Pakistani techies stealing European credit card data

European law-enforcement officials have uncovered a highly-sophisticated credit-card fraud that funnels account data to Pakistan from hundreds of grocery-store card machines across Europe, the Wall Street Journal reported quoting the US intelligence officials and other people familiar with the case.

Specialists say the theft technology is the most advanced they have seen, and a person close to the British law enforcement said it affected big retailers, including a British unit of Wal-Mart Stores Inc and Tesco Ltd.

The account data have been used to make repeated bank withdrawals and Internet purchases, such as airline tickets, in several countries, including the US. Investigators haven’t pinpointed the culprits. Early estimates of the losses range of $50 million to $100 million, but the figure could grow, said the person close to the British law enforcement.

The scheme uses untraceable devices inserted into credit-card readers that were made in China. The devices selectively send account data through a wireless connection to computer servers in Lahore and constantly change the pattern of theft, so it is hard to detect, officials say.

“Pretty small but intelligent criminal organisations are pulling off transnational, multi-continent heists that only a foreign intelligence service would have been able to do a few years ago,” said Joel F Brenner, the US government’s top counter-intelligence officer. The US intelligence officials, including senior National Security Agency officials, are monitoring the case in part because of ties with Pakistan. The scheme comes on the heels of the August indictment of a fraud ring that stole more than 40 million credit-card numbers from the US companies, including TJX Cos, the parent company of the TJ Maxx.

In March, the security officials at the MasterCard Inc saw a pattern of potential fraud in northern England. Meanwhile, a security guard at a UK grocery store noticed suspicious statistics on his cell phone and alerted authorities. The Scotland Yard learned of the report and eventually connected it with the warning from the MasterCard, according to the person close to the British law enforcement. Examining the store’s credit-card readers, investigators discovered a high-tech bug tucked behind the motherboard. It was a small card containing wireless communication technology.

The bug would read an individual’s card number and the corresponding personal identification number, then package and store the data. The device would call a number in Lahore once a day to upload the data to the servers there and obtain instructions on what to steal next.

A MasterCard spokesman declined to discuss details of the case but said safeguarding the financial information was a top priority for the company. There is no obvious visual indication that a machine has been altered, but those with the bugs weigh about four ounces more. For the past several months, teams of investigators have been weighing thousands of machines across Europe with a precision scale.

So far, investigators have found hundreds of machines in five countries: Britain, Ireland, Belgium, the Netherlands and Denmark. They have turned up at European grocery chains, including Asda, which is owned by Wal-Mart; Tesco; and J Sainsbury PLC, according to the person close to the British law enforcement.

A spokeswoman for Asda said: “It’s subject to a police investigation, so we can’t comment.” A spokeswoman for the Sainsbury denied its stores were hit by the scheme. A spokeswoman for the Tesco said: “We’re aware that this was an issue for retailers.” She said the Tesco tested its devices and was confident that they were secure now.

The device can be told to copy certain types of transactions — for example, five Visa platinum cards or every tenth transaction. It can also be instructed to go dormant to evade detection. On average, only five to 10 card numbers would be phoned in to Pakistan, the person close to the British law enforcement said.

Source : News

Samba As Domain Controller on Fedora 8

This howto is a practical guide without any warranty – it doesn’t cover the theoretical backgrounds. There are many ways to set up such a system – this is the way I chose.

First we install some packages to speed up yum and prevent problems with packages.

yum install yum-fastestmirror yum-skip-broken

SELinux should be disabled. If you’re not sure if it is disabled enter:

cat /etc/selinux/config | grep SELINUX=

Disable SELinux if it is enabled:

vi /etc/selinux/config

Set

SELINUX=enforcing

to

SELINUX=disabled

Afterwards reboot the system:

reboot

yum install samba

Now because the firewall has been setup during the installation of Fedora 8 e have to open a few ports so that the clients can connect to Samba:

system-config-firewall-tui

You will get the interface in which you have to select the desired interface as for example “eth0” in “Trusted Interface” and also you need to configure the service of ‘Samba” as the ‘Trusted Services“

Now we enable the automatic startup of the needed services.

chkconfig smb on
chkconfig nmb on
chkconfig swat on

Afterwards reboot the system.

reboot

Now go to the /etc/samba/smb.conf for eiditing

i used the text editor and made the  desired changes as required . here is the sample of smb.conf which i am using for  your reference

# This is the main Samba configuration file. You should read the

# smb.conf(5) manual page in order to understand the options listed

# here. Samba has a huge number of configurable options (perhaps too

# many!) most of which are not shown in this example

#

# For a step to step guide on installing, configuring and using samba,

# read the Samba-HOWTO-Collection. This may be obtained from:

# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf

#

# Many working examples of smb.conf files can be found in the

# Samba-Guide which is generated daily and can be downloaded from:

# http://www.samba.org/samba/docs/Samba-Guide.pdf

#

# Any line which starts with a ; (semi-colon) or a # (hash)

# is a comment and is ignored. In this example we will use a #

# for commentry and a ; for parts of the config file that you

# may wish to enable

#

# NOTE: Whenever you modify this file you should run the command “testparm”

# to check that you have not made any basic syntactic errors.

#

#—————

# SELINUX NOTES:

#

# If you want to use the useradd/groupadd family of binaries please run:

# setsebool -P samba_domain_controller on

#

# If you want to share home directories via samba please run:

# setsebool -P samba_enable_home_dirs on

#

# If you create a new directory you want to share you should mark it as

# “samba-share_t” so that selinux will let you write into it.

# Make sure not to do that on system directories as they may already have

# been marked with othe SELinux labels.

#

# Use ls -ldZ /path to see which context a directory has

#

# Set labels only on directories you created!

# To set a label use the following: chcon -t samba_share_t /path

#

# If you need to share a system created directory you can use one of the

# following (read-only/read-write):

# setsebool -P samba_export_all_ro on

# or

# setsebool -P samba_export_all_rw on

#

# If you want to run scripts (preexec/root prexec/print command/…) please

# put them into the /var/lib/samba/scripts directory so that smbd will be

# allowed to run them.

# Make sure you COPY them and not MOVE them so that the right SELinux context

# is applied, to check all is ok use restorecon -R -v /var/lib/samba/scripts

#

#————–

#

#======================= Global Settings =====================================

[global]

# ———————– Netwrok Related Options ————————-

#

# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH

#

# server string is the equivalent of the NT Description field

#

# netbios name can be used to specify a server name not tied to the hostname

#

# Interfaces lets you configure Samba to use multiple interfaces

# If you have multiple network interfaces then you can list the ones

# you want to listen on (never omit localhost)

#

# Hosts Allow/Hosts Deny lets you restrict who can connect, and you can

# specifiy it as a per share option as well

#

workgroup = yourgroupname

server string = Samba Server Version %v

netbios name = yourgroupnetbiosname

interfaces = lo eth0 172.16.100.240/24

hosts allow = 127. 172.16.100.

# ————————— Logging Options —————————–

#

# Log File let you specify where to put logs and how to split them up.

#

# Max Log Size let you specify the max size log files should reach

# logs split per machine

log file = /var/log/samba/log.%m

# max 50KB per log file, then rotate

max log size = 50

# ———————– Standalone Server Options ————————

#

# Scurity can be set to user, share(deprecated) or server(deprecated)

#

# Backend to store user information in. New installations should

# use either tdbsam or ldapsam. smbpasswd is available for backwards

# compatibility. tdbsam requires no further configuration.

; security = user

; passdb backend = tdbsam

# ———————– Domain Members Options ————————

#

# Security must be set to domain or ads

#

# Use the realm option only with security = ads

# Specifies the Active Directory realm the host is part of

#

# Backend to store user information in. New installations should

# use either tdbsam or ldapsam. smbpasswd is available for backwards

# compatibility. tdbsam requires no further configuration.

#

# Use password server option only with security = server or if you can’t

# use the DNS to locate Domain Controllers

# The argument list may include:

# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]

# or to auto-locate the domain controller/s

# password server = *

; security = domain

; passdb backend = tdbsam

; realm = MY_REALM

; password server = <NT-Server-Name>

# ———————– Domain Controller Options ————————

#

# Security must be set to user for domain controllers

#

# Backend to store user information in. New installations should

# use either tdbsam or ldapsam. smbpasswd is available for backwards

# compatibility. tdbsam requires no further configuration.

#

# Domain Master specifies Samba to be the Domain Master Browser. This

# allows Samba to collate browse lists between subnets. Don’t use this

# if you already have a Windows NT domain controller doing this job

#

# Domain Logons let Samba be a domain logon server for Windows workstations.

#

# Logon Scrpit let yuou specify a script to be run at login time on the client

# You need to provide it in a share called NETLOGON

#

# Logon Path let you specify where user profiles are stored (UNC path)

#

# Various scripts can be used on a domain controller or stand-alone

# machine to add or delete corresponding unix accounts

#

security = user

passdb backend = tdbsam

domain master = yes

domain logons = yes

# the login script name depends on the machine name

; logon script = %m.bat

# the login script name depends on the unix user used

logon script = %u.bat

logon path = \\%L\Profiles\%u

# disables profiles support by specifing an empty path

logon path =

# add user script = /usr/sbin/useradd “%u” -n -g users

# add group script = /usr/sbin/groupadd “%g”

# add machine script = /usr/sbin/useradd -n -c “Workstation (%u)” -M -d /nohome -s /bin/false “%u”

# delete user script = /usr/sbin/userdel “%u”

# delete user from group script = /usr/sbin/userdel “%u” “%g”

# delete group script = /usr/sbin/groupdel “%g”

add user script = /usr/sbin/useradd -m ‘%u’ -g users -G users

add group script = /usr/sbin/groupadd %g

add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody %u

add user to group script = /usr/sbin/usernod -G %g %u

delete user script = /usr/sbin/userdel -r %u

# delete user from group script = /usr/sbin/userdel “%u” “%g”

delete group script = /usr/sbin/groupdel %g

# Password Program

template shell = /bin/bash

passwd program = /usr/bin/passwd %u

passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully*

passwd chat debug = yes

unix password sync = yes

log level = 3

# ———————– Browser Control Options —————————-

#

# set local master to no if you don’t want Samba to become a master

# browser on your network. Otherwise the normal election rules apply

#

# OS Level determines the precedence of this server in master browser

# elections. The default value should be reasonable

#

# Preferred Master causes Samba to force a local browser election on startup

# and gives it a slightly higher chance of winning the election

local master = yes

os level = 33

preferred master = yes

#—————————– Name Resolution ——————————-

# Windows Internet Name Serving Support Section:

# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both

#

# – WINS Support: Tells the NMBD component of Samba to enable it’s WINS Server

#

# – WINS Server: Tells the NMBD components of Samba to be a WINS Client

#

# – WINS Proxy: Tells Samba to answer name resolution queries on

# behalf of a non WINS capable client, for this to work there must be

# at least one WINS Server on the network. The default is NO.

#

# DNS Proxy – tells Samba whether or not to try to resolve NetBIOS names

# via DNS nslookups.

wins support = yes

; wins server = w.x.y.z

wins proxy = yes

; dns proxy = yes

# ————————— Printing Options —————————–

#

# Load Printers let you load automatically the list of printers rather

# than setting them up individually

#

# Cups Options let you pass the cups libs custom options, setting it to raw

# for example will let you use drivers on your Windows clients

#

# Printcap Name let you specify an alternative printcap file

#

# You can choose a non default printing system using the Printing option

load printers = yes

cups options = raw

; printcap name = /etc/printcap

#obtain list of printers automatically on SystemV

; printcap name = lpstat

; printing = cups

# ————————— Filesystem Options —————————

#

# The following options can be uncommented if the filesystem supports

# Extended Attributes and they are enabled (usually by the mount option

# user_xattr). Thess options will let the admin store the DOS attributes

# in an EA and make samba not mess with the permission bits.

#

# Note: these options can also be set just per share, setting them in global

# makes them the default for all shares

; map archive = no

; map hidden = no

; map read only = no

; map system = no

; store dos attributes = yes

#============================ Share Definitions ==============================

[homes]

comment = Home Directories

browseable = yes

writable = yes

valid users = %S

valid users = yourgroupname\%S

[printers]

comment = All Printers

path = /var/spool/samba

browseable = no

guest ok = no

writable = no

printable = yes

# Un-comment the following and create the netlogon directory for Domain Logons

[netlogon]

comment = Network Logon Service

path = /home/samba/netlogon

admin users = administrator

valid users = %U

read only = yes

guest ok = yes

browseable = no

writable = no

share modes = no

# Un-comment the following to provide a specific roving profile share

# the default is to use the user’s home directory

[Profiles]

comment = User Profiles

path = /home/samba/profiles

valid users = %U

create mask = 0600

security mask = 0600

directory mask = 0770

directory security mask = 0770

read only = no

browseable = no

available = yes

# A publicly accessible directory, but read only, except for people in

# the “staff” group

[public]

comment = Public Stuff

path = /backups

public = yes

writable = yes

printable = no

; write list = +staff

INFORMATION TECHNOLOGY AND SERVICE MANAGEMENT – Part 1

 This is first of the series which I am discussing on IT AND SERVICE MANAGEMENT

What is Service?

“A service is a mean of delivering values to customers by facilitating outcomes that they want to achieve without the ownership of specific costs and risks”

Now few things comes up in your mind by reading the above definition is that what does facilitating outcomes means and what are the effects and how does it relates to IT industry, what is meant by delivering values.

By facilitating outcomes I mean to say that it will enhance the performance and reduce the effect of constraints. It also increases the probability of desired outcomes. And it also affects the resources and their capabilities and also performance of the customer tasks. Now with the service there is service management comes up.

Service Management idea or rather we can say that the theme comes up with the idea of service providers. The origins of service management are in traditional forms with the businesses likes of airplanes, banks, telecommunications providers, hotels etc. so as the IT industry grows up the concept and adaption of service management grows as well and it now the most lethal part in any IT organization.  As IT organization has adapted the service- oriented approach for managing IT applications, infrastructure and processes. Business Problems and support for business models, strategies and operations are increasingly dependent upon the service management.

The service management according to me 

“A set of specialized organizational capabilities for providing value to customers in the form of services”

Now with the service management the standards come up in our minds which are being followed all around the world. ITIL service management concept is one of them. In the next following parts and in this write up I will go into the detail of ITIL service management concepts

What is ITIL?

ITIL is the abbreviation of Information Technology Infrastructure Library which gives us the framework or rather we can say that standards sort of stuffs by following it we can implement the best practices being followed in the IT industry related to service management. ITIL is basically owned by UK Government and not by any commercial proprietary solution or practice.

ITIL is basically comprises of the following characteristics

Ø  Non- Proprietary — which tells us that ITIL Service Management Best Practices are being put on i.e. applicable in any  industry which have the concerns of IT Service Management because they are not based on any particular technology platform or industry type.

 

Ø  Non Perspective — ITIL offers robust, mature and time valued and times tested best practices that have applicability to all types of service organizations. Helps the organization determine where it is today, and where it wants to be. It continues to be helpful in public as well as private organization to its  internal and external customers whether they belong to SME’s or Large Organizations or within any technical environments

 

Ø  Best Practices — ITIL Service Management practices represent the learning experiences and thoughts leaderships of the world’s best in class of service providers. The approach to an  understanding that has already been proved to be the most effective by the leading organizations and it is derived  from the practices of the most  effective and successful people in the field

 

Ø  Good Practices — By good practices means that what everybody is doing as it’s seen as complete with no gaps, and often referred to as the most appropriate  and also the fact that there is always a continual search for improvement as well know nobody is perfect so we can imply this rule in here.

 

Ø  Systematic Usage — it is the systematic usage of the Service Management practices that are responsive, consistent and measurable and this also defines the quality of the service provider in the eyes of their customer.

 

Ø  Continuously Analization — it is the provider’s ability to continuously analyze and fine tune the service provision to maintain stable, reliable yet adaptive and responsive services that allows the customer to focus on their business without the concern of IT service availability.

 

The ITIL service management practices are comprised off three main sets of practices and services

 

Ø  ITIL Service management  practices — Core Guidance

Ø  ITIL Service management practices — complementary

Ø  ITIL Web support

 

Now In my next write up I will go into the details of ITIL Service management — Core Guidance