<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2653.12">
<TITLE>RE: [Full-Disclosure] visa XSS?</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=2>:~#whois -m 64.21.80.2</FONT>
<BR><FONT SIZE=2>route: 64.21.0.0/17</FONT>
<BR><FONT SIZE=2>descr: Net Access Corporation</FONT>
<BR><FONT SIZE=2> Core Network Block</FONT>
<BR><FONT SIZE=2> 9 Mt. Pleasant Tpk.</FONT>
<BR><FONT SIZE=2> Denville, NJ 07834</FONT>
<BR><FONT SIZE=2>origin: AS8001</FONT>
<BR><FONT SIZE=2>mnt-by: MAINT-AS8001</FONT>
<BR><FONT SIZE=2>changed: alex@nac.net 20000908</FONT>
<BR><FONT SIZE=2>source: RADB</FONT>
</P>
<P><FONT SIZE=2>jpb</FONT>
<BR><FONT SIZE=2>===</FONT>
</P>
<P><FONT SIZE=2>-----Original Message-----</FONT>
<BR><FONT SIZE=2>From: Scott Anderson</FONT>
<BR><FONT SIZE=2>To: full-disclosure@lists.netsys.com</FONT>
<BR><FONT SIZE=2>Sent: 12/23/03 5:42 PM</FONT>
<BR><FONT SIZE=2>Subject: Re: [Full-Disclosure] visa XSS?</FONT>
</P>
<P><FONT SIZE=2>How is this located in Queensland. Arin clearly states:</FONT>
</P>
<P><FONT SIZE=2>OrgName: Net Access Corporation</FONT>
<BR><FONT SIZE=2>OrgID: NAC</FONT>
<BR><FONT SIZE=2>Address: 1719 STE RT 10E</FONT>
<BR><FONT SIZE=2>Address: Suite 111</FONT>
<BR><FONT SIZE=2>City: Parsippany</FONT>
<BR><FONT SIZE=2>StateProv: NJ</FONT>
<BR><FONT SIZE=2>PostalCode: 07054</FONT>
<BR><FONT SIZE=2>Country: US</FONT>
</P>
<BR>
<P><FONT SIZE=2>Am I missing something?</FONT>
</P>
<P><FONT SIZE=2>-----Original Message-----</FONT>
<BR><FONT SIZE=2>From: Adam Hunt [<A HREF="mailto:adam@huntrecruiting.com">mailto:adam@huntrecruiting.com</A>]</FONT>
<BR><FONT SIZE=2>Sent: Wednesday, 24 December 2003 3:29</FONT>
<BR><FONT SIZE=2>To: jan.muenther@nruns.com; Mauro Flores</FONT>
<BR><FONT SIZE=2>Cc: full-disclosure@lists.netsys.com</FONT>
<BR><FONT SIZE=2>Subject: Re: [Full-Disclosure] visa XSS?</FONT>
</P>
<BR>
<P><FONT SIZE=2>this is not nac.net</FONT>
</P>
<P><FONT SIZE=2>it's a completely different netblock blah blah</FONT>
</P>
<P><FONT SIZE=2>it's some punk in Queensland AU</FONT>
</P>
<P><FONT SIZE=2>Robbie Walker</FONT>
</P>
<P><FONT SIZE=2>and if some one is sniffing from nac.net it's too bad for them because </FONT>
<BR><FONT SIZE=2>nac.net</FONT>
<BR><FONT SIZE=2>is run by some completely incompetent MS dorks who at some point</FONT>
<BR><FONT SIZE=2>switched to</FONT>
<BR><FONT SIZE=2>freeBSD and are learning by the seat of there pants (I know because I</FONT>
<BR><FONT SIZE=2>use to</FONT>
<BR><FONT SIZE=2>be a customer DSL was great from them because they knew nothing about</FONT>
<BR><FONT SIZE=2>bandwidth management and I took a entry levle class with a senior</FONT>
<BR><FONT SIZE=2>bandwidth</FONT>
<BR><FONT SIZE=2>manager) as well I am regularly taking there customers and doing </FONT>
<BR><FONT SIZE=2>development,</FONT>
<BR><FONT SIZE=2>and hosting for them because of the downtime probs and security issues</FONT>
<BR><FONT SIZE=2>that</FONT>
<BR><FONT SIZE=2>nac.net is continually plagued with and I usually save the clients</FONT>
<BR><FONT SIZE=2>between </FONT>
<BR><FONT SIZE=2>50</FONT>
<BR><FONT SIZE=2>and 75 % of there yearly bill with better service.</FONT>
</P>
<P><FONT SIZE=2>I'm just righting this to poke the nose of nac.net.</FONT>
</P>
<P><FONT SIZE=2>Adam</FONT>
</P>
<BR>
<P><FONT SIZE=2>On Tuesday 23 December 2003 08:10 am, jan.muenther@nruns.com wrote:</FONT>
<BR><FONT SIZE=2>> > I went to <A HREF="http://64.21.80.2/~gotier/verified_by_visa.htm" TARGET="_blank">http://64.21.80.2/~gotier/verified_by_visa.htm</A>, this guy</FONT>
<BR><FONT SIZE=2>is</FONT>
<BR><FONT SIZE=2>> > using a php script to get card numbers and pins, I think that</FONT>
<BR><FONT SIZE=2>someone is</FONT>
<BR><FONT SIZE=2>> > going to have a merry christmas :)</FONT>
<BR><FONT SIZE=2>></FONT>
<BR><FONT SIZE=2>>Heh, true. Did you write the connecting ISP (nac.net) an abuse email?</FONT>
<BR><FONT SIZE=2>The</FONT>
<BR><FONT SIZE=2>>box is running quite a bunch of services, of which quite a few are</FONT>
<BR><FONT SIZE=2>plain</FONT>
<BR><FONT SIZE=2>>text ones, so I'd guess the kid has sniffed them somewhere and replaced</FONT>
<BR><FONT SIZE=2>>this poor guy's pages in his home dir...</FONT>
<BR><FONT SIZE=2>></FONT>
<BR><FONT SIZE=2>>_______________________________________________</FONT>
<BR><FONT SIZE=2>>Full-Disclosure - We believe in it.</FONT>
<BR><FONT SIZE=2>>Charter: <A HREF="http://lists.netsys.com/full-disclosure-charter.html" TARGET="_blank">http://lists.netsys.com/full-disclosure-charter.html</A></FONT>
</P>
<P><FONT SIZE=2>_______________________________________________</FONT>
<BR><FONT SIZE=2>Full-Disclosure - We believe in it.</FONT>
<BR><FONT SIZE=2>Charter: <A HREF="http://lists.netsys.com/full-disclosure-charter.html" TARGET="_blank">http://lists.netsys.com/full-disclosure-charter.html</A></FONT>
</P>
<P><FONT SIZE=2>_________________________________________________________________</FONT>
<BR><FONT SIZE=2>Get less junk mail with ninemsn Premium. Click here </FONT>
<BR><FONT SIZE=2><A HREF="http://ninemsn.com.au/premium/landing.asp" TARGET="_blank">http://ninemsn.com.au/premium/landing.asp</A></FONT>
</P>
<P><FONT SIZE=2>_______________________________________________</FONT>
<BR><FONT SIZE=2>Full-Disclosure - We believe in it.</FONT>
<BR><FONT SIZE=2>Charter: <A HREF="http://lists.netsys.com/full-disclosure-charter.html" TARGET="_blank">http://lists.netsys.com/full-disclosure-charter.html</A></FONT>
</P>
<BR>
<P><FONT SIZE=2>Note: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. ThruPoint, Inc. </FONT></P>
<BR>
</BODY>
</HTML>