[Snort-users] Fwd:

Joel Esler jesler at ...1935...
Tue Jan 29 22:02:42 EST 2013


As it should be. 

--
Joel Esler
Sent from my iPhone 

On Jan 29, 2013, at 8:57 PM, Eric G <eric at ...15503...> wrote:

> On Tue, Jan 29, 2013 at 4:10 PM, waldo kitty <wkitty42 at ...14940...> wrote:
>> On 1/29/2013 15:02, Jeff Jarmoc wrote:
>> > Obfuscated redirect to hxxp://www.news.com.december.bestdrops.2012.fxsprime<dot>com
>> 
>> yeah, i don't know what they are doing, either, but i've seen quite a few of
>> these types of postings... they are easily recognized by their subject line
>> containing only "Fwd:" and nothing else...
>> 
>> i'm suspecting that they might be looking for specific connections to facilitate
>> infectious processes... "they" are getting smarter and narrowing their targets
>> which also assists them in avoiding researchers from determining what they are
>> doing and how they are doing it :?
>> 
>> > That site in turn gives a 302 to pinterest.  Weird that it doesn't seem to do
>> > anything; maybe it's fingerprinting browsers?
> 
> 
> I find it hilariously appropriate that a spam posting to a mailing list results in analysis and discussion on the URL contained in said spam message... guess that's what you get when you post spam to Snort-users  :0) 
> 
> 
> --
> Eric
> http://www.linkedin.com/in/ericgearhart
> 
> ------------------------------------------------------------------------------
> Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics
> Download AppDynamics Lite for free today:
> http://p.sf.net/sfu/appdyn_d2d_jan
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
> 
> Please visit http://blog.snort.org to stay current on all the latest Snort news!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130129/6777db18/attachment.html>


More information about the Snort-users mailing list