Re: Mastercard problems

On 12/9/10 8:11 AM, Marshall Eubanks wrote: > By the way, I was amused that a Twitter spokesman boasted that > > "The company is not overly concerned about hackers’ attacking > Twitter’s site, he said, explaining that it faces security issues all > the time and has technology to deal with the situ

Re: Mastercard problems

he United States." --- secretservice.gov >>> >>> >>> Andrew >>> >>> >>> - Original Message - >>> From:Christopher Morrow >>> To:Jack Bates >>> Cc:"nanog@nanog.org" >

Re: Mastercard problems

ission is to safeguard the >> payment and financial systems of the United States." --- secretservice.gov >> >> >> Andrew >> >> >> - Original Message - >> From:Christopher Morrow >> To:Jack Bates >> Cc:"nanog@nanog.org&q

Re: Mastercard problems

org" > Sent:Wednesday, 8 December 2010, 18:47:49 > Subject:Re: Mastercard problems > > > I know that the folks involved on the MC side already have this data, > and that the fbi is interested in it. > > -chris > > > > > -- Jeffrey Lyon, Leadership T

Re: Mastercard problems

tch-police-website-attacked-after-arrests-of-suspected-hacker/ Andrew - Original Message - From:Michael Smith To:andrew.wall...@rocketmail.com Cc:nanog@nanog.org Sent:Thursday, 9 December 2010, 23:16:22 Subject:Re: Mastercard problems Exactly... Rounding up script kiddies one at a

Re: Mastercard problems

In article <476364.37472...@web59605.mail.ac4.yahoo.com>, andrew.wallace writes >>Dutch authorities have arrested a 16-year old "hacker" in connection >>with Mastercard. http://news.cnet.com/8301-31921_3-20025215-281.html It was a quick arrest wasn't it? Dutch authorities have a sligh

Re: Mastercard problems

rcard problems It was a quick arrest wasn't it? - Original Message - From:Michael Smith To:andrew.wallace Cc: Sent:Thursday, 9 December 2010, 21:49:16 Subject:RE: Mastercard problems 1 down, 3896 to go... :) -Original Message- From: andrew.wallace [mailto:andrew.wall...@rock

Re: Mastercard problems

It was a quick arrest wasn't it? - Original Message - From:Michael Smith To:andrew.wallace Cc: Sent:Thursday, 9 December 2010, 21:49:16 Subject:RE: Mastercard problems 1 down, 3896 to go... :) -Original Message- From: andrew.wallace [mailto:andrew.wall...@rocketmai

Re: Mastercard problems

On 9 Dec 2010, at 18:06, Jim Mercer wrote: > i don't have a cache, but i'm pretty sure those comments were added after i > posted. The new words are: -=--=- Looking for something? We're sorry. The Web address you entered is not a functioning page on our site <> Go to Amazon.com's Home Pag

Re: Mastercard problems

On Thu, Dec 9, 2010 at 1:23 PM, Roland Perry wrote: > In article <20101209180619.ga12...@reptiles.org>, Jim Mercer < > j...@reptiles.org> writes > > "Please note: This book contains commentary and analysis regarding >>> recent WikiLeaks disclosures, not the original material disclosed via >>> th

Re: Mastercard problems

On Thu, Dec 09, 2010 at 01:08:12PM -0500, Michael Holstein said: > >> The tool makes HTTP/1.0 requests, most browsers make HTTP/1.1 requests. >> > >Realistically, if the folks from Anonymous wanted to really cause >trouble, they'd be doing (legitimate looking) SSL requests against th

Re: Mastercard problems

In article <20101209180619.ga12...@reptiles.org>, Jim Mercer writes "Please note: This book contains commentary and analysis regarding recent WikiLeaks disclosures, not the original material disclosed via the WikiLeaks website." i don't have a cache, but i'm pretty sure those comments were add

Re: Mastercard problems

Uh, no. Source code from LOIC: byte[] buf; if (random == true) { buf = System.Text.Encoding.ASCII.GetBytes(String.Format("GET {0}{1} HTTP/1.1{2}Host: {3}{2}{2}{

Re: Mastercard problems

> The tool makes HTTP/1.0 requests, most browsers make HTTP/1.1 requests. > Realistically, if the folks from Anonymous wanted to really cause trouble, they'd be doing (legitimate looking) SSL requests against the actual payment gateways. The force-multiplier there is the computational effort i

Re: Mastercard problems

On Thu, Dec 09, 2010 at 05:18:39PM +, Roland Perry wrote: > In article <20101209162936.ga9...@reptiles.org>, Jim Mercer > writes > >amazon is selling a Kindle version of the Wikileaks released cables: > > > >http://www.amazon.co.uk/WikiLeaks-documents-expose-foreign-conspiracies/dp/B004EEOLIU

Re: Mastercard problems

On Dec 9, 2010, at 12:25 PM, Marshall Eubanks wrote: > > On Dec 9, 2010, at 11:29 AM, Jim Mercer wrote: > >> On Thu, Dec 09, 2010 at 11:11:49AM -0500, Marshall Eubanks wrote: >>> There is an interesting analysis in today's New York Times >>> >>> http://www.nytimes.com/2010/12/09/technology/09

Re: Mastercard problems

On Dec 9, 2010, at 11:29 AM, Jim Mercer wrote: > On Thu, Dec 09, 2010 at 11:11:49AM -0500, Marshall Eubanks wrote: >> There is an interesting analysis in today's New York Times >> >> http://www.nytimes.com/2010/12/09/technology/09net.html?_r=1 >> >> about the attacks on Mastercard, Visa and Eb

Re: Mastercard problems

On 12/09/2010 11:29 EST, Jim Mercer wrote: > amazon is selling a Kindle version of the Wikileaks released cables: > > http://www.amazon.co.uk/WikiLeaks-documents-expose-foreign-conspiracies/dp/B004EEOLIU/ "This book contains commentary and analysis regarding recent WikiLeaks disclosures, not the

Re: Mastercard problems

In article <20101209162936.ga9...@reptiles.org>, Jim Mercer writes amazon is selling a Kindle version of the Wikileaks released cables: http://www.amazon.co.uk/WikiLeaks-documents-expose-foreign-conspiracies/dp/B004EEOLIU/ this is all becoming quite surreal. "Please note: This book contains

Re: Mastercard problems

so now they are making a profit from Wikileaks. true Capitalism. - ** * * *http://www.dailypaul.com/* * * *http://www.thenewamerican.com/* * * * * * * On Thu, Dec 9, 2010 at 8:29 AM, Jim Mercer wrot

Re: Mastercard problems

On Thu, Dec 09, 2010 at 11:11:49AM -0500, Marshall Eubanks wrote: > There is an interesting analysis in today's New York Times > > http://www.nytimes.com/2010/12/09/technology/09net.html?_r=1 > > about the attacks on Mastercard, Visa and Ebay, how they were coordinated > over Twitter and Faceboo

Re: Mastercard problems

On Dec 9, 2010, at 4:37 AM, Paul Thornton wrote: > On 08/12/2010 20:42, Jack Bates wrote: >> Of course, it's debatable if use of LOIC is enough to convict. You'd >> have to first prove the person installed it themselves, and then you'd >> have to prove that they knew it would be used for illegal

Re: Mastercard problems

On Thu, Dec 9, 2010 at 3:49 AM, William Pitcock wrote: > On Thu, 2010-12-09 at 18:34 +1100, Ben McGinnes wrote: >> On 9/12/10 8:04 AM, Christopher Morrow wrote: >> > pro-tip: the tool has a pretty easy to spot signature. >> >> What is that signature? >> > > The tool makes HTTP/1.0 requests, most b

Re: Mastercard problems

here is the audio from BBC Radio 4. http://www.bbc.co.uk/news/technology-11935539 On Thu, Dec 9, 2010 at 1:37 AM, Paul Thornton wrote: > On 08/12/2010 20:42, Jack Bates wrote: > >> Of course, it's debatable if use of LOIC is enough to convict. You'd >> have to first prove the person installed

Re: Mastercard problems

In article <4d00a373.3010...@prt.org>, Paul Thornton writes Earlier this morning there were two people interviewed on the BBC radio 4 Today program (this is considered the BBC's flagship morning news/current affairs show on their serious nationwide talk radio station) about this - one was a se

Re: Mastercard problems

On Thu, Dec 09, 2010, Adrian Chadd wrote: > Be careful - plenty of Squid's make HTTP/1.0 version. make HTTP/1.0 requests, not "version". Tsk. (And here I am, studying linguistics. Pshaw.) Adrian

Re: Mastercard problems

On Thu, Dec 09, 2010, Ben McGinnes wrote: > On 9/12/10 7:49 PM, William Pitcock wrote: > > On Thu, 2010-12-09 at 18:34 +1100, Ben McGinnes wrote: > >> On 9/12/10 8:04 AM, Christopher Morrow wrote: > >>> On Wed, Dec 8, 2010 at 3:06 PM, Philip Dorr wrote: > The problem is that they were also sl

Re: Mastercard problems

On 9/12/10 7:49 PM, William Pitcock wrote: > On Thu, 2010-12-09 at 18:34 +1100, Ben McGinnes wrote: >> On 9/12/10 8:04 AM, Christopher Morrow wrote: >>> On Wed, Dec 8, 2010 at 3:06 PM, Philip Dorr wrote: The problem is that they were also slashdotted. The logs would also have a large nu

Re: Mastercard problems

On 08/12/2010 20:42, Jack Bates wrote: Of course, it's debatable if use of LOIC is enough to convict. You'd have to first prove the person installed it themselves, and then you'd have to prove that they knew it would be used for illegal purposes. Earlier this morning there were two people inter

Re: Mastercard problems

On Thu, 2010-12-09 at 18:34 +1100, Ben McGinnes wrote: > On 9/12/10 8:04 AM, Christopher Morrow wrote: > > On Wed, Dec 8, 2010 at 3:06 PM, Philip Dorr wrote: > >> The problem is that they were also slashdotted. The logs would also have a > >> large number of unrelated. > > > > pro-tip: the tool

Re: Mastercard problems

On 9/12/10 8:04 AM, Christopher Morrow wrote: > On Wed, Dec 8, 2010 at 3:06 PM, Philip Dorr wrote: >> The problem is that they were also slashdotted. The logs would also have a >> large number of unrelated. > > pro-tip: the tool has a pretty easy to spot signature. What is that signature? Reg

MasterCard problems

a national security risk. -Kiriki -Original Message- From: Matthew Black [mailto:bl...@csulb.edu] Sent: Wednesday, December 08, 2010 3:20 PM To: nanog@nanog.org Subject: Re: Mastercard problems O> - Original Message - >From:James Downs > To:andrew.wallace > Cc:

Re: Mastercard problems

O> - Original Message - From:James Downs To:andrew.wallace Cc:Christopher Morrow ; "nanog@nanog.org" Sent:Wednesday, 8 December 2010, 21:30:20 Subject:Re: Mastercard problems [snip] Yikes.. you consider a private company's business to be the financial and pay

Re: Mastercard problems

o:andrew.wallace > Cc:Christopher Morrow ; "nanog@nanog.org" > > Sent:Wednesday, 8 December 2010, 21:30:20 > Subject:Re: Mastercard problems > > > On Dec 8, 2010, at 12:30 PM, andrew.wallace wrote: > > > I would say the attack falls under the jurisdiction of the US secre

Re: Mastercard problems

ml Andrew - Original Message - From:James Downs To:andrew.wallace Cc:Christopher Morrow ; "nanog@nanog.org" Sent:Wednesday, 8 December 2010, 21:30:20 Subject:Re: Mastercard problems On Dec 8, 2010, at 12:30 PM, andrew.wallace wrote: > I would say the attack falls un

Re: Mastercard problems

On Wed, Dec 08, 2010 at 04:05:32PM -0600, Jorge Amodio said: >> Yes it has: >> >> http://blog.securetrading.com/2010/12/mastercard-maestro-3-d-secure/ > >I've been processing cards all day for my wife's biz without any problems. there are other payment processors out there for mastercard

Re: Mastercard problems

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, Dec 8, 2010 at 2:05 PM, Jorge Amodio wrote: >> Yes it has: >> >> http://blog.securetrading.com/2010/12/mastercard-maestro-3-d-secure/ > > I've been processing cards all day for my wife's biz without any > problems. > At least some processing

Re: Mastercard problems

> Yes it has: > > http://blog.securetrading.com/2010/12/mastercard-maestro-3-d-secure/ I've been processing cards all day for my wife's biz without any problems. -J

Re: Mastercard problems

On 12/8/2010 1:30 PM, James Downs wrote: On Dec 8, 2010, at 12:30 PM, andrew.wallace wrote: I would say the attack falls under the jurisdiction of the US secret service since this is an attack on the financial system. "Today the agency's primary investigative mission is to safeguard the paymen

Re: Mastercard problems

On Dec 8, 2010, at 12:30 PM, andrew.wallace wrote: I would say the attack falls under the jurisdiction of the US secret service since this is an attack on the financial system. "Today the agency's primary investigative mission is to safeguard the payment and financial systems of the United

Re: Mastercard problems

On Wed, Dec 8, 2010 at 3:06 PM, Philip Dorr wrote: > The problem is that they were also slashdotted.  The logs would also have a > large number of unrelated. pro-tip: the tool has a pretty easy to spot signature. -chris

Re: Mastercard problems

On 12/8/2010 2:37 PM, Olof Johansson wrote: On 2010-12-08 14:06 -0600, Philip Dorr wrote: The problem is that they were also slashdotted. The logs would also have a large number of unrelated. "so... the loic tool uses the host's local address, the attacks are all HTTP based, or tcp/80 with ma

Re: Mastercard problems

On 2010-12-08 14:06 -0600, Philip Dorr wrote: > The problem is that they were also slashdotted. The logs would also have a > large number of unrelated. "so... the loic tool uses the host's local address, the attacks are all HTTP based, or tcp/80 with malformed HTTP..." That should be easy to gr

Re: Mastercard problems

ce.gov Andrew - Original Message - From:Christopher Morrow To:Jack Bates Cc:"nanog@nanog.org" Sent:Wednesday, 8 December 2010, 18:47:49 Subject:Re: Mastercard problems I know that the folks involved on the MC side already have this data, and that the fbi is interested in it. -chris

Re: Mastercard problems

The problem is that they were also slashdotted. The logs would also have a large number of unrelated. On Dec 8, 2010 12:49 PM, "Christopher Morrow" wrote: > On Wed, Dec 8, 2010 at 12:34 PM, Jack Bates wrote: >> >> >> On 12/8/2010 11:28 AM, William McCall wrote: >> >>> >>> Are you prepared for "i

Re: Mastercard problems

On Wed, Dec 8, 2010 at 12:34 PM, Jack Bates wrote: > > > On 12/8/2010 11:28 AM, William McCall wrote: > >> >> Are you prepared for "informaton terrorism" laws? >> > > > DOS attacks are already illegal. I question the ability to track responsible > parties down and have appropriate proof to actuall

Re: Mastercard problems

On 12/8/2010 11:28 AM, William McCall wrote: Are you prepared for "informaton terrorism" laws? DOS attacks are already illegal. I question the ability to track responsible parties down and have appropriate proof to actually prosecute. Let's be honest. Even in the 20th century, more peo

Re: Mastercard problems

On Wed, Dec 8, 2010 at 11:24 AM, Jack Bates wrote: > On 12/8/2010 11:18 AM, Joseph Prasad wrote: >> >> google = "Operation: Payback" >> > > Sadly, our ineffective government probably won't bring these perpetrators to > justice. I have no real opinion concerning wikileaks, but DOS attacks cannot >

Re: Mastercard problems

On 12/8/2010 11:18 AM, Joseph Prasad wrote: google = "Operation: Payback" Sadly, our ineffective government probably won't bring these perpetrators to justice. I have no real opinion concerning wikileaks, but DOS attacks cannot be justified. Jack

Re: Mastercard problems

google = "Operation: Payback" On Wed, Dec 8, 2010 at 9:00 AM, andrew.wallace < andrew.wall...@rocketmail.com> wrote: > It appears the site is under a sustained attack, CNET reports. > > > http://news.cnet.com/8301-13578_3-20024966-38.html > > > Andrew > > > > > >

Re: Mastercard problems

On Wed, 08 Dec 2010 12:14:15 -0500 William Warren wrote: > On 12/8/2010 12:00 PM, andrew.wallace wrote: > > It appears the site is under a sustained attack, CNET reports. > > > > > > http://news.cnet.com/8301-13578_3-20024966-38.html > > > > > > Andrew > > > > > > > > > > > It's only their main w

Re: Mastercard problems

On 12/8/2010 12:00 PM, andrew.wallace wrote: It appears the site is under a sustained attack, CNET reports. http://news.cnet.com/8301-13578_3-20024966-38.html Andrew It's only their main website it has not affected their ability to process payments as of yet.