Talking about scam email, I DID received a snail mail from Portugal and the content of that particular letter is similar with most of the phising emails that I received on daily (almost) basis. I'll do some posting about that later in my (long abandoned)blog since there are few peculiar items that make me aware on the main purpose of the mail. (Just for a second I thought I'm going to be a millionaire HAHAHA.. naah just kidding.
Anyway regarding the false positive thingy. Mr Harpizi may I know how do you validate/verify that particular alert message? Because first of all we need to understand/identify why that particular alert triggered. What are the characteristics of the network packets that matches its rules? And what kind of IDS that u used? Last and not least sir, you need to know also the TCP hijack scenario or condition.. Well that's my piece ;) On 08/10/2010 10:59, Mohd Harpizi Anuar wrote: > IDS detect this alert but nothing wrong with related server....I just want > to know is it because this server or application on this server have mis > configuration such as programming or server setting that can be possibility > cause this alert. > > > > Faizul > <fai...@mysecurit > y.my> To > Sent by: "Open Web Application Security > owasp-malaysia-bo Project (OWASP) Malaysia Local > [email protected] Chapter" > .org <[email protected]> > cc > > 08/10/2010 10:54 Subject > Re: [Owasp-Malaysia] Email Scam In > Malay > Please respond to > "Open Web > Application > Security Project > \(OWASP\) > Malaysia Local > Chapter" > <owasp-malay...@l > ists.owasp.org> > > > > > > > boleh terangkan di mana silapnya ? > > On Fri, Oct 8, 2010 at 10:13 AM, Hasanuddin Abu Bakar < > [email protected]> wrote: > On Fri, Oct 8, 2010 at 9:57 AM, Mohd Harpizi Anuar <[email protected]> > wrote: > Hi...Salam perkenalan..... > Saya ni budak baru belajar...ada tak sesiapa yang boleh bagi info pasal > TCP > Hijack false positive alert...dan apa puncanya > Thanks > > False positive alert maksudnya amaran yang salah/silap. > > > > > > The information in this e-mail and any attachment(s) here to is only for > the use of the intended recipient and may be confidential or privileged. > If you are not the intended recipient, any use of, reliance on, > reference to, disclosure of, alteration to or copying of the information > for any purpose is prohibited. Any information not related to BNM's > official business is solely the author's and does not necessarily > represent BNM's view and is not necessarily endorsed by BNM. BNM shall > not be liable for loss or damage caused by viruses transmitted by this > e-mail or its attachments. BNM is not responsible for any unauthorised > changes made to the information or for the effect of such changes. > > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > > > > -- > Hasanuddin Abu Bakar > GSEC #28858 > IT Security Engineer > +6017 913 1983 > > Sigma Rectrix Systems (M) Sdn Bhd > No.15 & 15-1, Jalan Equine 9A, > Equine Park, Bandar Putra Permai > 43300 Seri Kembangan Selangor > URL : www.sigmarectrix.com > > Phone : 03-89486696 > Fax : 03-89487796 > Helpdesk : 03-89486596 > > > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > > > > -- > 73 de 9W2PJU > > http://9w2pju.hamradio.my > > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > > > The information in this e-mail and any attachment(s) here to is only for the > use of the intended recipient and may be confidential or privileged. If you > are not the intended recipient, any use of, reliance on, reference to, > disclosure of, alteration to or copying of the information for any purpose is > prohibited. Any information not related to BNM's official business is solely > the author's and does not necessarily represent BNM's view and is not > necessarily endorsed by BNM. BNM shall not be liable for loss or damage > caused by viruses transmitted by this e-mail or its attachments. BNM is not > responsible for any unauthorised changes made to the information or for the > effect of such changes. > > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > _______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
