             .org                      <owasp-malaysia at lists.owasp.org>
>>                                                                        cc
>>
>>             08/10/2010 10:54                                      Subject
>>                                       Re: [Owasp-Malaysia] Email Scam In
>>                                       Malay
>>             Please respond to
>>                 "Open Web
>>                Application
>>             Security Project
>>                 \(OWASP\)
>>              Malaysia Local
>>                 Chapter"
>>             <owasp-malaysia at l
>>              ists.owasp.org>
>>
>>
>>
>>
>>
>>
>> boleh terangkan di mana silapnya ?
>>
>> On Fri, Oct 8, 2010 at 10:13 AM, Hasanuddin Abu Bakar <
>> hasanuddin at sigmarectrix.com> wrote:
>>  On Fri, Oct 8, 2010 at 9:57 AM, Mohd Harpizi Anuar <pizi at bnm.gov.my>
>>  wrote:
>>   Hi...Salam perkenalan.....
>>    Saya ni budak baru belajar...ada tak sesiapa yang boleh bagi info pasal
>>   TCP
>>    Hijack false positive alert...dan apa puncanya
>>   Thanks
>>
>>  False positive alert maksudnya amaran yang salah/silap.
>>
>>
>>
>>
>>
>>   The information in this e-mail and any attachment(s) here to is only for
>>   the use of the intended recipient and may be confidential or privileged.
>>   If you are not the intended recipient, any use of, reliance on,
>>   reference to, disclosure of, alteration to or copying of the information
>>   for any purpose is prohibited. Any information not related to BNM's
>>   official business is solely the author's and does not necessarily
>>   represent BNM's view and is not necessarily endorsed by BNM. BNM shall
>>   not be liable for loss or damage caused by viruses transmitted by this
>>   e-mail or its attachments. BNM is not responsible for any unauthorised
>>   changes made to the information or for the effect of such changes.
>>
>>   _______________________________________________
>>   Owasp-Malaysia mailing list
>>   Owasp-Malaysia at lists.owasp.org
>>   https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>
>>   OWASP Malaysia Wiki
>>   http://www.owasp.org/index.php/Malaysia
>>
>>   OWASP Malaysia Wiki Facebook
>>   http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>>
>>
>>
>>  --
>>  Hasanuddin Abu Bakar
>>  GSEC #28858
>>  IT Security Engineer
>>  +6017 913 1983
>>
>>  Sigma Rectrix Systems (M) Sdn Bhd
>>  No.15 & 15-1, Jalan Equine 9A,
>>  Equine Park, Bandar Putra Permai
>>  43300 Seri Kembangan Selangor
>>  URL             : www.sigmarectrix.com
>>
>>  Phone        : 03-89486696
>>  Fax              : 03-89487796
>>  Helpdesk  : 03-89486596
>>
>>
>>  _______________________________________________
>>  Owasp-Malaysia mailing list
>>  Owasp-Malaysia at lists.owasp.org
>>  https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>
>>  OWASP Malaysia Wiki
>>  http://www.owasp.org/index.php/Malaysia
>>
>>  OWASP Malaysia Wiki Facebook
>>  http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>>
>>
>>
>> --
>> 73 de 9W2PJU
>>
>> http://9w2pju.hamradio.my
>>
>> _______________________________________________
>> Owasp-Malaysia mailing list
>> Owasp-Malaysia at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>
>> OWASP Malaysia Wiki
>> http://www.owasp.org/index.php/Malaysia
>>
>> OWASP Malaysia Wiki Facebook
>> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>>
>>
>> The information in this e-mail and any attachment(s) here to is only for
>> the use of the intended recipient and may be confidential or privileged. If
>> you are not the intended recipient, any use of, reliance on, reference to,
>> disclosure of, alteration to or copying of the information for any purpose
>> is prohibited. Any information not related to BNM's official business is
>> solely the author's and does not necessarily represent BNM's view and is not
>> necessarily endorsed by BNM. BNM shall not be liable for loss or damage
>> caused by viruses transmitted by this e-mail or its attachments. BNM is not
>> responsible for any unauthorised changes made to the information or for the
>> effect of such changes.
>>
>> _______________________________________________
>> Owasp-Malaysia mailing list
>> Owasp-Malaysia at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>
>> OWASP Malaysia Wiki
>> http://www.owasp.org/index.php/Malaysia
>>
>> OWASP Malaysia Wiki Facebook
>> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>
>
>
> --
> Hasanuddin Abu Bakar
> GSEC #28858
> IT Security Engineer
> +6017 913 1983
>
> Sigma Rectrix Systems (M) Sdn Bhd
> No.15 & 15-1, Jalan Equine 9A,
> Equine Park, Bandar Putra Permai
> 43300 Seri Kembangan Selangor
> URL             : www.sigmarectrix.com
>
> Phone        : 03-89486696
> Fax              : 03-89487796
> Helpdesk  : 03-89486596
>
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>


More information about the Owasp-Malaysia mailing list