Tools wishlist for an Anti Phisher
At times you may be required to carry out an analysis of a phishing attack, especially if you are working as a security admin. So I thought I'll list down tools which may be useful in carrying out a detailed analysis of a Phishing attack. Listed below are a few tools and what they can be used for,
1. Type - Web Proxy Tool
Available Tools - Paros, Web Scarab, Achilles
Description - A web proxy tool can be used to analyze the content and behaviour of a Phishing website. Basically these tools allows you to trap and view http/s data. Hence the http data sent by a Phishing website, in web server response and client requests can be effectively analyzed as well as recorded for future reference. You can download Paros here.
2. Type - Whois Analysis Tool
Available Tools - SamSpade, www.domaintools.com
Description - A whois query can be used to extract detailed information about a Phishing website such as Geographical Location, IP Address, Registrar etc. This information can be used to follow up further action against the Phishing site. The online whois query facility provided by DomainTools website is very informative.
3. Type - Email Header Analysis Tool
Available Tools - eMailTrackerPro
Description - Email header anaysis can be helpful in locating the source of a Phishing email. Email headers can be analyzed even without any tool but a manual analysis is time consuming and can be difficult if the mail has been routed through a number of mail servers. An analysis of email headers using a tool is easier and faster. You can try the online demo of eMailTrackerPro here and learn more about analyzing Email headers here.
4. Type - Web Server Log Analysis Tool
Available Tools - AWStats, SawMill
Description - Web server log analysis tool helps in processing and analyzing webserver 'access' logs. Often phishing site pick up content from the actual website, hence that web server logs may contain traces of a Phisher. A web server log analysis tool can help in analysing the 'referer' entries in access logs to identify a Phisher. You can read more on Referer analysis in my previous post here.
So go ahead, arm yourself with all these tools and land up a big fish. And drop me a line if you come across some better tools.
1. Type - Web Proxy Tool
Available Tools - Paros, Web Scarab, Achilles
Description - A web proxy tool can be used to analyze the content and behaviour of a Phishing website. Basically these tools allows you to trap and view http/s data. Hence the http data sent by a Phishing website, in web server response and client requests can be effectively analyzed as well as recorded for future reference. You can download Paros here.
2. Type - Whois Analysis Tool
Available Tools - SamSpade, www.domaintools.com
Description - A whois query can be used to extract detailed information about a Phishing website such as Geographical Location, IP Address, Registrar etc. This information can be used to follow up further action against the Phishing site. The online whois query facility provided by DomainTools website is very informative.
3. Type - Email Header Analysis Tool
Available Tools - eMailTrackerPro
Description - Email header anaysis can be helpful in locating the source of a Phishing email. Email headers can be analyzed even without any tool but a manual analysis is time consuming and can be difficult if the mail has been routed through a number of mail servers. An analysis of email headers using a tool is easier and faster. You can try the online demo of eMailTrackerPro here and learn more about analyzing Email headers here.
4. Type - Web Server Log Analysis Tool
Available Tools - AWStats, SawMill
Description - Web server log analysis tool helps in processing and analyzing webserver 'access' logs. Often phishing site pick up content from the actual website, hence that web server logs may contain traces of a Phisher. A web server log analysis tool can help in analysing the 'referer' entries in access logs to identify a Phisher. You can read more on Referer analysis in my previous post here.
So go ahead, arm yourself with all these tools and land up a big fish. And drop me a line if you come across some better tools.
posted by Abhishek @ 4:39 PM
0 comments
0 Comments:
Post a Comment
<< Home