Re: [Full-Disclosure] Nobody is suppose to learn from DPI's mistake

From: Georgi Guninski (guninski@guninski.com)
Date: 02/25/03

Next message: H D Moore: "[Full-Disclosure] Re: Terminal Emulator Security Issues"

Previous message: Knud Erik Højgaard: "[Full-Disclosure] clarkconnect(d) information disclosure"
In reply to: Richard M. Smith: "[Full-Disclosure] Nobody is suppose to learn from DPI's mistake"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Georgi Guninski <guninski@guninski.com>
To: full-disclosure@lists.netsys.com
Date: Tue, 25 Feb 2003 17:23:47 +0200

Richard M. Smith wrote:
> http://www.eweek.com/print_article/0,3668,a=37418,00.asp
>
> Data Processors International Inc., a credit card transaction processing
> firm, confirmed Wednesday that its customer databases have been hacked
> by "an unauthorized outside party" and that it remains unclear whether
> hackers nabbed useable data, according to a company spokesman.
>
> The Secret Service and the FBI advised DPI against speaking publicly
> about such issues as which vendor's or vendors' databases were targeted.
> Citing customer confidentiality, spokeswomen for the three major
> database vendors-Microsoft Corp., Oracle Corp. and IBM-said that it was
> unlikely that they would state whether DPI runs its business on their
> respective databases. They had not responded to requests to identify DPI
> as a customer by the time this story went to press.

According to netcraft -
http://uptime.netcraft.com/up/graph/?mode_u=off&mode_w=on&site=www.dpicorp.com&submit=Examine[Full-Disclosure]%20Secwww.dpicorp.com are using IIS5.0 on windoze and have used for a long time IIS4.0

www.dpicorp.com are using IIS5.0 on windoze and have used for a long time IIS4.0
on NT/98.

Georgi Guninski
http://www.guninski.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: H D Moore: "[Full-Disclosure] Re: Terminal Emulator Security Issues"
Previous message: Knud Erik Højgaard: "[Full-Disclosure] clarkconnect(d) information disclosure"
In reply to: Richard M. Smith: "[Full-Disclosure] Nobody is suppose to learn from DPI's mistake"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Access 2007 Report
... That is create a table of products, and append the unique product names from each of the 5 source databases. ... I suspect the UNION query idea is going to be impractical. ... the "columns" from Customer ID through Zip Code are the SAME for ... and use it as the source for the report. ...
(microsoft.public.access.reports)
Re: Access 2007 Report
... I suspect the UNION query idea is going to be impractical. ... The same CustomerID could be in different databases, ... the "columns" from Customer ID through Zip Code are the SAME ... and use it as the source for the report. ...
(microsoft.public.access.reports)
[Full-Disclosure] Nobody is suppose to learn from DPIs mistake
... The Secret Service and the FBI advised DPI against speaking publicly ... about such issues as which vendor's or vendors' databases were targeted. ... Citing customer confidentiality, ... database vendors-Microsoft Corp., Oracle Corp. and IBM-said that it was ...
(Full-Disclosure)
Re: starting freelance
... In the past I just rebuilt the databases fresh like you ... Maybe you have advice on how to estimate time spent for creating the ... Of course your client wants a price. ... You can end up rebuilding structures over and over because the customer "forgot" to tell you about some huge exception or odd rule until the day before you go live. ...
(comp.databases.filemaker)
Re: Queries and OO
... One way to see why is to compare how navigation actually ... >Customer is trivially direct. ... DB design, this should never occur, yet the engine should nevertheless ... best-designed databases get out of synch once in a while...) ...
(comp.object)