John D. Hardin wrote:
On Tue, 6 Feb 2007, Kenneth Porter wrote:
The latest obfuscation cleverly uses a dash, a legal domain
character, so one can no longer match based on non-domain
characters.
I think the most robust non-DNS test would be on the length of the TLD
in the obfuscated domain.
What's the longest valid TLD these days? "info" at 4?
Perhaps something like:
,https?://[^/]{1,80}\.[^./]{5},
(Refinements, of course, solicited. That's totally off the top of my
head and untested.)
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
[EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED]
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Gun Control: The theory that a woman found dead in an alley, raped
and strangled with her panty hose, is somehow morally superior to
a woman explaining to police how her attacker got that fatal bullet
wound.
-----------------------------------------------------------------------
6 days until Abraham Lincoln's and Charles Darwin's 198th Birthdays
.museum would be the longest.
--
Richard Frovarp
EduTech System Administrator
1-701-231-5127 or
1-800-774-1091
