|
|
(7 intermediate revisions by 4 users not shown) |
Line 1: |
Line 1: |
− | [http://lifokdron.0lx.net/1046.html ecs 320 laptop video controllers] [http://ettaelt.strefa.pl/news-662.html kurt carr music video] [http://varpasz.is-the-boss.com/article757.htm judy garland pirate] [http://spfortne.qsh.eu/sitemap.html index] [http://zelfibu.strefa.pl/alcafuca-196.html ny videoblog]
| |
− | [http://dronoubr.0lx.net/new-service-videography.html new service videography york] [http://fademon.0lx.net/article-619.htm alison angel forum video] [http://vihencbr.0lx.net/sitemap.html url] [http://huruple.qsh.eu/20081225-my-cousin-vinny.htm my cousin vinny movie] [http://tulilre.strefa.pl/2008-12-27-im-ready-for-my.html im ready for my closeup mr. demille movie]
| |
− | [http://spfortne.qsh.eu/20081224-msi-nvidia-geforce.html msi nvidia geforce 6800 gt video card] [http://zelzelqa.is-the-boss.com/news-quickbooks-password-2008-12-27.html quickbooks password cracker] [http://sematild.qsh.eu/resource1054.htm ovation audio video specialists] [http://tarobasal.strefa.pl/article662.htm monica bedi movies] [http://sematild.qsh.eu/resource276.htm adult video store austin]
| |
− | [http://licawol.strefa.pl/resource1481.htm a goofy movie original soundtrack the] [http://dronoubr.0lx.net/syndrome-tourettes.html syndrome tourettes video] [http://chifire.strefa.pl/news-1430.html michelle yeoh in kung fu movies] [http://zelzelqa.is-the-boss.com/news-insurance-prelicensing-2009-01-01.html insurance prelicensing] [http://caraines.qsh.eu/sitemap.htm page]
| |
− | [http://roladarh.strefa.pl/news-1065.html avril lavinges new video] [http://caraines.qsh.eu/sitmone.htm p5s vm video driver] [http://fispruil.qsh.eu/news1547.html amateur dvd people real video] [http://fispruil.qsh.eu/news170.html new rochelle movie times] [http://betheres.qsh.eu/comment-330.htm free asian shemale movie]
| |
− | [http://caraines.qsh.eu/caquaca.htm movie props auction] [http://dronoubr.0lx.net/extreme-mature-movies.html extreme mature movie thumb] [http://chifire.strefa.pl/news-1175.html music video forum] [http://flheddin.qsh.eu/loinacfua-1349.html jennifer lopez nude in the movie u-turn] [http://zelfibu.strefa.pl/darxen-581.html mario video poker]
| |
− | [http://brc4tdro.is-the-boss.com/page780.html regsupremepro crack] [http://golxando.0lx.net/1069468686.html page 3 movie songs downloads] [http://ettaelt.strefa.pl/sitemap.html link] [http://varpasz.is-the-boss.com/article208.htm new york state dental hygiene licensing] [http://caraines.qsh.eu/ellocoen.htm movies mississauga]
| |
− | [http://golxando.0lx.net/1007376006.html jane fonda movie of god] [http://tulilre.strefa.pl/sitemap.html http] [http://brc4tdro.is-the-boss.com/page647.html licensed land surveyors houston] [http://cnavieltz.strefa.pl/comment-1128.htm snow falling on cedars movie] [http://indronrol.is-the-boss.com/trtrroa.html application county fountain in license marriage]
| |
− | [http://cnavieltz.strefa.pl/comment-359.htm naked model video] [http://vihencbr.0lx.net/nashville-wedding.html nashville wedding videographers] [http://sedplxca.is-the-boss.com/license-plates-2008-12-27.htm license plates to replace orig] [http://vihencbr.0lx.net/recent-movies.html recent movies out on video] [http://zelfibu.strefa.pl/plbugneb-945.html salsa rueda video]
| |
− | [http://releltl.0lx.net/20081118-add-myspace.html add myspace personal video] [http://zelzelqa.is-the-boss.com/news-river-past-cracks-2008-12-24.html river past cracks] [http://chifire.strefa.pl/news-1021.html lucy lawless video clips] [http://sematild.qsh.eu/resource1819.htm no good deeds movie] [http://spfortne.qsh.eu/20081226-poldark-video.html poldark video]
| |
− | [http://zelfibu.strefa.pl/reloeltr-729.html movie spencer tracy] [http://vihencbr.0lx.net/mutiny-movie.html mutiny movie] [http://fademon.0lx.net/article-1464.htm logged movie] [http://cnavieltz.strefa.pl/sitemap.htm page] [http://spfortne.qsh.eu/20090101-music-video-codes.html music video codes galore]
| |
− | [http://licawol.strefa.pl/resource14.htm eragon movie cast] [http://brc4tdro.is-the-boss.com/page997.html easyrecovery professional 6.04 serial] [http://caraines.qsh.eu/delcai.htm movie review scoop] [http://caraines.qsh.eu/trreza.htm movies review christian] [http://releltl.0lx.net/20081121-internet-video.html internet plugin security software video]
| |
− | [http://cnavieltz.strefa.pl/comment-730.htm spiderman 1 movie pics] [http://roladarh.strefa.pl/news-961.html erotica movie vintage] [http://qasletop.is-the-boss.com/bocgolse.html lottery serial software] [http://zelzelqa.is-the-boss.com/news-elvis-presley-license-2008-12-25.html elvis presley license plate holders] [http://releltl.0lx.net/20081111-melee-videos.html melee videos]
| |
− | ricdomri
| |
− | libasacel
| |
| == Setup == | | == Setup == |
| | | |
Latest revision as of 16:07, 25 July 2009
Setup
Q. Hey I can't use this, the credit cards are stored in plain text! What if I get hacked!?!
First off, if you are a small ISP and you follow Ivan's direction, you're pretty safe. You're keeping your DB behind the firewall and not using default passwords, etc. Right? Nothing is fool-proof however and putting layers of difficulty between your customer information and a hacker, disgruntled employee, etc. is generally a good idea. Note however that no matter how good the encryption is, you still need to secure your boxes and protect your data. A persistent hacker will be able to decrypt given enough time on your system. All good security policies apply here. If in doubt, find someone who can help you to secure your systems.
I've heard people in IRC and on the mailing list lament that Freeside doesn't encrypt the credit cards. It turns out that the functionality is there, but the guy who wrote it didn't document it outside of the perldoc. Since I'm that guy, and this seems to be the best place to do it, here goes.
The following steps are for Crypt::OpenSSL::RSA - Although there are hooks for other encryption engines, I'm using OpenSSL. I would also set up a 'dev' system to try this out on! There is nothing worse than encrypting credit cards and not having the correct key to decrypt them.
To Set Up Encrypted Credit Cards:
- Make sure that you're running a version of freeside the supports it. (_ivan - When did this go mainstream?)
- Make sure that Crypt::OpenSSL::RSA is compiled and working.
- Verify Schema Changes
- freeside-upgrade doesn't appear to modify columns based on only changing the size
- payinfo fields used to be varchar(80), need to be 512
- If you don't modify this, you'll get DB errors when you try to insert payments, or card information
- Generate the public and private keys. Here's the script - I'll add it to cvs...
- NOTE: Create a new file named something like keygen.pl and add the following into the file:
#!/usr/bin/perl
use Crypt::OpenSSL::RSA;
$length = 2048;
$rsa = Crypt::OpenSSL::RSA->generate_key($length);
print "Public:\n". $rsa->get_public_key_string();
print "Private:\n". $rsa->get_private_key_string();
- Once the file is created run it
- "root@freeside# perl keygen.pl" and you should get your public and private keys as the output.
- Open the freeside config screen (configuration->settings) and edit your configuration.
- Set the module to Crypt::OpenSSL::RSA
- Set encryption to on (check it)
- Set the public and private keys
- Save and restart the web server.
The next credit card you insert will be encrypted. Old data will remain decrypted until the credit card is updated. Yes that is broken, and yes I will fix it, and no I don't know when, but it will be soon - because you're not the only one with this problem.
Good luck!
- Huntsberg
Limitations
The following items don't yet work on a "front-end" machine without the private key. Eventually we could queue a job for these to be processed by a "back-end" machine.
- "Bill now" can't run card/echeck collections
- No "Process payment" link on customer view