4WebHelp
 FAQ  •  Search  •  User Groups  •  Forum Admins  •  Smilies List  •  Statistics  •  Rules   •  Login   •  Register
Toggle Navigation Menu

 [Competition] Web Defacement Challenge
Post New TopicReply to Topic
View Previous Topic Print this topic View Next Topic
Author Message
Justin
4WebHelp Addict
4WebHelp Addict


Joined: 07 Jan 2002
Posts: 1060

PostPosted: Thu Jul 03, 2003 3:46 pm (14 years, 5 months ago) Reply with QuoteBack to Top

A defacement challenge scheduled for Sunday is likely to target Web hosting companies rather than individual Web sites.

Defacement archive site Zone-H reasons that crackers will target Web sites they have already rooted because of the limited time set aside for the challenge.

The 'rules' of the challenge state that there will not be any difference when counting a single defacement (single IP) or a mass-defacement (many domain names on the same IP), so Zone-H reasons, hosting firms will be the main target.

"Given time frame will be only six hours, what is mostly going to happen is that a lot of Web hosting companies will be hit, instead than single servers belonging to different companies," Zone-H reports.

Due to the sharp decrease of the defacement over the last few days, Zone-H reasons crackers rooting possible targets without defacing them, so to be ready with a lot of ready-to-be-defaced targets to be used on the contest day. The defacement competition challenges crackers to deface as many as 6,000 sites in the shortest time possible to win the contest.

Point values are based on the operating systems hacked and defaced. HP-UX, Apple, and IBM-AIX are worth more points due to their limited use as Web-hosting platforms, and because they are targeted less often than Microsoft and Linux-based systems.

Zone-H is forecasting anywhere from 20,000 attacks might arise from the challenge. However it is downplaying fears that mass disruption of Internet services due to the attacks.

"A mass-defacement (even of several thousands domain names) is usually conducted opening a single connection to the attacked server," it reasons.

Defacement attacks occur all the time, not only during a mass hacking contest. But in the run up to the latest hacking spree there's all the more reason to shore up security defences.

Zone-H recommends the following general security precautions to sysadmins:
Download and apply all security patches

Shut down all the unnecessary modules on a Web server

Close all the unnecessary ports
It's also a wise precaution to check for the presence of any backdoor/rootkit on systems. Tell tale signs include: freshly added unknown users, suspicious connections on open port and suspicious shell program. Spotting these kinds of problems is where vulnerability scanners come in useful.

Finally, in the know thy enemy category, Zone-H, reminds sysadmins of the most common vulnerabilities targeted by defacers. These include flaws in the following packages/services: OpenSSL, Samba, Webdav, Frontpage extension misconfiguration, AIX ftpd, Solaris telnetd, Sendmail, Wuftpd, Proftpd, PHPnuke (not for mass defacement but still an ever present risk), OmniBack II and Cpanel.

Let's be careful out there.
OfflineView User's ProfileFind all posts by JustinSend Personal MessageSend email
Daniel
Team Member



Joined: 06 Jan 2002
Posts: 2564

PostPosted: Thu Jul 03, 2003 4:18 pm (14 years, 5 months ago) Reply with QuoteBack to Top

Justin, please link to the article instead of posting it here, for copyright reasons Wink

________________________________
Image
OfflineView User's ProfileFind all posts by DanielSend Personal Message
adam
Forum Moderator & Developer



Joined: 26 Jul 2002
Posts: 704
Location: UK

PostPosted: Thu Jul 03, 2003 9:12 pm (14 years, 5 months ago) Reply with QuoteBack to Top

ok...I have a feeling I'll be camped out on Sunday keeping a very close eye on Valcato's severs Smile

infact, I think I'll go through them all in the next few days looking for security problems - any tips on what to look for? (besides what the article mentioned Smile)

________________________________
It's turtles all the way down...
OfflineView User's ProfileFind all posts by adamSend Personal MessageVisit Poster's Website
Iyonix
WebHelper
WebHelper


Joined: 12 Nov 2002
Posts: 82
Location: Yarm, England

PostPosted: Sat Jul 05, 2003 1:25 pm (14 years, 5 months ago) Reply with QuoteBack to Top

It might be an idea to backup sites today...

________________________________
Iyonix
OfflineView User's ProfileFind all posts by IyonixSend Personal Message
jayant
Team Member



Joined: 07 Jan 2002
Posts: 262
Location: New Delhi, India

PostPosted: Mon Jul 07, 2003 3:48 am (14 years, 5 months ago) Reply with QuoteBack to Top

Daniel "I will be away this weekend (July 5-7) and ..."
was it anything related to this Wink

how many rooted Laughing

________________________________
Jayant Kumar
Member of the 4WebHelp Team
Nibble Guru - Computing Queries Demystified
GZip/ Page Compression Test
OfflineView User's ProfileFind all posts by jayantSend Personal MessageVisit Poster's WebsiteYahoo MessengerMSN Messenger
adam
Forum Moderator & Developer



Joined: 26 Jul 2002
Posts: 704
Location: UK

PostPosted: Mon Jul 07, 2003 10:10 am (14 years, 5 months ago) Reply with QuoteBack to Top

lol I'm proud to say that it doesn't look like any of Valcato's servers got hit Smile one of them was down most of the day, but that was not hacker-related Very Happy

________________________________
It's turtles all the way down...
OfflineView User's ProfileFind all posts by adamSend Personal MessageVisit Poster's Website
Daniel
Team Member



Joined: 06 Jan 2002
Posts: 2564

PostPosted: Tue Jul 08, 2003 8:42 am (14 years, 5 months ago) Reply with QuoteBack to Top

No Jayant, it wasn't me; I didn't even have access to the net during that time Sad. Wink

________________________________
Image
OfflineView User's ProfileFind all posts by DanielSend Personal Message
norm
Junior WebHelper
Junior WebHelper


Joined: 17 Feb 2003
Posts: 20
Location: Oxford, U.K.

PostPosted: Tue Jul 08, 2003 10:17 am (14 years, 5 months ago) Reply with QuoteBack to Top

Hi Guys,

It seems as though the entire contest was a hoax. Check out the following for more info...

http://www.theregister.co.uk/content/55/31591.html

Cheers,

Norm Laughing
OfflineView User's ProfileFind all posts by normSend Personal MessageVisit Poster's WebsiteMSN MessengerICQ Number
jayant
Team Member



Joined: 07 Jan 2002
Posts: 262
Location: New Delhi, India

PostPosted: Tue Jul 08, 2003 11:34 am (14 years, 5 months ago) Reply with QuoteBack to Top

Thanks Daniel. I got my answer. I could read between the words:-
http://www.exploratorium.edu/ronh/secret/secret.html
Wink

________________________________
Jayant Kumar
Member of the 4WebHelp Team
Nibble Guru - Computing Queries Demystified
GZip/ Page Compression Test
OfflineView User's ProfileFind all posts by jayantSend Personal MessageVisit Poster's WebsiteYahoo MessengerMSN Messenger
Display posts from previous:      
Post New TopicReply to Topic
View Previous Topic Print this topic View Next Topic


 Jump to:   




You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot edit your posts in this forum.
You cannot delete your posts in this forum.
You cannot vote in polls in this forum.


Page generation time: 0.053858 seconds :: 17 queries executed :: All Times are GMT
Powered by phpBB 2.0 © 2001, 2002 phpBB Group :: Based on an FI Theme