|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
07-10-2004, 06:01 PM
|
#1 |
|
Confirmed User
Industry Role:
Join Date: May 2001
Posts: 8,313
|
Webmasters Processing Thru JETTIS are you seeing this as well?? IMPORTANT!
Hi. We run Jettis as our backup processor. We have jettis set up to automatically issue username and passwords. They issue encrypted user and passes to our members and usually they never show up in Proxy Pass. The odd time we'll see maybe 1 to 5 in a day.
Today we've had 100+ Jettis Usernames show up in Proxy Pass (as well as on every password trading board) as being used by 15+ ips. It appears as though someone got a hold Jettis password list. Have any other Jettis clients noticed the same thing? I'm wondering if maybe Jettis databases were hacked. |
|
|
|
07-10-2004, 06:30 PM
|
#2 |
|
Confirmed User
Join Date: Mar 2004
Location: Melbourne
Posts: 299
|
I don?t use Jettis
However I know for a fact the Globill ftp database was hacked several times. If I were you I would get your host to check the ftp logs for your box. change your ftp login and make sure your processing company does not know your ftp login. Of course this might have nothing to do with Jettis and could be that your site has been exploited through any number of possible methods. Good luck |
|
|
|
|
07-10-2004, 06:42 PM
|
#3 |
|
Confirmed User
Join Date: Mar 2004
Location: Melbourne
Posts: 299
|
On another point ?again not knowing how Jettis works? for security reasons it?s best to have the Username: passwords, assigned to your customers with the longest char length available also use random upper / lower case. This is one feature that I love about ccbill. This way even if they get your password file it?s very difficult and time consuming to decrypt them.
|
|
|
|
|
07-10-2004, 06:43 PM
|
#4 |
|
Confirmed User
Industry Role:
Join Date: Apr 2002
Location: USA
Posts: 3,161
|
I have had that happen before.. =\
I could not understand what was going on.. but once in a while I would see a HIGH ammount of new usernames, that were not paying members.. but they did not get access to the site for more than 5 hits! |
|
|
|
|
07-10-2004, 06:54 PM
|
#5 |
|
Confirmed User
Industry Role:
Join Date: May 2001
Posts: 8,313
|
Hi William. Jettis works similar to the way you described ccbill. We've checked out ftp logs and all our files. It looks to not be on our end. I don't know many sites processing with jettis. Hopefully for everyone else this just happened to us.
|
|
|
|
|
07-10-2004, 07:08 PM
|
#6 |
|
Confirmed User
Join Date: Mar 2004
Location: Melbourne
Posts: 299
|
Ok it will be interesting to see what you find out shap
Just double check you don't have any strange cgi files on your server. At one point we had hackers uploading a modified whereami.cgi to our server which allowed them to locate our password file, A direct result of having our ftp login listed with globill at the time, you live and learn I guess. |
|
|
|
