RE: [Full-Disclosure] RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!

From: Curt Purdy (purdy@tecman.com)
Date: 01/26/03

Next message: qobaiashi: "Re: [Full-Disclosure] format strings vulns in /bin/login and /usr/bin/passwd"

Previous message: xss-is-lame@hushmail.com: "[Full-Disclosure] Re: New Web Vulnerability - Cross-Site Tracing"
In reply to: Ron DuFresne: "Re: [Full-Disclosure] RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!"
Next in thread: Benjamin Krueger: "Re: [Full-Disclosure] RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Curt Purdy" <purdy@tecman.com>
To: "'Bugtraq'" <bugtraq@securityfocus.com>, "'Full-Disclosure'" <full-disclosure@lists.netsys.com>
Date: Sun, 26 Jan 2003 10:28:54 -0600

One of the things we are overlooking here is that the problem with banking
sites is not that transactions are going over the Internet through vpn
connections that are not going to be compromised. When was the last time you
heard of a credit card being stolen over an ssl connection (or an http
connection for that matter when you can get thousands from a SQL database?)
The problem lies in the triviality of hijacking sessions on half the banking
sites in America today.

Curt Purdy CISSP, MCSE+I, CNE, CCDA
Senior Systems Engineer
Information Security Engineer
DP Solutions
cpurdy@dpsol.com
936.637.7977 ext. 121

----------------------------------------

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke

-----Original Message-----
From: full-disclosure-admin@lists.netsys.com
[mailto:full-disclosure-admin@lists.netsys.com]On Behalf Of Ron DuFresne
Sent: Saturday, January 25, 2003 7:01 PM
To: Jason Coombs
Cc: Richard M. Smith; 'Jay D. Dyson'; 'Bugtraq'; 'Full-Disclosure'
Subject: Re: [Full-Disclosure] RE: MS SQL WORM IS DESTROYING INTERNET
BLOCK PORT 1434!

You'll find that you underestimate the number of banks and credit related
transactions that use internet connectivity to transact transfers and
payment activity. Pay attention next time you use a ATM or credit card at
the gas pumps or the grocery, or a card in those ATM's in various malls
and stores. You'll hear the modems in many dialing during the
'authorization' phase of the transaction, and few are dialing
into a private networked system.

Thanks,

Ron DuFresne

On Sat, 25 Jan 2003, Jason Coombs wrote:

> Bank of America should never have allowed their ATM network to rely on
> routes that could be impacted by non-ATM network computer systems.
>
> That Sapphire might have had this effect makes the sensibility behind
> writing and releasing it even more apparent, if this was in fact defensive
> work of a government agency as my speculation suggested.
>
> Jason Coombs
> jasonc@science.org
>
> -----Original Message-----
> From: Richard M. Smith [mailto:rms@computerbytesman.com]
> Sent: Saturday, January 25, 2003 1:11 PM
> To: jasonc@science.org; 'Jay D. Dyson'; 'Bugtraq'; 'Full-Disclosure'
> Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
>
>
> However, this worm might not be so harmless as it appears because of
> collateral damage:
>
> Bank of America ATMs Disrupted by Virus
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D. Just don't touch anything.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: qobaiashi: "Re: [Full-Disclosure] format strings vulns in /bin/login and /usr/bin/passwd"
Previous message: xss-is-lame@hushmail.com: "[Full-Disclosure] Re: New Web Vulnerability - Cross-Site Tracing"
In reply to: Ron DuFresne: "Re: [Full-Disclosure] RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!"
Next in thread: Benjamin Krueger: "Re: [Full-Disclosure] RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Application says I have no Internet Connection
... pop up a window sayong that an Internet Connection was not found Retry, ... my transactions, and everything is fine. ... The only entry in Network Connections id Local ...
(microsoft.public.windowsxp.network_web)
T1 ...,
... t1 internet connection ... price of t1 ...
(rec.org.sca)
Re: What does the "Configure email and Internet Connection Wizard"
... > the CEICW does (listed under "Configure Email and Internet Connection ... > Configure E-mail and Internet Connection Wizard is designed to correctly ... > configure settings for your network, firewall, secure Web site, and e-mail ...
(microsoft.public.windows.server.sbs)
Re: What does the "Configure email and Internet Connection Wizard"
... Understanding the Configure E-mail and Internet Connection WizardThe ... Configure E-mail and Internet Connection Wizard is designed to correctly ... configure settings for your network, firewall, secure Web site, and e-mail ...
(microsoft.public.windows.server.sbs)
Re: Serious Security Issue in Windows XP SP2s Firewall
... Subject: AW: Serious Security Issue in Windows XP SP2's Firewall ... If you update a WinXP SP-1 with enabled Internet ... Connection Firewall ...
(Focus-Microsoft)