RE: *MAJOR SECURITY BREACH AT CCBILL**

From: robh@forestknoll.com
Date: 12/20/01 

From: <robh@forestknoll.com>
Date: Thu, 20 Dec 2001 11:36:42 +1100

And they used telnet, ftp as well as ssh for doing that? The scary thing is
that people have credit card facilities on a machine accessible by telnet.
Obviously CCBILL's forte' is not security.

----------------------------------------------------
 
Robbert Hofman
forestknoll technologies
www.forestknoll.com
Website and network monitoring tools
Phone: +61 (02) 9963 2600
Fax: +61 (02) 9365 3520
Email: robh@forestknoll.com

-----Original Message-----
From: Dayne Jordan [mailto:djordan@completeweb.net]
Sent: Thursday, 20 December 2001 6:37 AM
To: NESTING, DAVID M (SBCSI)
Cc: incidents@securityfocus.com
Subject: Re: *MAJOR SECURITY BREACH AT CCBILL**

Because they occasionally go in and update their software used
to clear the credit cards... repair password files of authorized
users of protected areas on the customers website, etc etc.

D.
========

"NESTING, DAVID M (SBCSI)" wrote:
>
> Out of curiosity, why does CCBILL need usernames and passwords on their
> customers' systems?
>
> -----Original Message-----
> From: Dayne Jordan [mailto:djordan@completeweb.net]
> Sent: Wednesday, December 19, 2001 3:15 AM
> To: incidents@securityfocus.com
> Subject: *MAJOR SECURITY BREACH AT CCBILL**
>
> It appears that perhaps tens of thousands of username/passwords for valid
> shell logins ALL ACROSS THE NET may have been compromised at CCBILL,

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com