[Dshield] I would like help decoding abuse script for clues
Team Amber Beistle
beistle_jr at hotmail.com
Sat Dec 15 21:17:32 GMT 2007
I have several destination scripts downloaded. Does anyone have experience with this kind of code. Can forensics identify the scripts like viruses? Is there a repository for such code that can show timeline of when first recorded and where first released? ... Is there legal strategy to go after the users of such code that reuses code from other companies in violation of license or copyrights? I believe this is part of a classic phish schema to reroute traffic by comment spam then recruit new school of victims who visit such url destinations. the file on the server is a txt file extent in the destination urls they are the full url of the file with a question mark appended to the url ... I believe to be accessed as an active script server side to log the id and info of the visitor who is browsing. Then they are sent phish email or other spam streams. Are there any good book to read on this methods and how best to arm oneself against them. I currently use RavenScripts in our CMS sites to protect from such Comment spam. I am now looking ahead as newer social technologies will open more areas for such phish schema to come to life on unsuspecting operators. Myself I am concern that so called third parties would have us all believe they have no obligation to remove or end use fragments of a total attack schema as the part on their site is only a portion and can not be considered abusive or intrusive. Comments are welcome. I am researching EU and US laws for remedies for small business owners to fight these networks intended to harm others. Sanctuary to such anti-netizen designed malwares should not be allowed. At best shame should be a tool to show where third parties have a role to end the duplication and operation of such designs. Sorry for the blast of thought ... I am past being angry and looking for a real threat mechanism that will go after these script kiddies and their mentors.
Jim e Beistle Jr.
Law Student 806.853.9400 Team Amber Alert Texas based non-Profit Corporation 501©(3) Organisation Every second counts when a child of any age is missing or abducted!
_________________________________________________________________
The best games are on Xbox 360. Click here for a special offer on an Xbox 360 Console.
http://www.xbox.com/en-US/hardware/wheretobuy/
More information about the list
mailing list