Quote:
Originally Posted by Barry-xlovecam
full credit card numbers unless it is on a SQL (data) server that only accepts local connections and in a security cage per PCI standards and VISA Net requirements.
So none of this makes sense.
|
Typical webmaster thinking
"oh, my database only accepts local connections, its safe"
The moment he installed malware on the computer that's inside the intranet, it's game over. He does not even need to have direct access to the database from that same computer. Once he's inside the intranet, game ends.