Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Blocking IP's / e-com fraud

from [Dan Tesch] Network Security [Permanent Link]
Subject: Blocking IP's / e-com fraud
Date: Wed, 29 Dec 2004 19:44:38 -0600 
Hello, I am working with an e-commerce company.
They get a fair amount of attempted fraud but do a
decent job at ferreting this out during order processing.

There are several persons who attempt orders over
and over again - we can track their IP and the e-mail
address they attempt to use - we have blocked single
IP's in IIS before but one person in particular keeps
coming back placing small orders (like $40), our
suspicion is they are probing.

I have several questions:

Is there a resource anyone knows of to search for IP's
like this and/or e-mails people consistently use for fraud?
(Google hasn't been any help at all)

The person I referenced before keeps coming from different
IP's but all from the same range (home user with DHCP?)

In IIS if I want to block an entire range like:

XXX.78.0.0 - XXX.83.255.255

how should that look in the IIS Mgr?

do I need to make multiple entries like:
XXX.78.0.0
XXX.79.0.0
XXX.80.0.0, etc.?

and what should the subnet masks look like?

Thanks for any help or reference.

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  NTLM authentication with Linux, Bénoni MARTIN
Next by Date:  Re: Mail Servers blocking BAD Helo, Anthony J. Cogan
Previous by Thread:  NTLM authentication with Linux, Bénoni MARTIN
Next by Thread:  Re: Blocking IP's / e-com fraud, Allan Wind
Indexes:  [Date] [Thread] [Top] [All Lists]