RE: Should phishing termination be only in the real of thefor-profit?

["Avery Buffington" <avery.buffington () fxfn com>]

> I actually think that you should only visit those sites from a secure
> isolated VM/VLAN running FF and NoScript (unless you want to get
> infect for analysis purposes, then do it from ff or ie in a private
> vlan, but I digress. 

For exploring the phish, this has always worked well for me:

$ alias curl='curl -A "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.1; SV1)"'
$ curl -v http://evil.phish.site

It's not pretty, but it lets me see what I need to see. If I really want
to see the rendered page, I use Opera under linux. I'm not convinced
that malware drops and phish go hand in hand, but better safe then
sorry.

> On to my point: Putting in swearwords is stupid. If you are going to
> try and piss off phishers, but in semi-legitimate information so that
> they have to spend the time finding out which cards are real or not.

I know quite a few average users that think giving bogus data or insults
to phish forms pollutes the dataset so it's harder for phishers to glean
real data. I disagree because I doubt phishers are manually going thru
the data. 


-avery

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.