Re: [News] [Rival] Windows based US Commerce Bank hacked - data stolen - Linux

This is a discussion on Re: [News] [Rival] Windows based US Commerce Bank hacked - data stolen - Linux ; On Thu, 11 Oct 2007 21:12:15 +0100, [H]omer wrote: > Windows 2003 Server bank system pwned: > > .---- >| Hackers infiltrated the systems of Commerce Bank and accessed the >| records of 20 customers, the US regional bank said ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: Re: [News] [Rival] Windows based US Commerce Bank hacked - data stolen

  1. Re: [News] [Rival] Windows based US Commerce Bank hacked - data stolen

    On Thu, 11 Oct 2007 21:12:15 +0100, [H]omer wrote:

    > Windows 2003 Server bank system pwned:
    >
    > .----
    >| Hackers infiltrated the systems of Commerce Bank and accessed the
    >| records of 20 customers, the US regional bank said today.
    >|
    >| The attack by persons unknown was partially thwarted - but not
    >| before a database of 3,000 records was hacked into and the data of
    >| 20 exposed. Compromised data included personal information such as
    >| names, addresses, Social Security numbers, phone numbers and, in a
    >| few cases, Commerce Bank account numbers, the Columbia Business
    >| Journal reports.
    >|
    >| Security staff shut down the attack and called in police to
    >| investigate after uncovering the breach a week ago. The FBI is
    >| investigating.
    >|
    >| The method used in the attack is unclear, and something the bank
    >| will be keen that it stays unclear
    > `----
    >
    > http://www.theregister.co.uk/2007/10...rce_bank_hack/
    >
    >
    > ######
    > 12.167.75.17 Windows Server 2003 Microsoft-IIS/6.0
    >
    > http://toolbar.netcraft.com/site_rep...mmercebank.com
    > ######
    >
    >
    > When will people ever learn that entrusting sensitive data and
    > transactions to Windows machines is stupid and dangerous?


    When will people, like you, learn how computers work?

    A) What evidence do you have that the attack came via the web server?

    B) What evidence do you have that the attack used Windows?

    C) What about all the banks running Unix that have been hacked?

    D) Why is it that you're keen to point the finger to Windows based on *0*
    information?

    You know what you call someone that spreads misinformation, or at the least
    makes claims that are not backed by available information?

    > Their damage limitation methods are also questionable. Security through
    > obscurity?


    So you're claiming a comment made by The Register is an official statement
    by the bank? Are you really that stupid? It would appear so.

    Why don't you stop jumping to conclusions. You might look like less of an
    ass.

  2. Re: [News] [Rival] Windows based US Commerce Bank hacked - data stolen

    Erik Funkenbusch wrote:

    > A) What evidence do you have that the attack came via the web server?


    What evidence do you have that it didn't. It is obvious that the
    'hackers' would have used the web front end to access the database.

    > B) What evidence do you have that the attack used Windows?


    Their web front-end runs on Windows ..

    > C) What about all the banks running Unix that have been hacked?


    What banks and was it through the web front end ...

    --

    for the purposes of the current troll:

    A) Redefine the meaning of 'front-end', 'web' and 'access' ..

    B) Produce no counter-evidence

    C) Lie about imaginary Unix banks being hacked ..

  3. Re: [News] [Rival] Windows based US Commerce Bank hacked - data stolen

    On Fri, 12 Oct 2007 12:39:30 +0100, Doug Mentohl wrote:

    > Erik Funkenbusch wrote:
    >
    >> A) What evidence do you have that the attack came via the web server?

    >
    > What evidence do you have that it didn't. It is obvious that the
    > 'hackers' would have used the web front end to access the database.


    It's obvious, huh? It's impossible for them to have gained access via a
    different server? It's impossible for them to have gained access via their
    firewall? It's impossible for them to have gained access in dozens of
    other ways?

    You're full of it Daeron.

    >> B) What evidence do you have that the attack used Windows?

    >
    > Their web front-end runs on Windows ..


    How do you know the part that accesses the database runs Windows? Just
    because the "brochure" part of the site runs Windows doesn't mean a backend
    server might not run something else.

    >> C) What about all the banks running Unix that have been hacked?

    >
    > What banks and was it through the web front end ...


    Oh, so suddenly, when it's not Windows, you'd question the mentod used.

    You're really a piece of work.

  4. Re: [News] [Rival] Windows based US Commerce Bank hacked - data stolen

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    On Fri, 12 Oct 2007 09:40:03 -0500,
    Erik Funkenbusch wrote:
    > On Fri, 12 Oct 2007 12:39:30 +0100, Doug Mentohl wrote:
    >
    >> Erik Funkenbusch wrote:
    >>
    >>> A) What evidence do you have that the attack came via the web server?

    >>
    >> What evidence do you have that it didn't. It is obvious that the
    >> 'hackers' would have used the web front end to access the database.

    >
    > It's obvious, huh? It's impossible for them to have gained access via a
    > different server? It's impossible for them to have gained access via their
    > firewall? It's impossible for them to have gained access in dozens of
    > other ways?
    >
    > You're full of it Daeron.
    >



    False logic, none of the above is evidence.

    >>> B) What evidence do you have that the attack used Windows?

    >>
    >> Their web front-end runs on Windows ..

    >
    > How do you know the part that accesses the database runs Windows? Just
    > because the "brochure" part of the site runs Windows doesn't mean a backend
    > server might not run something else.
    >


    to throw your own words back at you

    it's impossible for them to have gained access via the web front end?

    >>> C) What about all the banks running Unix that have been hacked?

    >>
    >> What banks and was it through the web front end ...

    >
    > Oh, so suddenly, when it's not Windows, you'd question the mentod used.
    >
    > You're really a piece of work.



    oh the irony.

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.6 (GNU/Linux)

    iD8DBQFHD9oMd90bcYOAWPYRAp4SAKCA1fQ8f6pFHR3ls53+wp b8dXAZqgCgr3QW
    oy0A65HDfJPuDVYsJMs2JMM=
    =GcUV
    -----END PGP SIGNATURE-----

    --
    Jim Richardson http://www.eskimo.com/~warlock
    Step by step, day by day, machine by machine, the penguins march forward.

  5. Re: [News] [Rival] Windows based US Commerce Bank hacked - data stolen

    On Fri, 12 Oct 2007 13:33:16 -0700, Jim Richardson wrote:

    > False logic, none of the above is evidence.


    Of course it isn't. I didn't say it was. That's the point. There's no
    evidence that Windows was at fault.

    > to throw your own words back at you
    >
    > it's impossible for them to have gained access via the web front end?


    No, of course it's not impossible. There is no evidence that it was,
    however.

  6. Re: [News] [Rival] Windows based US Commerce Bank hacked - data stolen

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    On Fri, 12 Oct 2007 15:55:43 -0500,
    Erik Funkenbusch wrote:
    > On Fri, 12 Oct 2007 13:33:16 -0700, Jim Richardson wrote:
    >
    >> False logic, none of the above is evidence.

    >
    > Of course it isn't. I didn't say it was. That's the point. There's no
    > evidence that Windows was at fault.
    >



    you responded to someone asking if you had evidence to back you up.

    >> to throw your own words back at you
    >>
    >> it's impossible for them to have gained access via the web front end?

    >
    > No, of course it's not impossible. There is no evidence that it was,
    > however.


    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.6 (GNU/Linux)

    iD8DBQFHD+ykd90bcYOAWPYRAh3ZAJ4v1A33/O57zHJMi7wVGgmVeb8K+gCgoYFC
    ijp+FjrYhFjVIaA9i7+qh2M=
    =IzYF
    -----END PGP SIGNATURE-----

    --
    Jim Richardson http://www.eskimo.com/~warlock
    "The dinosaurs became extinct because they didn't have a space program"
    -- Larry Niven

+ Reply to Thread