Domain: nswtransportblueprint.com.au
Stories and comments across the archive that link to nswtransportblueprint.com.au.
Comments · 7
-
Re:Library analogy
If they were slightly technical they might have done:
wget -m http://nswtransportblueprint.com.au/
but that would be *more* typing...
Not to mention prima facie evidence of their guiltiness due to having using
super-sekrit linux haxxor codes to penetrate the firewall and abscond with stolen datas. -
Re:EntropyRTFA.
They were given this url http://nswtransportblueprint.com.au/
They went there.
They hit Print
They followed the pretty linkies
They hit Print some more
They wrote a story about it.
No password dialog. No secret subdomain. No secret subdirectory. No login required. No user session or password. No
.hosts entry. How is that "hacking"?There was no guesswork involved, so there was zero bits of entropy in this example, unless they were drunk at the time and had to retype it, in which case it's their own entropy pool, not the servers'
/dev/urandom, that is being probed. -
Re:Library analogy
No, the url was "published" in the legal sense - they were given it by someone.
No hacking involved.
They weren't the only ones to whom the url was "published", since several others also were grabbing the files at the same time. And the way they grabbed the files? Clicked on the menu and followed the links, then "Print".
The url in question? http://nswtransportblueprint.com.au/
No secret directories, no login required, no hidden subdomain, no
.hosts file to exclude them, nothing. It was supposed to be a public website - it just went "public" a week early. -
Re:Lock, what lock?
I RTFA, it was the first try. They were tipped off, entered this address: http://nswtransportblueprint.com.au/ there was no login or any other user verification, so they then clicked on all the links, downloading each page as it was served to them.
In other words, (again I RTFA) the site was supposed to go public a few days later - they just got there early and scooped everyone else, being the evil ink-stained wretches that they are
:-) -
Re:Was it...It was : http://nswtransportblueprint.com.au/project
And it's not open any more - nswtransportblueprint.com.au is now completely off-line.
So they went from Security through Obscurity to Streisand Effect to Slashdot Effect
... but now that their server has melted, at least nobody can "hack" it, so I guess they're happy campers. -
Re:Library analogy
Nothing like that at all.
They were told the url by someone.
They entered it into their browser and got a everyday normal web page.
They clicked on the menu items and printed out the pages.
No guessing involved. No typing (other than the initial url) involved.
The 3727 is probably the number of request logs on the web server from them, counting all the images/css/js/etc files to make it look larger.
If they were slightly technical they might have done:
wget -m http://nswtransportblueprint.com.au/
but that would be *more* typing...
-
Re:Two Robots in Front of a JudgeJust imagine how many "hits" they will be getting now they are on slashdot!They do seem to have removed their DNS records. Interestingly the domain belongs to
Domain Name: nswtransportblueprint.com.au
Registrant: BANG THE TABLE PTY LIMITED
Registrant Contact ID: R-000428733-SN
Registrant Contact Name: Karthik Reddy
Registrant Contact Email: Visit whois.ausregistry.com.au for Web based WhoIs
Name Server: ns10.dnsmadeeasy.com
Name Server: ns11.dnsmadeeasy.com