[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] strange domain name in phishing email

To: Michael Holstein <michael.holstein@xxxxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] strange domain name in phishing email
From: Juha-Matti Laurio <juha-matti.laurio@xxxxxxxx>
Date: Thu, 16 Mar 2006 18:02:48 +0200 (EET)

It seems that this case has the name Dotless IP Address Security Issueand KB article #168617 http://support.microsoft.com/?kbid=168617describes it even in IE4.

Correct if I'm wrong.

- Juha-Matti

IIRC, Microsoft changed that as one of the security updates to IE. For atime, it was a popular phishing trick. I also remember there was a wayto do that (or something similar) to bypass the security zones in IE andmake it think it was a trusted site, but can't find that reference at hand.
The "rest" of windows will still do it though. Try "ping 2887060730" or"telnet 2887060730 80".
~Mike.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] HTTP AUTH BASIC monowall.
Next by Date: RE: [Full-disclosure] strange domain name in phishing email
Previous by thread: Re: [Full-disclosure] strange domain name in phishing email
Next by thread: RE: [Full-disclosure] strange domain name in phishing email
Index(es):
- Date
- Thread