13,000 Bank of America ATM's taken out by virus.
Does this mean that BofA ATM's are SQL based or that BofA is running ATM traffic through some kind of internet VPN? Perhaps they just plug the ATM's into any connection and pass cleartext transactions over the internet? This is very suspicious, IMHO. http://www.washingtonpost.com/wp-dyn/articles/A43267-2003Jan25.html Regards, Christopher J. Wolff, VP CIO Broadband Laboratories, Inc. http://www.bblabs.com
On Sat, 25 Jan 2003, Christopher J. Wolff wrote:
Does this mean that BofA ATM's are SQL based or that BofA is running ATM traffic through some kind of internet VPN? Perhaps they just plug the ATM's into any connection and pass cleartext transactions over the internet? This is very suspicious, IMHO.
At $previous_employer half the connections to the various banks they had were via VPN. /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ Patrick Greenwell Asking the wrong questions is the leading cause of wrong answers \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
At 03:23 PM 1/25/2003 -0800, Patrick wrote:
On Sat, 25 Jan 2003, Christopher J. Wolff wrote:
Does this mean that BofA ATM's are SQL based or that BofA is running ATM traffic through some kind of internet VPN? Perhaps they just plug the ATM's into any connection and pass cleartext transactions over the internet? This is very suspicious, IMHO.
At $previous_employer half the connections to the various banks they had were via VPN.
I know of a bank whose consultants are blithering idiots. The lack of security baffles my mind. My home network is 10 times more secure than what I've been told about. :( I'd hate to think that this is fairly common among banks but I'm starting to wonder... The only positive thing that has come out of their lack of security is that I know one place not to put any of my money. :P Vinny Abello Network Engineer Server Management vinny@tellurian.com (973)300-9211 x 125 (973)940-6125 (Direct) PGP Key Fingerprint: 3BC5 9A48 FC78 03D3 82E0 E935 5325 FBCB 0100 977A Tellurian Networks - The Ultimate Internet Connection http://www.tellurian.com (888)TELLURIAN There are 10 kinds of people in the world. Those who understand binary and those that don't.
From: "Vinny Abello"
I know of a bank whose consultants are blithering idiots. The lack of security baffles my mind. My home network is 10 times more secure than
what
I've been told about. :( I'd hate to think that this is fairly common among banks but I'm starting to wonder... The only positive thing that has come out of their lack of security is that I know one place not to put any of my money. :P
Given your sig, is that 2 times or 10 times more secure? :) I agree, though. I know some banks running 2.4 wireless inside the building. Apparently they aren't aware of the wonderful abilities to kick a mac off, assume it and have instant access to all the shares the original owner had (M$ file sharing trust issue?). When it comes to a bank, any security issue, no matter how small is a major one. Of course, there's probably still a hacker in Russia somewhere enjoying the fruits of CityBank. :) Then again, he may have died of old age by now. Jack Bates Network Engineer BrightNet Oklahoma
On Sat, 25 Jan 2003 20:33:24 -0500 Vinny Abello <vinny@tellurian.com> wrote:
I know of a bank whose consultants are blithering idiots.
i had a small local bank as a client at a network monitoring company i used to be involved in. we usually refered to their IT staff (in private) as larry, moe and curly. the only reason their frame network between branches worked at all was because they turned the whole thing over to us. they didn't have a clue, not a single one between the three of them. it really is that bad. richard -- Richard Welty rwelty@averillpark.net Averill Park Networking 518-573-7592 Unix, Linux, IP Network Engineering, Security
participants (5)
-
Christopher J. Wolff
-
Jack Bates
-
Patrick
-
Richard Welty
-
Vinny Abello