Use a PGP designed system... use 1/2 on the server 1/2 on the email type of cart. I worked on few sites using a bad commerce.cgi, agoracgi and even Miva script! These people had Miva access logs and transaction as old as 2 years! 2 Freaking years of credit card/logs! We're talking about 50 transactions a day with credit cards, you do the math onto how many transactions. I deleted 90% of them to speed up the cart and compact it daily/weekly. They even had issues with duplicate unique keys that wouldn't compile. I am / was amazed of lack of careless, viruses, and such... It is fairly easy to get in, bypass the "miva" admin login and once you are in... you've got everything, and I mean everything. It's scary... Being hosted on Win2k is making it even worst. Interland is even stupider by getting hit with viruses, exposing directories and having more trouble tickets open than closed. Also having "domain.*/report" open so some of the domains had detailed WebTrends Enterprise reports for everyone to look at.. and I'm sure if you see them you can get a bit of information on them. P.S. Interland is too busy acquiring/buying everyone out there and focusing less on themselves. 2nd P.S. I guess I couldn't wait for the new RAQ. I 'gots' me a SuperMicro - Super Server and I will run a 2.0 GIG MHZ and 1.5GIG RAM for under 1200$... Comes with all the dual Ethernet Intel Mobo, up to 3-4 gig of ram option... I will sure miss the ChilliSoft. This will be mainly for music broadcast and bandwidth eating aps ;) -- Nicolae _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
