While searching for info about an IP address on Google I came across this alarming search result:
Quote:Apache Status
people.bu.edu/SERVER/STATUS/index.php?option=com... - Cached
- Block all people.bu.edu results
0.18, 69, 177, 0.0, 0.00, 6.87, host-134-60-107-208-static.midc, people.bu.edu, GET /fncesbl/ HTTP/1.1. 25-273, -, 0/0/336 . 0.08, 79, 114, 0.0, 0.00, 6.57 ...
►
Apache Status
www.nk.ca/server-status/components/ - Cached2-3, 12993, 1/19/25138, C, 2.32, 0, 262, 0.3, 2.27, 262.63, host-134-60-107-208-static.midc, 429sqn.ca, GET /robots.txt HTTP/1.0 ...
Apache Status
www.ammoliteacres.ca/server-status/admin/.../cookie_setup.php - Cached0.38, 17388, 7, 0.0, 0.00, 59.21, host-134-60-107-208-static.midc, burnewood.ca, NULL. 50-1, -, 0/0/1622 . 0.23, 19175, 3, 0.0, 0.00, 50.08, 69.64.155.246 ...
http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=host-134-60-107-208-static.midc
Whoever the IT department IDIOT is who is responsible for not protecting the server status page of the people.bu.edu server (and allowing it to be indexed in google) should be fired
http://people.bu.edu/SERVER/STATUS/index..._gcalendar&controller=|echo
...but wait it gets better: their server statistics page is also wide open
http://people.bu.edu/stats/
http://people.bu.edu/stats/current/
server directory paths, files, IP addresses of visitors...all exposed
message to BU computer science students: if you're paying $40K annually to be taught about "computer security" by the completely incompetent idiots in BU's IT department who created this major security hole you're wasting your money.
They might also want to check for cross-site scripting problems on their site.
people.bu.edu server status Wrote:0/0/4582 . 0.27 38 30 0.0 0.00 196.54 c120.nskorea.com people.bu.edu GET //index.php?option=com_zimbcomment&controller=../../../../.
people.bu.edu server status Wrote:- 0/0/1 . 0.04 23970 163 0.0 0.00 0.00 81.27.38.57 people.bu.edu GET /?option=com_s5clanroster&controller=../../../../../../../.
When you see an URL like this in your logs "../../../../" it usually means somebody is trying to hack your server via an XSS (cross-site scripting) attack. In the case of BU the "somebody(s)" are servers in South Korea and Norway
Another problem they need to fix: their server has exposed directories without .htaccess or even index.php files.
http://people.bu.edu/SERVER/graphics/
Another problem: their exposed Analog Stats program is very outdated and needs to be updated. They're using version 5.31 which was released in January 2003 (
http://www.analog.cx/docs/wasnew5.html)
people.bu.edu Wrote:Web statistics report produced by:
Analog 5.31 Report Magic for Analog 2.13
Another problem:
people.bu.edu Wrote:Server: Apache/1.3.6 (Unix)
Transfer-Encoding: chunked
Content-Type: text/html
The server's outdated Apache v1.36 was released 7 years ago and contains several security holes, including a (surprise, surprise) XSS vulnerability which was first disclosed in 2007
http://secunia.com/advisories/26273/
Quote: While searching for info about an IP address on Google I came across this alarming search result:
If you want alarming check out this stopforumspam database entry and click on the whois:
http://www.stopforumspam.com/ipcheck/171.159.64.10
WHOIS Wrote:Bank of America BAC-171-128-0-0-1 (NET-171-128-0-0-1) 171.128.0.0 - 171.206.255.255
Asia Pacific Network Information Centre APNIC-ERX-171 (NET-171-0-0-0-0) 171.0.0.0 - 171.255.255.255
There are multiple entries for Bank of America in the stopforumspam.com database and if you google B of A's IP addresses you'll see that their outsourced employees in India, when they're not making a few extra bucks on the side by spamming links in forums, are also surfing malware infested porn sites while sitting at their desks at Bank of America. Every single visitor from B of A, including employees using computers located in the US, that has visited our sites over the past year has either been using the security hole filled Internet Explorer 7 or the even buggier 10-year-old Internet Explorer 6. Google and the French and German governments have banned their employees from using these 2 browsers versions but Bank of America allows their employees to surf the web with them.
When a company like Bank of America is negligent and doesn't filter employee Internet access, doesn't use up-to-date patched software, and allows its employees to use security hole filled unsafe web browsers like IE6/IE7 to surf malware infested porn sites from the same office computers that they use to access customer's accounts/financial data it is putting its millions of customers at risk of identity theft.
(08-24-2011, 09:08 PM)regic Wrote: [ -> ]Quote: While searching for info about an IP address on Google I came across this alarming search result:
If you want alarming check out this stopforumspam database entry and click on the whois:
http://www.stopforumspam.com/ipcheck/171.159.64.10
WHOIS Wrote:Bank of America BAC-171-128-0-0-1 (NET-171-128-0-0-1) 171.128.0.0 - 171.206.255.255
Asia Pacific Network Information Centre APNIC-ERX-171 (NET-171-0-0-0-0) 171.0.0.0 - 171.255.255.255
There are multiple entries for Bank of America in the stopforumspam.com database and if you google B of A's IP addresses you'll see that their outsourced employees in India, when they're not making a few extra bucks on the side by spamming links in forums, are also surfing malware infested porn sites while sitting at their desks at Bank of America. Every single visitor from B of A, including employees using computers located in the US, that has visited our sites over the past year has either been using the security hole filled Internet Explorer 7 or the even buggier 10-year-old Internet Explorer 6. Google and the French and German governments have banned their employees from using these 2 browsers versions but Bank of America allows their employees to surf the web with them.
When a company like Bank of America is negligent and doesn't filter employee Internet access, doesn't use up-to-date patched software, and allows its employees to use security hole filled unsafe web browsers like IE6/IE7 to surf malware infested porn sites from the same office computers that they use to access customer's accounts/financial data it is putting its millions of customers at risk of identity theft.
This is beyond insanity.
A friend e-mailed me on 08/23 and stated "The Bank of America system failed last week. I don't know how extensive the failure was but in NB you could not get your money out of the bank for at least part of one day. "
He had a theory based on insider info, but I wonder if the crash was actually related to this very troubling info?
Quote:A friend e-mailed me on 08/23 and stated "The Bank of America system failed last week. I don't know how extensive the failure was but in NB you could not get your money out of the bank for at least part of one day. "
Their website is less reliable than their ATM network
http://sitedown.co/bank-of-america
Compare the number of downtime reports for Bof A (140+) during the past 3 days to the number for Amazon (1), Ebay (2) , or Groupon (8) which have similar traffic.
http://sitedown.co/ebay
http://sitedown.co/amazon
http://sitedown.co/groupon
Quote:When a company like Bank of America is negligent and doesn't filter employee Internet access, doesn't use up-to-date patched software, and allows its employees to use security hole filled unsafe web browsers like IE6/IE7 to surf malware infested porn >insert> ANY sites from the same office computers that they use to access customer's accounts/financial data it is putting its millions of customers at risk of identity theft.
add another negligent financial company to the list:
IP: 12.10.219.169
USER AGENT: msie 7.0
The IP belongs to AMERICAN EXPRESS :
I'm assuming that none of the bailout money AmEx and Bank of America received went to their IT departments since neither company apparently has the manpower to devote to the simple task of updating the bug filled browsers on their employees desktops.
AmEx security negligence + Bof A security negligence = personal and financial info of a few hundred million people potentially at risk thanks to these boinktard companies
p.s. in case anyone is wondering, my company does update our desktop browsers as soon as updates are issued
my computer Wrote:User Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:9.0.1) Gecko/20100101 Firefox/9.0.1