[Owasp-Malaysia] Email Scam In Malay

Hazrul Hamzah hazrul at hazrulnz.net
Fri Oct 8 04:17:58 EDT 2010


 Talking about scam email, I DID received a snail mail from Portugal and
the content of that particular letter is similar with most of the
phising emails that I received on daily (almost) basis. I'll do some
posting about that later in my (long abandoned)blog since there are few
peculiar items that make me aware on the main purpose of the mail. (Just
for a second I thought I'm going to be a millionaire HAHAHA.. naah just
kidding.

Anyway regarding the false positive thingy. Mr Harpizi may I know how do
you validate/verify that particular alert message? Because first of all
we need to understand/identify why that particular alert triggered. What
are the characteristics of the network packets that matches its rules?
And what kind of IDS that u used? Last and not least sir, you need to
know also the TCP hijack scenario or condition..

Well that's my piece ;)


On 08/10/2010 10:59, Mohd Harpizi Anuar wrote:
> IDS detect this alert but nothing wrong with related server....I just want
> to know is it because this server or application on this server have mis
> configuration such as programming or server setting that can be possibility
> cause this alert.
>
>
>                                                                            
>              Faizul                                                        
>              <faizul at mysecurit                                             
>              y.my>                                                      To 
>              Sent by:                  "Open Web Application Security      
>              owasp-malaysia-bo         Project (OWASP) Malaysia Local      
>              unces at lists.owasp         Chapter"                            
>              .org                      <owasp-malaysia at lists.owasp.org>    
>                                                                         cc 
>                                                                            
>              08/10/2010 10:54                                      Subject 
>                                        Re: [Owasp-Malaysia] Email Scam In  
>                                        Malay                               
>              Please respond to                                             
>                  "Open Web                                                 
>                 Application                                                
>              Security Project                                              
>                  \(OWASP\)                                                 
>               Malaysia Local                                               
>                  Chapter"                                                  
>              <owasp-malaysia at l                                             
>               ists.owasp.org>                                              
>                                                                            
>                                                                            
>
>
>
>
> boleh terangkan di mana silapnya ?
>
> On Fri, Oct 8, 2010 at 10:13 AM, Hasanuddin Abu Bakar <
> hasanuddin at sigmarectrix.com> wrote:
>   On Fri, Oct 8, 2010 at 9:57 AM, Mohd Harpizi Anuar <pizi at bnm.gov.my>
>   wrote:
>    Hi...Salam perkenalan.....
>     Saya ni budak baru belajar...ada tak sesiapa yang boleh bagi info pasal
>    TCP
>     Hijack false positive alert...dan apa puncanya
>    Thanks
>
>   False positive alert maksudnya amaran yang salah/silap.
>
>
>
>
>
>    The information in this e-mail and any attachment(s) here to is only for
>    the use of the intended recipient and may be confidential or privileged.
>    If you are not the intended recipient, any use of, reliance on,
>    reference to, disclosure of, alteration to or copying of the information
>    for any purpose is prohibited. Any information not related to BNM's
>    official business is solely the author's and does not necessarily
>    represent BNM's view and is not necessarily endorsed by BNM. BNM shall
>    not be liable for loss or damage caused by viruses transmitted by this
>    e-mail or its attachments. BNM is not responsible for any unauthorised
>    changes made to the information or for the effect of such changes.
>
>    _______________________________________________
>    Owasp-Malaysia mailing list
>    Owasp-Malaysia at lists.owasp.org
>    https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
>    OWASP Malaysia Wiki
>    http://www.owasp.org/index.php/Malaysia
>
>    OWASP Malaysia Wiki Facebook
>    http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>
>
>
>   --
>   Hasanuddin Abu Bakar
>   GSEC #28858
>   IT Security Engineer
>   +6017 913 1983
>
>   Sigma Rectrix Systems (M) Sdn Bhd
>   No.15 & 15-1, Jalan Equine 9A,
>   Equine Park, Bandar Putra Permai
>   43300 Seri Kembangan Selangor
>   URL             : www.sigmarectrix.com
>
>   Phone        : 03-89486696
>   Fax              : 03-89487796
>   Helpdesk  : 03-89486596
>
>
>   _______________________________________________
>   Owasp-Malaysia mailing list
>   Owasp-Malaysia at lists.owasp.org
>   https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
>   OWASP Malaysia Wiki
>   http://www.owasp.org/index.php/Malaysia
>
>   OWASP Malaysia Wiki Facebook
>   http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>
>
>
> --
> 73 de 9W2PJU
>
> http://9w2pju.hamradio.my
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>
>
> The information in this e-mail and any attachment(s) here to is only for the use of the intended recipient and may be confidential or privileged. If you are not the intended recipient, any use of, reliance on, reference to, disclosure of, alteration to or copying of the information for any purpose is prohibited. Any information not related to BNM's official business is solely the author's and does not necessarily represent BNM's view and is not necessarily endorsed by BNM. BNM shall not be liable for loss or damage caused by viruses transmitted by this e-mail or its attachments. BNM is not responsible for any unauthorised changes made to the information or for the effect of such changes.
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>



More information about the Owasp-Malaysia mailing list