I'm analyzing the whole proof of concept behind SET. SET creates a fake website, that sends a user a malicious java applet. I understand.
The tutorials demonstrate this whole proof on concept in private / local networks.
If a person wanted to test this across the internet, what is the trick to make it work? I know that same ISP's block port 80 by default (in TOS).
I tried using a virtual machine to connect to my own external IP address, but with no success. Can anyone shed light on this?