ShopSite Forums

I have a client who is getting numerous rogue orders - its possibly an
ex/employee trying to get at him but they are getting more and more common,
they are easy to spot as they have incorrect addresses and email addresses
but they are being authorised via NetBanx

I really need some way of tracking down this guy to an IP address or ISP or
something .. the server log files dont seem to hold any information so he
must be going right into shop site ..


Any help appreciated .

Thanks

ShopSite SC or TX?

With ShopSite SC the accesses to order.cgi should be in the webserver error log
unless logging is turned off for the directory the cgi's are in.

With TX, the same is true on the server on the ShopSite side of things (the
order buttons go through ShopSite's order.cgi before being sent to the Transact
cart). I doubt he/she would be able to create their own DO (Transact's
encrypted Digital Offer that ShopSite's order.cgi creates).

So check the time on the ShopSite order, grep the error logs for that period of
time for 'order.cgi' (and possibly for that aproximate date string) and see
what you can find. Of course if he/she were purposely malicious AND smart they
would be using an anonymizer site to place the orders through.

-Loren


Internetware wrote:

I have a client who is getting numerous rogue orders - its possibly an
ex/employee trying to get at him but they are getting more and more common,
they are easy to spot as they have incorrect addresses and email addresses
but they are being authorised via NetBanx

I really need some way of tracking down this guy to an IP address or ISP or
something .. the server log files dont seem to hold any information so he
must be going right into shop site ..

Any help appreciated .

Thanks