Security Basics mailing list archives
Blocking IP's / e-com fraud
From: "Dan Tesch" <dan.tesch () comcast net>
Date: Wed, 29 Dec 2004 19:44:38 -0600
Hello, I am working with an e-commerce company. They get a fair amount of attempted fraud but do a decent job at ferreting this out during order processing. There are several persons who attempt orders over and over again - we can track their IP and the e-mail address they attempt to use - we have blocked single IP's in IIS before but one person in particular keeps coming back placing small orders (like $40), our suspicion is they are probing. I have several questions: Is there a resource anyone knows of to search for IP's like this and/or e-mails people consistently use for fraud? (Google hasn't been any help at all) The person I referenced before keeps coming from different IP's but all from the same range (home user with DHCP?) In IIS if I want to block an entire range like: XXX.78.0.0 - XXX.83.255.255 how should that look in the IIS Mgr? do I need to make multiple entries like: XXX.78.0.0 XXX.79.0.0 XXX.80.0.0, etc.? and what should the subnet masks look like? Thanks for any help or reference.
Current thread:
- Blocking IP's / e-com fraud Dan Tesch (Dec 30)
- Re: Blocking IP's / e-com fraud Allan Wind (Dec 30)
- Re: Blocking IP's / e-com fraud Stian Øvrevåge (Dec 31)
- Re: Blocking IP's / e-com fraud Stian Øvrevåge (Dec 30)
- Re: Blocking IP's / e-com fraud Allan Wind (Dec 30)