Potential Security Vulnerability With Supp Site

[crowbar46]

There is a supplement site which has been discussed here (and which I can't mention as per rules) that still carries a selection of DS.

I mentioned that after using the site my debit card began getting strange charges on it. Anyway, the bank has replaced the money.

I have found a potential explanation and security vulnerability: the site's server runs Microsoft's IIS/6.0. This has a number of recognized security flaws.

So...I would ONLY place orders over the phone.


Crowbar

 

[ward0351]

You didn't have to get a new card issued? I was a victim of online identity theft, and had to create whole new accounts. Huge pain in the ass.
Good looking out

 

[crowbar46]

Sure, I got a new card, new password.

Go to www.grc.com and download the "ID Serve" applette. It allows you to put in a website's URL (e.g., www.nutaplanet.com) and it will querry the server and return info concerning the software used by that server--VERY COOL!!!

At any rate very few commercial web sites run Microsoft's IIS/6.0. If you see one that does, my recommendation is to not transmit info over the internet to their server--call in your order.

P.S. Neither Nutataplanet nor Primordial Performance use the Microsoft software.


Crowbar

 

[ward0351]

Thats an awesome tool, I put it on my desktop. I did a few searches, and I found the supp supplier I'm sure you were talking about. So far they're the only one I've found that I've used before.

 

[Knowbull]

Crowbar, you got PM

 

[De Santo]

Thanks...I checked out the site I regularly use and it was run by Apache. I did find the place you must have used...thank god I never buy anything from them.