Full Disclosure mailing list archives
Re: NiX API
From: mrx <mrx () propergander org uk>
Date: Thu, 09 Jun 2011 17:03:53 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/06/2011 16:05, nix () myproxylists com wrote:
Primarily this is an advertisement. I would guess that it is some anti-hack system for webmasters who haven't a clue, a kind of auto-generating block list. I'm a noob and I am just guessing.It does provide great protection also to those webmasters who got a clue.We had fraudulent purchase almost every second day, paypal let every fraudulent purchase through and the ** next day ** their automation reversed the payment. ..Needless to say how much we got frustrated and pissed while filing their forms regarding unauthorized claims. We were also charged by paypal for a certain percentage of each fraudulent payment!This is where NiX API comes in:In most cases, the malicious user is denied access even before a fraudulent purchase is made!Since implementation of NiX API with it's current featuers: 0 fraudulent purchases in last 2-3 weeks period. It definitely does something.
I don't see how it is possible to tell a fraudulent paypal payment from a legitimate one, unless the IP address used to make the purchase is all ready known as a source of fraudulent transactions. Obviously if "John Smith" made a payment from an IP address originating from China, Japan or other non-English/American IP address range then something is suspect, but this is still not definitive. How could this system stop a fraudulent payment from a source with an IP address the system has never seen before originating from a corporate address block or respected ISP, or unlikely but not impossible an IP address that has previously made a valid transaction? Any smart fraudster would use a device purchased with cash using a spoofed MAC address from a wifi hotspot out of sight of CCTV. Please enlighten me, or would that let the cat out of the bag? regards mx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBTfDu6bIvn8UFHWSmAQLG1gf9Gv9cpFERJWbxzY05U4Wd6vYxLQb2N4Oy eb8HWYsVALjDO2M3Od9FdXRFCtkF7VHx4hsL67fe69UAqRq3+7yUJEpj+vPMGhow lrb9Nn93R5r14i/dCYJTKQkzQ8zdvkYv3uyvu9A7MP+ME4mukBUTFUyCN2oekr6R fHa7YcjUkB43+IocUjr0EqnVZLtGMbJsFzGXoUNTVpIwPrj5kvTOo4rK8upwaE9g 1V3TRUM815v2hq7IH9IUdu2mAKB9UDNEp8K6Vi6RL0ZMGNWXsf9BL8kmDD/dcOlf 9e2MSN6QQOYeAMYNaZSgOPOjX0sVqhd/fVKEeBMs+OZaOJOfG1Chow== =ytkT -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- NiX API nix (Jun 08)
- Re: NiX API phocean (Jun 08)
- Re: NiX API mrx (Jun 08)
- Re: NiX API nix (Jun 09)
- Re: NiX API James Rankin (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API Rove Monteux (Jun 10)
- Re: NiX API mrx (Jun 08)
- Re: NiX API Valdis . Kletnieks (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API David Ford (Jun 09)
- Re: NiX API phocean (Jun 08)
- Re: NiX API mrx (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API adam (Jun 09)
- Re: NiX API jabea (Jun 09)
- Re: NiX API nix (Jun 09)
- Message not available
- Message not available
- Re: NiX API Aaron Turner (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API Aaron Turner (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API Aaron Turner (Jun 09)
- Re: NiX API Thor (Hammer of God) (Jun 09)