URI-only phishing detection

Discussion in 'ESET NOD32 Antivirus' started by saturnjct, Aug 31, 2012.

Thread Status:
Not open for further replies.
  1. saturnjct

    saturnjct Registered Member

    Joined:
    Dec 2, 2009
    Posts:
    7
    Location:
    Canada
    Henning Klevjer, a student at the University of Oslo in Norway, has described a method of encoding pages entirely within a URI. His paper (PDF) is available online.

    Does Is there any chance that ESET NOD32 provides any protection against this attack? I'm guessing it doesn't due to the fact that the page being rendered is from data mostly in the URI so no HTTP filtering is done, and I don't believe that ESET NOD32 has any insight into what the browser is rendering.

    If the page was pulling in data from known malware sites, then I could see that part of the thread mitigtated.
     
  2. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,088
  3. manak

    manak Registered Member

    Joined:
    Aug 12, 2012
    Posts:
    78
Thread Status:
Not open for further replies.