My main point is that the security holes at NetSol is akin to a block of Swiss Cheese. And in most cases the security breaches and Malware placed on their system go unnoticed for long periods of time.
Give me a break! - I too worked for Network Solutions as Level II support - I know all about the bullshit story lines in order to save face. iframe exploits throughout the customers sites, issues not followed through on, the denial of New Ventures having -any- affiliation with NetSol. The ease of gaining access.
In fact while I worked there, several Tech's uploaded basic http shell emulators onto their sites and all had root level access within minutes.
Your infrastructure was and still is seriously flawed and appears that it always will be - I know first hand!
I'll file this under TasteButDontSwallow
I know for a fact that they do store credit cards - regardless of what they may or may not claim.
One billing application that allow you to search ALL historical purchases, what, when, card #, address, services etc...
The second for more recent purchases.
Primarily we used a single application - and that application gave you access to the entire database which included minor and major information, such as Name, Address, phone#, email, Your Challenge Question, the HINT tot eh challenge question, CC number, billing cycle and history, DNS, smtp, database passwords (if you host with NetSol), all email users and their passwords under that domain, ftp passwords, website passwords for the GUI designer and much much more!
If you have a domain with them that has other email address setup through the NetSol site, simply login and look at those accounts. Each of those users can change the oringial password you set for them once they log into their online mail. But you will always see the passwords as ****, but don't fret if you forgot one (or they changed it) and want to log into the email account of that user, pull up the source code - they are all in plain text (as of 1 year ago anyway).
They have certain "servers" that handle routing and other processes that are no more than a laptop - that's right, not a server - a laptop.
Oh and your cost of thousands of dollars to buy back your domain name - here is a little bit of info. Many users were irate about New Ventures grabbing doamins faster than anyone else when they expired, sometimes before it was to be released (grace period for renewal after it expired). All employees were told to let the customers know that we were not, nor were we affiliated with New Ventures. A month later at a financial meeting, it was announced that we've been making leaps and bounds in revenues and recently sold a domain name for nearly a million dollars!. A few of us started looking into this as NetSol is a registar supposedly with a set fee for domains. As it turns out New Ventures is in fact a part of NetSol - They're scamming everyone.
When I began working for NetSol, I was happy as a lark - until I got settled in and started digging into the processes, support and resolution chain and blatant lies were were telling people, I was so disappointed. I left not being able to stand the lies anymore. We'd tell people that their issue would have a resolution in 3 days, but they'd never hear from anyone. And in fact when someone would ask for someone higher up the chain of command, (ie: supervisor, etc) the supervisors would tell us to tell them they can't be transferred, get the number and the supervisor will call them in 5-10 minutes... would they be home? Issue is that they would never get a call back... only to call in again and be transferred to level II support once more and talk to yourself again, or a fellow Level II support person near you. We would all talk and discuss the deflection process. At that time their website were also riddled with iframe exploits, constantly being hacked and defaced for over a year and a half.
Unless anyone here actually works for NetSol - no one really knows what I know for a fact that goes on there. Given there history with customers and such, They've probably know about this for a long time.
"The eleventh commandment was `Thou Shalt Compute' or `Thou Shalt Not Compute' -- I forget which." -- Epigrams in Programming, ACM SIGPLAN Sept. 1982