CRIME AOL Backdoor?

From: Jeffrey_Korte/Security/FCNB/Spgla@private
Date: Mon Jun 24 2002 - 12:30:40 PDT

  • Next message: George Heuston: "CRIME BrickServer"

    Information Classification: Public.
    
    I  have  recently  come across a scenario that I've not been able to find a
    satisfactory answer to and I hope someone can assist me.
    
    Due  to  security/virus  concerns,  several  months  ago I killed access to
    Internet  based E-mail services at our Bank. (Yahoo, MSN, AOL, etc.)  After
    monitoring several Internet usage reports, I found traffic in the thousands
    to:  http://ar.atwola.com.   Once  you visit the sight it immediately takes
    you  to  the  "AOL  Anywhere"  portal.   I have also found numerous hits to
    http://toolbar.aol.com.
    
    Can  anyone  in the group confirm for me whether or not a backdoor into AOL
    exists  allowing  a  user  to  by-pass  Firewall  restrictions  in order to
    retrieve their E-mails?
    
    Regards,
    
    Jeffrey B. Korte,
    Corporate Security Manager
    First Consumers National Bank
    Voice: 503.520.8398
    
    The  information  contained  in this E-mail message and its attachments, if
    any,  may  be privileged, confidential and protected from disclosure.  This
    information  is  the property of First Consumers National Bank.  If you are
    not the intended recipient, any disclosure, copying, distribution, reading,
    or  the  taking  of  any  action  in  reliance  on  or  in response to this
    information  (except  as specifically permitted in this notice) is strictly
    prohibited.  If you have received this transmission and you are not a named
    recipient  or a person authorized to receive email and email attachments on
    behalf  of a named recipient, or if you think you have received this E-mail
    message in error, please E-mail the sender at jeffrey_korte@private
    



    This archive was generated by hypermail 2b30 : Mon Jun 24 2002 - 13:39:01 PDT