• proxy sites domains as traffic getters and fake searchsites

    We have promised to make a new list of proxy sites that could be used to surf (even to here) without the filtering and prying and so we are checking our list of the summer of last year. We are using webswoon for this, a great tool because you only need to make your links in a textfile and than get the screenshots.

    But some things are already evident

     a whole lot of these sites are gone, for sale and parked or just a pseudo search engine like information.com and other stupid stuff like that.

    another thing that is evident is that on those list there are a whole lot of of those that try to download stuff to your computer, which is not really safe and if you are looking for a proxy it is because you are concerned about your safety not only your privacy

    well about proxies and safety, you will have to remember that you never know who is behind that proxy and who logs what for who. In certain countries everything has to be logged and everything can be demanded by the police - with or without a warrant.

  • who is financing this Belgian terrorist website ?

    This is the Whois and the lady in question is on the dole, she has officially no job.

    Registration Service Provided By: BRAVENET.COM
    Contact: +250.9543203
    Website: http://bravenet.com

    Domain Name: MINBAR-SOS.COM

    Registrant:
        Minbar sos
        minbar sos (2944817386)        (sos_minbar@yahoo.fr)
        rue de la libete
        Nice
        NA,3007
        US
        Tel. +0.01215678005
        Fax. +0.1234

    Creation Date: 28-Feb-2006 
    Expiration Date: 28-Feb-2010

    Domain servers in listed order:
        ns1.bravehost.com
        ns2.bravehost.com

    more to come

  • Our main Belgian Islamic terrorist site

    It was after an article in de Morgen - a progressive newspaper over here - that my attention was called to this forum. The forum is being administrated by the widow of a Al quaida suicide killer responsable for the death in Afghanistan of Massoud, the hope of the west in Afghanistan at that time.

    terror_425

    She now lives in belgium and is on the dole but fills her daily activities with sustaining this website to support the islamic terrorist cells that are in prison, fighting or calling to take up arms in Belgium or elsewhere in the world.

    We shouldn't become hysterical about it, the site only has a small number of followers and downloads if you take all into account. These are the official numbers

    Membres: 1 334
    Discussions: 3 410
    Messages: 9 789
    Top Poster:
    RafidaynCenter (1 254)

    all the others and their profile you can find with this Googledork site:minbar-sos.com profile (she has made her site SEO friendly...)

    And probably the intelligence and police services are following this forum very closely as they should. But the other question is that we have a law against such websites and if we have a law but don't enforce it, what is the sense of this law ?

    It also seems to me that it is a center for the translation in french of the texts and videos of the radical islamic terrorists propaganda. Is it a good thing to let that propaganda be localised and prepared for local consumption ?

    there is another thing that is 'nice' for an online researcher. As she is so keen in looking for recognition, she is leaving her digital footmarks all over the place, making it rather easy to index all the radical islamic websites and their visual presence. It is so quite easy for videosharing, blogs and other sites to use her site as a starting point to find the terrorist propaganda that they are hosting.

  • Not all free fileshare services delete terrorist propaganda

    When going through a list of files with terrorist propaganda being presented on the web as free downloads, it was clear that there are some that are more or less actively destroying terrorist media files.

    Some are not so active and didn't even find older hosted files. No, the number of downloads is not that massive. But why make it them so easy ? I suppose you didn't make that service to be hosting stuff like that proclaiming proudly to be killing people without any hesitation.

    http://bluehost.to/

    http://www.clonefile.com

    http://fastfreefilehosting.com

    http://www.midload.com

    http://fastuploading.com

    http://maxishare.net

    http://www.megashare.com

    http://www.uupfiles.com

    http://www.mediafire.com

    http://cocoshare.cc

    http://www.files.to/

    http://www.savefile.info

    http://www.ezyfile.net

    http://www.youploadit.com

    http://www.speedshare.org

    http://rapidshare.com

    http://www.simpleupload.net

    http://archiv.to

    this is based on the list here and here and here

    we also see that with new links they will all be up

    use this googledork to find yourself

    site:minbar-sos.com namefileserver.xx  this does not always work, sometimes you will have to go to the site and search

  • Security Comix Week 2


     

    Hacked 1 Free with viruses

  • Belgium.be is not vulnerable anymore for SSL based attacks

    Our friends at Scanit said that based on their research into vulnerable SSL enabled webservices in Belgium, they had found that the old belgium.be was vulnerable for such attacks. For some these middleman attacks were theoretical because they would ask a lot of resources, for others it was just a best practice to enforce a strong SSL protocol on your visitors that was even not too hard to implement.

    For me it is just one thing you do because you don't want to be bothered with it. There is every hour of the day other stuff that asks for all your attention.

    So it seems they not only upgraded the content, but also the security. Thumbs up for that.  

    The study by Scanit.be was published here a few weeks ago.  

  • Hearings EVOTING in Belgium in the parliament

    Next tuesday 10h 

     Gedachtewisseling over de elektronische stemming.  
      (Voortzetting). (Rapporteurs : de heer Dirk Claes (S) en mevrouw Corinne De Permentier). 
     
      Hoorzitting met de volgende experten : 
    - de heer Edouard Vercruysse, Union des Villes et Communes de Wallonie (UVCW); 
    - mevrouw Hildegard Schmidt, Vereniging van de Stad en de Gemeenten van het Brussels Hoofdstedelijk Gewest (VSGB); 
    - de heer Herman Callens, Vereniging van Vlaamse Steden en Gemeenten (VVSG); 
    - mevrouw Anne-Emmanuelle Bourgaux, ULB; 
    - de heer Kommer Kleijn, Voor een Ethiek van de VerkiezingsAutomatisering (VoorEVA); 
    - de heer Axel Lefebvre, expert; 
    - de heer Rop Gonggrijp, Nederlands expert.

    It will be a good thing - because to hear what has happened and is happening in Holland. We thank the parliament for taking some time to listen to those experiences and thoughts also. Vooreva will present the Belgian opposition to evoting.  

  • buy all music at Russian prices on Belgian domain

    ... over the Internet of the iSound.com materials is authorized by the license # LS-3М-06-60 of the Russian Multimedia and Internet Society (ROMS). ...
    www.isound.be/Help

    All the music you want at dumping prices

     

    ScreenHunter_04 May. 29 12.55

    with a Russian copyright 

     copyrright rus

     

     

     

    you can find them on a Russian server

    ScreenHunter_06 May. 29 13.01

    It maybe interesting to not that the site isound.be looks just the same as justmusicstore.com 

    Some people may think that it may not be safe to use your creditcard on a Russian server.....

  • Hack of the day : Fedis hacked since long time

    Fedis is the official organisation that defends the interests of the distribution sector and is so busy in those turbulent inflation and inflamatory times that they forgot to secure their server and didn't see that their server has been hacked since weeks.

    http://www.fedis.be/index.html  which gives - gave

    1_2

     

     

     

     

     

     

    reminder   these hacks are being found in zone-h.org and by Googling, we don't hack anything, reporting it is already taking enough time from my life

  • online typosquat testforms are not complete

    If you thought that you had enough by just relying on these online forms like the one from combell

    than you will have to think again

    First not all combinations of numbers are included in the examples they are giving - so you will miss some that are even more evident

    Secondly you must really retype your own domainname and take three typical mistakes

    typing erroris with the letters next to those you would type

    for example   baby.be can become babu.be  babr.be  bqby.be etc

    the most important factor here is that it is not too evident

    Secondly you must take into account dyslexic mistakes

    for example byba.be instead of baby.be

    thirdly you must take into account  language mistakes, especially with people who don't speak your languages or if they operate in a multi-langual environment

    for example béby.be  

     

    everything should be tested, and retested and for that you will have to buy them for a year -  the problem is that if you buy them and set them free, they will arrive in the list of disposed domainnames which will attract the attention of domainspeculators, surely if they see that you have bought them yourselves or with your real agent 

     You can use them for inspiration, but not as a final call

  • Evoting : antwerp professor breaks the silence

    As the new evoting proposal was being developed by a consortium of different universities, we thought that nobody would have the guts in these universities to speak out and at least pose some questions. But we were wrong and happy about it.

    A professor ICT in Antwerp finds that the proposed model doesn't respond to the norms about accesability and usability and can have an influence on the votes of certain groups in the population. He also has some questions about the way the system will control mistakes and changes.

    We applaud the interview of the professor as a starting point, but would invite him to base his case on the conclusions and propositions in the report itself. It may be that this is his opinion, but it would be too easy to discount this opinion if he doesn't proof his case with references to the report with which he doesn't agree.

    This is the best method to go forward and have an open and technological discussion about why the present study has some faults that should be taken into consideration and could lead to the radical rethinking of the way we organize our elections. 

    Out of the response of Bruno Seghers (ex Microsoft) we can make up that the EID is a critical part of this system and should have all the attention and investment needed to make it work as it should work. If we vote on paper or not.  

  • EID : I am a man now and a woman online

    source datanews

    Because of a programming error a few hundred Belgians have an electronic ID that present them as the opposite sex if they would use their EID online. Men became women and women became men. The dream of everyone, no ? Only it is only virtual.

    It is a men's world ..... and women wear the pants..... That is equality  :) joke

    serious : quality control ?  

  • The fraudulent Escrow servers abuse e free domainsystem

    Which other sites are on this server ?

    http://onsamehost.com/213.239.203.47/

    a whole list of subdomains for

    de.vu   ch.vu   de.pn  dk.tp  mx.tp    co.uk.tp  at.tt  es.tt  nl.tt   us.tt   it.tc   jp.pn  net.tc  uk.tc  eu.tf  de.ms  de.gg  at.tf   page.cx   at.lv

    More information here http://www.nic.de.be/  that says you can get a totally free (sub)domainname here. I hope they have some sort of security-patrol to get rid of bad sites before they get blocked all together....

     

     

     

  • Hack of the day politiebeersel.be

    We always said that it is much better to make a fortress of politie.be with all the other sites as subdomains than to create so many websites nobody controls anymore on security.

    1_1

  • There was control but also too much trust (Societe General)

    When the biggest french trader/speculator scandal broke, everybody asked why the controls didn't work. Everybody was thinking logically that if such a fact was discovered by the internal auditsystems, that the hierarchy would have been responsable enough to intervene immediately.

    They didn't. They said they knew that there were alerts by the internal controls and audits, but that they trusted their supertrader.

    A healthy dose of paranoia - as I said before - is sometimes a necessary evil.

  • Register your telephone number as your .be domainname - if someone else didn't before you....

    Another aspect from the fact that you can now register domainnames with numbers in it is that you can send all the domainsquatters to hell and just take a domainname with a telephone number in it. Quite practical and I remember also that some international specialists said the .be domain was in MMS-SMS language easier to use for that goal than mobi.

    The only problem is how they will control if didn't register your telephone number. Or that of the helpdesk of a bank or something else financial ? There maybe rules and so on, but here they should really go a bit more cautious and be sure that the person owing the telephone domain has also a right to it. This is easy to control and can even be automated (because it are two databases).

    If they don't control it, they don't understand a thing about the danger of phishing and vishing and smishing and whatever ishing is coming to us next.

    It is not the law and the rules that are important it are the controls before and the immediate procedures afterwards that make the difference.

  • Mathematical funny question with new .be domainnames

    We have written about the fact that in Belgium anyone can cybersquat any domain now by changing a letter by a number. So lets take a few domains and look at how many domains they should take to be safe. It is a rather tricky question.

    for example www.privacycommission.be  We can change 3 i in 1 and 2 o in 0 to keep it simple that would be 5 in which you change in each one a letter by a number. But what about a combination ? So than I would have to buy 25 domainnames (and parking) at least just to protect my domain name.

    So this means that if you buy a domainname .be in the future you should keep it as short as possible. The shorter, the less variations and the smaller the number of variations you will have to buy to give your site some protection.

  • Official RSA numbers about Belgian hosts of Phishing sites (last 6 months)

    RSA.com detects in realtime for its clients phishing sites and has 4hours to get them down. These are the Belgian hosts that they have contacted for their international clients to bring down phish sites.   

     

    Belgian ISPsNumber of attacks
    Schedom60
    Priorweb50
    ISP Server - ISP System43
    STONE INTERNET SERVICES BVBA41
    Belgacom18
    Xhost17
    RealRoot17
    scarlet14
    Combell13
    Telenet9
    Colt8
    Skynet4
    Teledisnet4
    Hostbasket4
    Belgian Network Solution4
    MyOwn sprl3
    inet server3
    TV Cable Net3
    Evonet3
    Ithagi2
    MAC Telecom2
    Belgon2
    OpenMinds2
    Rackboost2
    Research network University of Ghent2
    Cyber Hosting2
    webline2
    Spectrum NET2
    BELGIUMDOMAINS1
    Web Line1
    All Information Technology SPRL1
    SiteHosting1
    Allit1
    Universite Catholiqe de Louvain1
    Universiteit Antwerpen1
    One.com1
    DS Improve sprl1
    CTC Computer Technologies1
    Hepcut1
    Globalhost1
    chello1
    bvdcs.be1
    Contact Office1
    coditel.be1
    Mobistar1
    LazerNet1
    Nucleus1
    Netmanagment1
    IN.be1
    Hostonet1
    IT - Solid Solutions1
    Belnet1
  • Belgian .be fraudulent escrow sites - important for shoppers

    As is typical in online fraud, the Escrow fraud scammer convinces the victim to go outside of the auction site or item listing company. The scammer will request the use of a third-party escrow service to facilitate the exchange of money and merchandise. The victim is unaware the scammer has actually created an escrow site that closely resembles a legitimate escrow service. The victim signs up with the phony escrow service and sends payment to the service and receives nothing in return. Or, the victim sends merchandise to the subject and waits for his/her payment through the escrow site which is never received because it is not a legitimate service.

     Belgian Fraudulent Escrow site according to escrow-fraud.com (you can find a whole lot of sites in their database)

    24-May-2008SAL LKWhttp://sal-logistics.de.be./images/camera1.gif213.239.203.47
    11-Dec-2007Amox Agencyhttp://amox-agency.de.be./images/camera1.gif213.239.203.47
     

    also what a domainname ? and they are on the same server ..... we will investigate that a bit deeper soon

    http://escrow-fraud.com/index.php?page=resources

    https://www.escrow.com/fic/ficspot.asp