WebApp Sec mailing list archives
Re: IIS log
From: Randy <rho () clunet edu>
Date: Tue, 5 Aug 2003 13:58:00 -0700 (PDT)
This is a funny security message... I have setup and administered multiple IIS systems which utilize live payment systems and have never seen IIS log CC#s. The security hole is most likely within your webapp itself rather than IIS. --Randy On Tue, 5 Aug 2003, Justin H Tran wrote:
I just viewed an IIS log and I noticed that the credit card # is loogged. I beleive that this is a major flaw to log credit card # is clear text. Does anyone have any advice? Regards, Justin *** Incoming Mail scanned for known Viruses by CLUnet ***
Current thread:
- IIS log Justin H Tran (Aug 05)
- Re: IIS log Alejandro Flores (Aug 05)
- Re: IIS log Randy (Aug 05)
- <Possible follow-ups>
- RE: IIS log Michael Howard (Aug 05)
- RE: IIS log Richard M. Smith (Aug 05)
- Re: IIS log dotnetter (Aug 05)
- Re: IIS log jamesworld (Aug 05)
- RE: IIS log Nelson, Ernie (Aug 05)