Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: The SPAM People;Thanks;Package Verification SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
The SPAM People;Thanks;Package Verification

The SPAM People


Do you know anyone that has made a purchase off a SPAM? I've been told these people exist. What maybe 1 in 1,000,000 SPAMs results in a sale. I'm just fascinated by the thought. Do they walk down the street like you and me? Would I recognize one if I saw one? Are they related to the people that watch infomercials not in jest?
Then again I met someone the other day that was actively corresponding with "women" in "Nigeria" that were interested in becoming brides in the US, but had a few checks they needed cashed first. Same person also didn't realize The Onion was satire and not to be taken literally. Sigh.

Thanks


A big thanks to all of you that have written in with details from your digging around or that have uploaded files, phishing info, suggestions. Its of great benefit for all those that seek to understand.

I wonder how many malware dissectors also liked to take things apart as a child? Old toasters, can openers. Anything with a motor. Never quite could get them all back together. Especially things with springs.

Package Verification


How many of you all verify the integrity of your software before you install it? Where is it coming from? Who wrote it? What changes does it make to your system? Did the package you downloaded contain any "enhancements" insert without the author's knowledge (keyloggers, backdoors, etc).
Answering the first couple of questions just takes an inquisitive desire and a little common sense. Answering the last one takes a little grunt work the right tools to verify the file (rpm, gnupg, md5sum, etc).


References:

http://www.informit.com/articles/article.asp?p=102181&seqNum=3&rl=1


http://www.linux.org/lessons/interm/c875.html


http://www.cryptnet.net/fdp/crypto/strong_distro.html




For those in the US, have a good, safe holiday this weekend and remember those that have given their lives in battle on Monday.


----

Robert Danford
SANS Internet Storm Center Handler
Robert

49 Posts
May 28th 2005

Sign Up for Free or Log In to start participating in the conversation!