On Thursday 08 October 2009, Linux Lingam wrote: > > Including an Indian bank which had more than 800 machines infected with a > > trojan. Fortunately it could not break out of the network, and at least > > according to the bank no information was stolen.The trojan was stupid in > > constantly trying to phone home and was discoverd after a several 100 > > machines were infected and started chewing the meagre vsat bandwidth. > > which bank is this? > why do we have to keep their names discreet, when in my opinion, their > names should be clearly mentioned so concerned users may respond. for > instance, no one says "a global email service has usernames and > passwords hacked and published on a website". all news stories clearly > mention gmail, hotmail, and yahoo have been hacked and 30,000 accounts > with usersnames and passwords published on the web until taken > down....
There is no documentary evidence. One would have to set about a thorough investigation. Besides ofcourse people knowing this would have to maintain confidentiality. I am aware of innumerable breaches in various banks simply because the banks use doze. In the case of banks using doze on the server, it is pure disaster, forcing me to refuse much work from such banks. Right now i am dealing with a private Company facing disaster in it's ERP systems - VB+MYsql, lucky it's not VB+ msaccess. The alternative is a painful switch from this junk to linux and the fear of some business disruption. The features and capabilities that we take for granted, cost small fortunes on doze and yet fall short of FLOSS solutions. And every time I see such clients the gap seems to grow ever wider and makes me ever wonder what makes perfectly sane and rational people throw good money on M$ and other closed trash. BTW one of my bank customers has started sending me .ODTs :-)) -- Rgds JTD _______________________________________________ network mailing list [email protected] http://lists.fosscom.in/listinfo.cgi/network-fosscom.in
