My question is what kind of fool would actually believe you'd rent a house like yours for $700? You can hardly get a crappy apartment for $700, let alone a nice, new, big house. The whole thing had red flags all over it.
________________________________ From: Dean H. Saxe <d...@fullfrontalnerdity.com> To: discussion@acfug.org Sent: Mon, November 23, 2009 2:36:49 PM Subject: Re: [ACFUG Discuss] SQL Injection Actually they found my house for sale, then looked at the tax records and created yahoo accounts as Mr. Saxe Dean H. to then try and rent it for $700. Bastards. -- Dean H. Saxe "A true conservationist is a person who knows that the world is not given by his fathers, but borrowed from his children." -- John James Audubon On Nov 23, 2009, at 11:23 AM, Derrick Peavy wrote: Dear Mr. Dean Saxe of USA, > >LMFAO! > > > >Kindly and with God, > >_____________________ >Derrick Peavy >derr...@derrickpeavy.com >404-786-5036 > > >“Innovation distinguishes between a leader and a follower.” -Steve Jobs >_____________________ > > > >On Nov 23, 2009, at 1:59 PM, Dean H. Saxe wrote: > >You mean like the one who "rented" my house when it was for sale? At least 2 >people lost $1k in that scam. And one of them showed up at my door ready to >take possession of the house the day before I moved out! >> >> >>-- >>Dean H. Saxe >>"A true conservationist is a person who knows that the world is not given by >>his fathers, but borrowed from his children." -- John James Audubon >> >> >> >> >>On Nov 23, 2009, at 10:54 AM, shawn gorrell wrote: >> >>To each their own. The plus side of the Nigerian scammer types is they have >>many more lulz than APNIC or RIPE. >>> >>> >>> >>> ________________________________ From: Derrick Peavy <derr...@derrickpeavy.com> >>>To: discussion@acfug.org >>>Sent: Mon, November 23, 2009 1:50:40 PM >>>Subject: Re: [ACFUG Discuss] SQL Injection >>> >>>That being said.... >>> >>> >>>I still block Afrinic and will continue to do so. Too many past issues with >>>Nigeria. It may be whackamole, but it's effective enough that i no longer >>>have to deal with brute force attacks nearly as often. >>> >>> >>>I consider it low hanging fruit to knock off some of the subnets that are >>>known to be nasty. Takes 10 minutes and then RONCO - "Set it and Forget it!" >>> >>> >>>_____________________ >>>Derrick Peavy >>>derr...@derrickpeavy.com >>>404-786-5036 >>> >>> >>>“Innovation distinguishes between a leader and a follower.” -Steve Jobs >>>_____________________ >>> >>> >>> >>>On Nov 23, 2009, at 11:01 AM, shawn gorrell wrote: >>> >>>I was just getting ready to say that... >>>> >>>>When I first started administering servers I used to get really freaked out >>>>by all of the attack traffic and spent a bunch of time blocking IP's at the >>>>router. Over time I realized that it was just playing whack-a-mole and was >>>>mainly a waste of my time. If you knock them down on one subnet, another >>>>will popup, and your overall attack traffic will be undiminished. All >>>>you've done is waste your own time and mental energy. A better approach is >>>>to make sure your network, server and applications are as tight as they can >>>>be (and validate that regularly), and quit worrying about botnets and >>>>script kiddies. >>>> >>>> >>>> >>>> ________________________________ From: Dean H. Saxe <d...@fullfrontalnerdity.com> >>>>To: discussion@acfug.org >>>>Sent: Mon, November 23, 2009 10:55:25 AM >>>>Subject: Re: [ACFUG Discuss] SQL Injection >>>> >>>>You miss the point. Attackers don't just originate from their home >>>>countries, they bounce through proxies around the world, including where >>>>your intended audience sits. >>>> >>>> >>>>-dhs >>>> >>>> >>>>-- >>>>Dean H. Saxe >>>>"A true conservationist is a person who knows that the world is not given >>>>by his fathers, but borrowed from his children." -- John James Audubon >>>> >>>> >>>> >>>> >>>>On Nov 23, 2009, at 7:49 AM, Troy Jones wrote: >>>> >>>>I think that would depend on the intended scope and audience of your site >>>>or server's sites. For example, does someone in Beijing need to browse for >>>>a product that isn't available over the web or sold in any store outside >>>>the contiguous U.S.? Or would someone in Ulan Bator need to set up a >>>>pick-up laundry service in St. Louis? Of course there would be exceptions >>>>but I think it would be worth the small number of legitmate denials to do >>>>this. >>>>> >>>>><image001.jpg> >>>>>___________________________________________________________________________________________ >>>>> >>>>>Troy Jones | Developer/Support Technician | Dynapp Inc | >>>>>1-800-830-5192 ext. 603 | dynapp.com | facebook.com/dynapp >>>>> >>>>>From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Dean H. Saxe >>>>>Sent: Friday, November 20, 2009 10:08 PM >>>>>To: discussion@acfug.org >>>>>Subject: Re: [ACFUG Discuss] SQL Injection >>>>> >>>>>Yeah sure, you CAN, but its not the solution to the problem. On a recent >>>>>incident response we had attacks originating from asia, south america and >>>>>europe. Do you plan on blocking them all? >>>>> >>>>>-dhs >>>>> >>>>>-- >>>>>Dean H. Saxe >>>>>"A true conservationist is a person who knows that the world is not given >>>>>by his fathers, but borrowed from his children." -- John James Audubon >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>>On Nov 20, 2009, at 9:16 AM, Wes Byrd wrote: >>>>> >>>>> >>>>> >>>>>You can block subnets. On a couple of domestic sites, I have even blocked >>>>>all requests from ALL OF ASIA (or close). While I know this is a drastic >>>>>measure… all SQL Injection attack (and other hack attacks) attempts >>>>>reduced by 98% with that done. >>>>> >>>>>Here is a link that describes how to do this and why: >>>>>http://www.parkansky.com/china.htm >>>>> >>>>>From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Dean H. Saxe >>>>>Sent: Friday, November 20, 2009 11:59 AM >>>>>To: discussion@acfug.org >>>>>Subject: Re: [ACFUG Discuss] SQL Injection >>>>> >>>>>Blocking IPs is useless, attackers will just use another proxy to change >>>>>the apparently location of the originating attack. You can't stop the >>>>>attempts, you must instead prevent the exploitation of vulnerable code. >>>>>This means writing secure code using data validation on all input, data >>>>>sanitization on output (in this case, parameterized queries using >>>>>cfqueryparam) and following the principle of least privilege on the >>>>>database access. >>>>> >>>>>-dhs >>>>> >>>>>-- >>>>>Dean H. Saxe >>>>>"A true conservationist is a person who knows that the world is not given >>>>>by his fathers, but borrowed from his children." -- John James Audubon >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>>On Nov 20, 2009, at 3:47 AM, Rudi Shumpert wrote: >>>>> >>>>> >>>>> >>>>> >>>>>Hey folks, >>>>> >>>>>I saw John's tweet earlier this week about a new wave of SQL Injection ( >>>>>and link to a great article on it >>>>>http://www.codfusion.com/blog/post.cfm/portcullis-cfc-filter-to-protect-against-sql-injection-and-xss), >>>>> and sure enough I'm seeing a huge upswing in attempts. Over 100 failed >>>>>attempts last night alone. >>>>> >>>>>We have taken the steps to prevent damage / harm, but I was wondering what >>>>>folks are doing after they stop the attempt. What kind of message if any >>>>>do you provide ? Are people checking the logs, and blocking IP's of the >>>>>worst offenders? Or something else? >>>>> >>>>>-Rudi >>>>> >>>>> >>>>>------------------------------------------------------------- >>>>>To unsubscribe from this list, manage your profile @ >>>>>http://www.acfug.org/?fa=login.edituserform >>>>> >>>>>For more info, see http://www.acfug.org/mailinglists >>>>>Archive @ http://www.mail-archive.com/discussion%40acfug.org/ >>>>>List hosted by FusionLink >>>>>------------------------------------------------------------- >>>>> >>>>>No virus found in this incoming message. >>>>>Checked by AVG - www.avg.com >>>>>Version: 8.5.425 / Virus Database: 270.14.78/2521 - Release Date: 11/23/09 >>>>>07:52:00 >>>>>------------------------------------------------------------- >>>>>To unsubscribe from this list, manage your profile @ >>>>>http://www.acfug.org/?fa=login.edituserform >>>>> >>>>>For more info, see http://www.acfug.org/mailinglists >>>>>Archive @ http://www.mail-archive.com/discussion%40acfug.org/ >>>>>List hosted by FusionLink >>>>>------------------------------------------------------------- >>>> >>>>------------------------------------------------------------- >>>>To unsubscribe from this list, manage your profile @ >>>>http://www.acfug.org/?fa=login.edituserform >>>> >>>>For more info, see http://www.acfug.org/mailinglists >>>>Archive @ http://www.mail-archive.com/discussion%40acfug.org/ >>>>List hosted by FusionLink >>>>------------------------------------------------------------- >>> >>>------------------------------------------------------------- >>>To unsubscribe from this list, manage your profile @ >>>http://www.acfug.org?fa=login.edituserform >>> >>>For more info, see http://www.acfug.org/mailinglists >>>Archive @ http://www.mail-archive.com/discussion%40acfug.org/ >>>List hosted by FusionLink >>>------------------------------------------------------------- >> > ------------------------------------------------------------- To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -------------------------------------------------------------
