Quote:
Originally posted by whale
*splutter* but ... but ...
why would the fellas wanna target tfp anyway?
|
Damned if I know but...
The guys/girls out there doing this are going for sheer body count (server count?) Which means that rather than targetting the biggest, most secure sites, something like yahoo for example, they will go for sites that have a fair number of regular users and might not have the biggest budget to stay on top of security stuff. Well known exploits will be attacked first.
Means that the sites that are going to be hurt the most are the cliched mom and pop e business sites and well travelled community sites that are run by people in their spare time and might not have half a dozen full time security guys. It would be funny to see MS defaced or the white house page with some funny graffiti all over it, but that's not going to happen. Instead, it'll be the guy up the street who delivers fresh baked goods out of his website to your door. Someone who does not have the technical know how to secure a server and figure out what he did wrong in setting it up. More importantly, it'll be people who might not have ghosted servers and full database backups done hourly.
Sorry about the rant, it's probably pretty obvious I hold skript k1dd13s and 1337 h@x0rs in low regard...
All that scaremongering aside though, the target is 6k sites. The number of websites out there is orders of magnitue larger. Chances of being singled out are pretty slim. From what I've seen thus far, the tfp code is pretty damned solid, which implies that the server is likely hardened as well. There are easier targets out there.