GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Webmasters Processing Thru JETTIS are you seeing this as well?? IMPORTANT! (https://gfy.com/showthread.php?t=324411)

Shap 07-10-2004 06:01 PM
Webmasters Processing Thru JETTIS are you seeing this as well?? IMPORTANT!
 
Hi. We run Jettis as our backup processor. We have jettis set up to automatically issue username and passwords. They issue encrypted user and passes to our members and usually they never show up in Proxy Pass. The odd time we'll see maybe 1 to 5 in a day.

Today we've had 100+ Jettis Usernames show up in Proxy Pass (as well as on every password trading board) as being used by 15+ ips. It appears as though someone got a hold Jettis password list. Have any other Jettis clients noticed the same thing? I'm wondering if maybe Jettis databases were hacked.

William-Xfactor 07-10-2004 06:30 PM
I don?t use Jettis
However I know for a fact the Globill ftp database was hacked several times.
If I were you I would get your host to check the ftp logs for your box. change your ftp login and make sure your processing company does not know your ftp login.
Of course this might have nothing to do with Jettis and could be that your site has been exploited through any number of possible methods. Good luck

William-Xfactor 07-10-2004 06:42 PM
On another point ?again not knowing how Jettis works? for security reasons it?s best to have the Username: passwords, assigned to your customers with the longest char length available also use random upper / lower case. This is one feature that I love about ccbill. This way even if they get your password file it?s very difficult and time consuming to decrypt them.

Dax 07-10-2004 06:43 PM
I have had that happen before.. =\

I could not understand what was going on.. but once in a while I would see a HIGH ammount of new usernames, that were not paying members.. but they did not get access to the site for more than 5 hits!

Shap 07-10-2004 06:54 PM
Hi William. Jettis works similar to the way you described ccbill. We've checked out ftp logs and all our files. It looks to not be on our end. I don't know many sites processing with jettis. Hopefully for everyone else this just happened to us.

William-Xfactor 07-10-2004 07:08 PM
Ok it will be interesting to see what you find out shap
Just double check you don't have any strange cgi files on your server. At one point we had hackers uploading a modified whereami.cgi to our server which allowed them to locate our password file, A direct result of having our ftp login listed with globill at the time, you live and learn I guess.


All times are GMT -7. The time now is 05:37 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123