Dale H. Cook Posted September 20, 2007 Share Posted September 20, 2007 I saw a new twist today - a spammer using an octal version of the dotted quad. The address in the URL was 0102.0254.0302.0111, which at first glance looks like a decimal dotted quad with leading zeros. It isn't - the giveaway is the "0302" which is outside the decimal range of 0 to 255. These are all octal numbers, and Firefox translated it to the decimal quad 66.172.194.73 and took me to the spammer's site. Have any of you seen this before? If anyone runs across it and needs an octal-to-decimal translator to get a conventional address for Whois, I suggest Tony Marston's converter: http://www.tonymarston.net/php-mysql/converter.php Link to comment Share on other sites More sharing options...
turetzsr Posted September 20, 2007 Share Posted September 20, 2007 <snip> If anyone runs across it and needs an octal-to-decimal translator to get a conventional address for Whois, I suggest Tony Marston's converter: http://www.tonymarston.net/php-mysql/converter.php ...For those who, like me, are forced (or choose) to use Microsoft Windows, the standard Windows Calculator has a means to convert amongst octal, hex and decimal. Link to comment Share on other sites More sharing options...
Farelf Posted September 20, 2007 Share Posted September 20, 2007 And for those wishing to poke a stick at such sites (wouldn't recommend it, myself1) LinkScanner handles the octal addresses just fine. 1LinkScanner, logically and on observation, can only recognize some fraction of the exploits "out there" at any given time. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.