-
February 12th, 2006, 08:32 PM
#1
Junior Member
How much trouble is my friend in???
I have a friend who runs a website, and backs up his smartphone to a server. While putzing around his site the other day, I found a .rtf file that contained ALL his passwords, credit cards, SIN number, EVERYTHING. It was sitting on a random directory, and fully publically accessable. It looked as though it had been up for a month.
I wanted to ask you guys, what are the odds that I was the first person to find this file on his server? The server itself isn't indexed by google, but there are some other sites that link to it. Are there bots that go around and scan for this kind of thing?
Also, if someone else HAS gotten their hands on this info, how much trouble is my friend in?
Thanks.
-
February 12th, 2006, 08:46 PM
#2
Member
Hmmm, there is are little chances that someone else found the password-containing file. Now on the one hand it depends how many people visit that site and how many people abuse the posible search engine on the site. Just tell your friend to check the permisions on the file. By the way, can you tell me what was the file called?
The access to the computer or
anything else that shows us how the
world works must be total and
unlimited.
-
February 12th, 2006, 09:11 PM
#3
Member
id advise against telling anyone, especially a public forum, what the filename was, just in case it was indexed by a search engine. do your friend a favour and tell him about it, and keep quiet about it online.
-
February 12th, 2006, 09:16 PM
#4
Originally posted here by Somefilename
By the way, can you tell me what was the file called?
Don't share that information, it has no use in this discussion.
Depending on the information and how easy it was to find, your friend could be in very big trouble. You may want to let your friend know that every password needs to be changed ASAP. Also, you say it is not indexed by Google, but what about other search engines. There are ones out there that specifically look for that kind of stuff.
Regardless, your friend needs to remove that file, call the credit card companies, and take any other precaution necessary to ensure that the information is not used with malicious intent.
Good luck!
-Deeboe
If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
- Sun Tzu, The Art of War
http://tazforum.**********.com/
-
February 12th, 2006, 09:55 PM
#5
He can easily find out how many people saw it by checking the access logs. Hopefully you will be the only one in the logs. However, if the file contained usernames and passwords for the actual server, people may be altering the access logs if one of those username and passwords gives them that access. Hit your friend with a cluebat.
-
February 12th, 2006, 10:35 PM
#6
Unless you friend employs a secured logging system then looking at the logs is a waste of time if the file was created by a person.... Target one after compromise is the logs so they can hide their activity.
Silly question... How did all that personal information of his find it's way onto a publicly available server... Does he do his personal banking from this box too???
I would look backwards not forwards. Which machine does he do his personal stuff on _and_ administer the web site from? Look to that to be compromised and the server being a secondary "conquest" and a conduit outbound for the information.
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
February 13th, 2006, 12:04 AM
#7
Junior Member
I think it's probably safe to assume that IF someone got this file, his entire LIFE will be security compromised. His only hope, only hope, is that nobody got this file over the month it was available, or that anyone who has this file doesn't know what it is. How likely is this?
For example, I know that bots go around scanning for security vulnerabilities on systems, but are there bots that scan for people dumb enough to leave their credit cards and stuff in a public folder? Is there a heuristic that can recognise a credit card number from any other 13-digit number that might be kicking around the internet? Also, is there any liklihood that his site would have been "flagged" by hackers as something to check out?
If someone found this information, this guy would be completely screwed. I mean 100% screwed...
-
February 13th, 2006, 12:09 AM
#8
How do you have a server accessable from the Internet that is " so out-of-the way "?
Just wondering what you mean is all?
-
February 13th, 2006, 12:10 AM
#9
Your last sentence is quite salient....
You can't trust _anything_ at this point... even if you _think_ you can, you can't..
Satrting from scratch is probably his best bet...
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
February 13th, 2006, 12:13 AM
#10
to go back to TS's remark
it's on a server
in a 'random' named file
it might be there because said 'bad lads' have put it there
his PC may have been compromised, and all data sent to a 'hacker' mailbox, set up on his server.
need some kit, call here for a CC #
get him to remove / delete the file from the server
was it ONLY personal data in the file ?
any other stuff ? [no details, just Y or N ]
I'd be concerned if it was just personal data AND it was NOT a copy of another file on the PC ......
that would damn nigh convince me that 'someone' had set it up specifically as a 'mailbox'
so now I'm in my SIXTIES FFS
WTAF, how did that happen, so no more alterations to the sig, it will remain as is now
Beware of Geeks bearing GIF's
come and waste the day :P at The Taz Zone
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|