Re: [squid-users] Google Safe Browsing API - Integration with squid?

From: Andreas Pettersson <andpet@dont-contact.us>
Date: Sun, 24 Jun 2007 23:49:25 +0200

Henrik Nordstrom wrote:
> sön 2007-06-24 klockan 14:52 +0200 skrev Andreas Pettersson
>> I was actually having a thought about that.. Is a url hash the only way
>> to go?
>> It is easy for a phisher to wildcard a whole subdirectory or even a
>> subdomain and make hashing of individual urls nearly useless.
>> Perhaps there should be an optional list of domains or dst adresses for
>> blocking the hosts obviously used only for phishing.
>>
>
> The Google lookup algorithm deals with that pretty efficiently, using
> MD5 hashes which makes it very easy to scale in number of entries.
>

I'm not sure I follow you here..
If phisher has control of evil.com he could send out send out unique
urls in each and every spam, all pointing to the same physical host.
Sure, MD5 hashes is efficient, but the number of possible urls is nearly
unlimited. It would be much easier to list the host instead.

-- 
Andreas
Received on Sun Jun 24 2007 - 15:49:15 MDT

This archive was generated by hypermail pre-2.1.9 : Sun Jul 01 2007 - 12:00:04 MDT