GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Verotel password problems

xenophobic · 03-30-2004, 01:07 PM

I think you will find that it is more likely that something is occuring on verotels end, that might be a hack on their servers, or their traffic is sniffed, even with modifications to the perl script which worked and stopped anyone but verotel calling it - there was another password incident, this wasn't a password sharing either, the account was over a year old.
other things point at this:
a: people with other merchants are not having the same problems.
b: their CGI script isn't being exploited (at least in our case)
c: mod_security's logs do not display any suspicious activity, nor does apache logs.

seeing has verotel had ftp access to this box, I also checked lastlog and no suspicious logins from the account concerned! - doesn't leave much else BUT them being owned.

03-30-2004, 01:07 PM
xenophobic Confirmed User Join Date: Mar 2004 Location: Dallas Posts: 874	I think you will find that it is more likely that something is occuring on verotels end, that might be a hack on their servers, or their traffic is sniffed, even with modifications to the perl script which worked and stopped anyone but verotel calling it - there was another password incident, this wasn't a password sharing either, the account was over a year old. other things point at this: a: people with other merchants are not having the same problems. b: their CGI script isn't being exploited (at least in our case) c: mod_security's logs do not display any suspicious activity, nor does apache logs. seeing has verotel had ftp access to this box, I also checked lastlog and no suspicious logins from the account concerned! - doesn't leave much else BUT them being owned.