RE: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!

["Curt Purdy" <purdy () tecman com>]

One of the things we are overlooking here is that the problem with banking
sites is not that transactions are going over the Internet through vpn
connections that are not going to be compromised. When was the last time you
heard of a credit card being stolen over an ssl connection (or an http
connection for that matter when you can get thousands from a SQL database?)
The problem lies in the triviality of hijacking sessions on half the banking
sites in America today.

Curt Purdy CISSP, MCSE+I, CNE, CCDA
Senior Systems Engineer
Information Security Engineer
DP Solutions
cpurdy () dpsol com
936.637.7977 ext. 121

----------------------------------------

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke


-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com]On Behalf Of Ron DuFresne
Sent: Saturday, January 25, 2003 7:01 PM
To: Jason Coombs
Cc: Richard M. Smith; 'Jay D. Dyson'; 'Bugtraq'; 'Full-Disclosure'
Subject: Re: [Full-disclosure] RE: MS SQL WORM IS DESTROYING INTERNET
BLOCK PORT 1434!




You'll find that you underestimate the number of banks and credit related
transactions that use internet connectivity to transact transfers and
payment activity.  Pay attention next time you use a ATM or credit card at
the gas pumps or the grocery, or a card in those ATM's in various malls
and stores.  You'll hear the modems in many dialing during the
'authorization' phase of the transaction, and few are dialing
into a private networked system.



Thanks,

Ron DuFresne


On Sat, 25 Jan 2003, Jason Coombs wrote:

> Bank of America should never have allowed their ATM network to rely on
> routes that could be impacted by non-ATM network computer systems.
>
> That Sapphire might have had this effect makes the sensibility behind
> writing and releasing it even more apparent, if this was in fact defensive
> work of a government agency as my speculation suggested.
>
> Jason Coombs
> jasonc () science org
>
> -----Original Message-----
> From: Richard M. Smith [mailto:rms () computerbytesman com]
> Sent: Saturday, January 25, 2003 1:11 PM
> To: jasonc () science org; 'Jay D. Dyson'; 'Bugtraq'; 'Full-Disclosure'
> Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
>
>
> However, this worm might not be so harmless as it appears because of
> collateral damage:
>
>    Bank of America ATMs Disrupted by Virus
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html