Tilted Forum Project Discussion Community  

Go Back   Tilted Forum Project Discussion Community > Interests > Tilted Technology


 
 
LinkBack Thread Tools
Old 07-02-2003, 03:06 PM   #1 (permalink)
Human
 
SecretMethod70's Avatar
 
Administrator
Location: Chicago
Looks like it may be time to check TFPs security...

According to <a href="http://www.sfgate.com/cgi-bin/article.cgi?f=/news/archive/2003/07/02/financial1239EDT0109.DTL&type=tech">this article</a> July 6 should prove to be a very interesting day on the internet!

Quote:
Government, industry warn of mass hacker attacks on July 6
TED BRIDIS, AP Technology Writer
Wednesday, July 2, 2003
©2003 Associated Press

URL: http://www.sfgate.com/cgi-bin/articl....DTL&type=tech

(07-02) 11:05 PDT WASHINGTON (AP) --

The government and private technology experts warned Wednesday that hackers plan to attack thousands of Web sites Sunday in a loosely coordinated "contest" that could disrupt Internet traffic.

Organizers established a Web site, defacers-challenge.com, listing in broken English the rules for hackers who might participate. The Web site appeared to operate out of California and cautioned to "deface its crime" -- an apparent acknowledgment that vandalizing Internet pages is illegal.

The Department of Homeland Security said Wednesday it was aware of the hackers' plans but did not expect to issue any formal public warnings. The Chief Information Officers Council, part of the Office of Management and Budget, cautioned U.S. agencies and instructed experts to tighten security at federal Web sites.

"Frankly, hacker challenges occur frequently, and we don't think they all rise to the level of a warning," Homeland Security spokesman David Wray said.

Home Internet users, who typically do not operate Web sites, probably would not be affected directly, said Oliver Friedrichs, the senior manager for security response at Symantec Corp.

An early warning network for the technology industry, operating with Homeland Security, notified companies that it received "credible information" about the planned attacks and already has detected surveillance probes by hackers looking for weaknesses in corporate and government networks.

"We emphasize that all Web site administrators should ensure that their sites are not vulnerable," wrote Peter Allor of Internet Security Systems Inc., the Atlanta-based company that runs the Information Technology Information Sharing and Analysis Center.

Friedrichs, though, said Symantec's global monitoring network wasn't detecting unusual probes.

"We really haven't seen any of that activity," he said. "We're certainly going to keep watching and looking."

Separately, the New York Office of Cyber-Security and Critical Infrastructure Coordination warned Internet providers and other organizations that the goal of the hackers was to vandalize 6,000 Web sites in six hours.

New York officials urged companies to change default computer passwords, begin monitoring Web site activities more aggressively, remove unnecessary functions from server computers and apply the latest software repairs from vendors such as Microsoft Corp.

Chris Rouland, director of the X-force security team at ISS, said researchers monitoring underground chat rooms and other Internet activity detected a drop in the numbers of vandalized Web sites recently and an increase in the types of surveillance scans that typically precede computer break-ins.

"It's kind of a sand-bagging period," said Rouland, who predicted that hackers were quietly breaking into computers and waiting to vandalize them on Sunday.

The purported "prize" for participating hackers was 500-megabytes of online storage space, which made little sense to computer experts. They said hackers capable of breaking into thousands of computers could easily steal that amount of storage on corporate networks.
On the Net:

Hacker contest: www.defacers-challenge.com

©2003 Associated Press
__________________
Le temps détruit tout

"Musicians are the carriers and communicators of spirit in the most immediate sense." - Kurt Elling
SecretMethod70 is offline  
Old 07-02-2003, 04:06 PM   #2 (permalink)
Exhausted
 
Location: Northeastern US - please send help!
Swell... because I don't have enough fun finding my email through the acres of spam, now I'm gonna have a hard time hitting my favorite web sites.

Ah, technology... how you love to play with our minds.
__________________
"If you're walking on thin ice, you may as well go ahead and dance."
mrquackers is offline  
Old 07-02-2003, 05:27 PM   #3 (permalink)
Banned
 
Location: shittown, CA
fun for my birthday YAY!!
juanvaldes is offline  
Old 07-02-2003, 07:38 PM   #4 (permalink)
Psycho
 
Location: Toronto
I work in a web hosting support department...Mondays are typically bad days for us. This doesn't bode well. We even got a general warning in the company email.

I hope those linux servers we're running are patched...
__________________
perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
Xirax is offline  
Old 07-03-2003, 02:26 AM   #5 (permalink)
High Honorary Junkie
 
Location: Tri-state.
The scale sounds pretty dramatic, so we'll see what happens. But to be honest, I don't think that it'll be a huge problem. Plus, if a really popular website is defaced, it shouldn't have been vulnerable in the first place (even though I'm not trying to *blame* the website).

Imagine, though, watching the vandalism unfold from Akamai headquarters...
macmanmike6100 is offline  
Old 07-03-2003, 03:57 AM   #6 (permalink)
Tilted
 
*splutter* but ... but ...

why would the fellas wanna target tfp anyway?
whale is offline  
Old 07-03-2003, 07:14 AM   #7 (permalink)
Banned
 
Hacker competition might be corrupting sites on 6th this month

http://www.zone-h.org/en/news/read/id=2989/

US warns of hacker attacks

Ted Bridis
07/03/2003

Stop Cyberterrorism THE US government and private technology experts have warned that hackers plan to attack thousands of websites on Sunday in a loosely co-ordinated "contest" that could disrupt Internet traffic. Organisers established a website, defacers-challenge.com, which was shut down early Wednesday evening. Before it was removed, the site listed in broken English the rules for hackers who might participate. It cautioned that "deface its crime" – an apparent acknowledgment that vandalising internet pages is illegal.
The US Department of Homeland Security said that it was aware of the hackers' plans but did not expect to issue any formal public warnings. The Chief Information Officers Council, part of the Office of Management and Budget, cautioned US agencies and instructed experts to tighten security at federal websites.

"Frankly, hacker challenges occur frequently, and we don't think they all rise to the level of a warning," Homeland Security spokesman David Wray said.

Affinity Internet Inc. of Fort Lauderdale, Florida, which through a subsidiary operated the computer servers where the hacker website was located, shut down the site for violating a service agreement, Affinity spokeswoman Laura Weir said. The company declined to identify the Affinity customer who set up the Internet site, citing privacy restrictions. Records show the Web address was registered June 21.

---------------------------------

One source says the winner has to corrupt 6k sits in smallest amount of time and they estimate 20k sites will be affected and yet the agency thinks it's not a major threat. Media might be hyping about stuff cos hackers sound mediasexy topic to hysterize about. What do you think, anybody got better insight to these things?
suviko is offline  
Old 07-03-2003, 08:28 AM   #8 (permalink)
Tilted
 
Location: Ottawa, ON, Canada
Quote:
Originally posted by whale
*splutter* but ... but ...

why would the fellas wanna target tfp anyway?
Damned if I know but...

The guys/girls out there doing this are going for sheer body count (server count?) Which means that rather than targetting the biggest, most secure sites, something like yahoo for example, they will go for sites that have a fair number of regular users and might not have the biggest budget to stay on top of security stuff. Well known exploits will be attacked first.

Means that the sites that are going to be hurt the most are the cliched mom and pop e business sites and well travelled community sites that are run by people in their spare time and might not have half a dozen full time security guys. It would be funny to see MS defaced or the white house page with some funny graffiti all over it, but that's not going to happen. Instead, it'll be the guy up the street who delivers fresh baked goods out of his website to your door. Someone who does not have the technical know how to secure a server and figure out what he did wrong in setting it up. More importantly, it'll be people who might not have ghosted servers and full database backups done hourly.

Sorry about the rant, it's probably pretty obvious I hold skript k1dd13s and 1337 h@x0rs in low regard...

All that scaremongering aside though, the target is 6k sites. The number of websites out there is orders of magnitue larger. Chances of being singled out are pretty slim. From what I've seen thus far, the tfp code is pretty damned solid, which implies that the server is likely hardened as well. There are easier targets out there.
human is offline  
Old 07-03-2003, 09:11 AM   #9 (permalink)
Human
 
SecretMethod70's Avatar
 
Administrator
Location: Chicago
heh, sorry guys, I didn't mean to imply I actually thought TFP was in danger - it was a joke Sty does a great job on the server so I feel pretty secure about it.
__________________
Le temps détruit tout

"Musicians are the carriers and communicators of spirit in the most immediate sense." - Kurt Elling
SecretMethod70 is offline  
 

Tags
check, security, tfps, time


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -8. The time now is 11:08 PM.

Tilted Forum Project

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
© 2002-2012 Tilted Forum Project

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360