[AusNOG] Security for CC details of new signups

James Paussa lists at puzza.org
Tue Jul 6 10:12:37 EST 2010


Steve,
Make them aware of the problem. If they don't congratulate you and give
you a full time job for at least 6 figures it seems that the standard
operating procedure is to release the details publicly to teach them a
lesson.
</sarcasm>

James.

> Hi List,
>
> I've been doing some work on a client's network and I was wondering if
> their
> method of storing credit card numbers of newly registering users was BCP
> or
> not.  Basically, what seems to be happening is the new user's details,
> including CC, get stored in a world-readable file in /tmp.  I'm worried
> that
> this might be susceptible to being stolen and posted somewhere by a
> hacker.
> Does this seem well-founded to you or am I just paranoid?
>
> Regards,
> Steve
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>





More information about the AusNOG mailing list