Saw this, maybe it can help the pcHDTV guys. http://it.slashdot.org/article.pl?sid=04/12/21/2135235&tid=220&tid=217&tid=169
Dan Littlejohn On Tue, 21 Dec 2004 11:19:14 -0600, Dan Littlejohn <[EMAIL PROTECTED]> wrote: > My card company does offer that. Nice tip, thanks. > > Dan Littlejohn > > On Tue, 21 Dec 2004 11:34:02 -0500, Christopher Flynn > <[EMAIL PROTECTED]> wrote: > > See if you CC has those one time use generators. You set a limit (what > > the price of the item is) and they give you a one time use number, > > exparation date etc... Nice for when you don't trust the site. > > > > On Tue, 21 Dec 2004 09:57:41 -0600, Dan Littlejohn > > <[EMAIL PROTECTED]> wrote: > > > Nice, I just purchased a card from them yesterday and now my credit > > > card number may be out on the net. > > > > > > Dan Littlejohn > > > > > > > > > On Tue, 21 Dec 2004 10:44:00 -0500, Anthony Vito <[EMAIL PROTECTED]> > > > wrote: > > > > > Can someone reach out to Jack/folks and tell them to fix their WWW > > > > > site again? > > > > > > > > > > Wow - someone doesn't like them. > > > > > > > > > > > > > Script kiddies don't discriminate. They'll just hack whatever known > > > > exploits are available for whatever server. The problem with > > > > pchdtv.com is this ... https://pchdtv.com/ ... they are running the > > > > SSL port open on version 1.33.3 of apache... I bet they don't have all > > > > the SSL patches up to date, because they aren't really using SSL all > > > > that much.... Or the fact they are running PHP 4.2.2. That has some > > > > known exploits as well..... > > > > > > > > They also have their server horribly unsecured... it's running all > > > > these open ports... > > > > > > > > ## nmap -sS pchdtv.com > > > > > > > > Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2004-12-21 > > > > 10:31 EST > > > > Interesting ports on powell.slcinet.net (128.121.217.18): > > > > (The 1635 ports scanned but not shown below are in state: closed) > > > > PORT STATE SERVICE > > > > 21/tcp open ftp > > > > 22/tcp open ssh > > > > 23/tcp open telnet > > > > 25/tcp open smtp > > > > 79/tcp open finger > > > > 80/tcp open http > > > > 106/tcp open pop3pw > > > > 110/tcp open pop-3 > > > > 119/tcp open nntp > > > > 139/tcp open netbios-ssn > > > > 143/tcp open imap > > > > 443/tcp open https > > > > 513/tcp open login > > > > 514/tcp open shell > > > > 587/tcp open submission > > > > 990/tcp open ftps > > > > 992/tcp open telnets > > > > 993/tcp open imaps > > > > 995/tcp open pop3s > > > > 2401/tcp open cvspserver > > > > 3306/tcp open mysql > > > > 5190/tcp open aol > > > > > > > > MySQL is available for internet logins... I bet that's the same MySQL > > > > they are storing credit card information in!!! They have "AIM" running > > > > on the server for god sakes!!!! I can think of at least 7 starting > > > > points to break into that box... and I bet 3 of them would have me > > > > ending up as root or at least getting write access to the web space. > > > > > > > > pchdtv guys... I love you and what you stand for. I will donate my > > > > time to secure your server properly if you wish. If anyone has contact > > > > info for "Jack" is it? Send him my offer and my contact information. > > > > > > > > -- > > > > Anthony Vito > > > > [EMAIL PROTECTED] > > > > > > > > > > > > _______________________________________________ > > > > mythtv-users mailing list > > > > [EMAIL PROTECTED] > > > > http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > mythtv-users mailing list > > > [EMAIL PROTECTED] > > > http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users > > > > > > > > > > > > > > > -- > > You must be the change you wish to see in the world. - Gandhi > > > > > > _______________________________________________ > > mythtv-users mailing list > > [EMAIL PROTECTED] > > http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users > > > > > > >
_______________________________________________ mythtv-users mailing list [EMAIL PROTECTED] http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
