13,000 Bank of America ATM's taken out by virus.

Christopher_J_Wolff · January 25, 2003, 10:57pm

Does this mean that BofA ATM's are SQL based or that BofA is running ATM
traffic through some kind of internet VPN? Perhaps they just plug the
ATM's into any connection and pass cleartext transactions over the
internet? This is very suspicious, IMHO.

http://www.washingtonpost.com/wp-dyn/articles/A43267-2003Jan25.html

Regards,
Christopher J. Wolff, VP CIO
Broadband Laboratories, Inc.
http://www.bblabs.com

Patrick3 · January 25, 2003, 11:23pm

At $previous_employer half the connections to the various banks they had
were via VPN.

/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
Patrick Greenwell
Asking the wrong questions is the leading cause of wrong answers
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/

Vinny_Abello1 · January 26, 2003, 1:33am

I know of a bank whose consultants are blithering idiots. The lack of security baffles my mind. My home network is 10 times more secure than what I've been told about. I'd hate to think that this is fairly common among banks but I'm starting to wonder... The only positive thing that has come out of their lack of security is that I know one place not to put any of my money.

Vinny Abello
Network Engineer
Server Management
vinny@tellurian.com
(973)300-9211 x 125
(973)940-6125 (Direct)
PGP Key Fingerprint: 3BC5 9A48 FC78 03D3 82E0 E935 5325 FBCB 0100 977A

Tellurian Networks - The Ultimate Internet Connection
http://www.tellurian.com (888)TELLURIAN

There are 10 kinds of people in the world. Those who understand binary and those that don't.

Jack_Bates · January 26, 2003, 3:35am

I know of a bank whose consultants are blithering idiots. The lack of
security baffles my mind. My home network is 10 times more secure than

what

I've been told about. I'd hate to think that this is fairly common

among

banks but I'm starting to wonder... The only positive thing that has come
out of their lack of security is that I know one place not to put any of

my

money.

Given your sig, is that 2 times or 10 times more secure?

I agree, though. I know some banks running 2.4 wireless inside the building.
Apparently they aren't aware of the wonderful abilities to kick a mac off,
assume it and have instant access to all the shares the original owner had
(M$ file sharing trust issue?). When it comes to a bank, any security issue,
no matter how small is a major one. Of course, there's probably still a
hacker in Russia somewhere enjoying the fruits of CityBank. Then again,
he may have died of old age by now.

Jack Bates
Network Engineer
BrightNet Oklahoma

Richard_P_Welty · January 26, 2003, 3:52am

i had a small local bank as a client at a network monitoring company i used
to be involved in.

we usually refered to their IT staff (in private) as larry, moe and curly.

the only reason their frame network between branches worked at all was
because they turned the whole thing over to us. they didn't have a clue,
not a single one between the three of them.

it really is that bad.

richard