Slashdot Mirror

← Back to Stories (view on slashdot.org)

July 6th - Website Defacement Day?

Posted by simoniker on from the season-of-mass-stupidity dept.

pabl0 writes "According to an article from SFGate.com (San Francisco Chronicle), a challenge has been posted, inviting web-site defacers to alter the content of as many web sites as possible on July 6th, with an apparent limit of 6,000 websites per contestant. Looks like this would be a good time to make sure all those web-server security patches are applied!"

5 of 483 comments (clear)

  1. What sort of prize is 500mb?? by neslon · · Score: 4, Interesting

    From the AP article:

    "The purported "prize" for participating hackers was 500-megabytes of online
    storage space, which made little sense to computer experts. They said
    hackers capable of breaking into thousands of computers could easily steal
    that amount of storage on corporate networks."

  2. Re:Won't make much of a difference? by Andorion · · Score: 4, Interesting

    "But I'm sure that some people find a way to make money (or pork) from this "announcement". *sigh*"

    That gets me wondering.... do you think this whole thing was set up by some security firm(s) to boost business?

    ~Berj

  3. Re:Costs people money? by Karhgath · · Score: 5, Interesting

    Saying that it doesn't cost money to people because it's corporations that pays the bill is pretty stupid of your part.

    First, fixing the page is probably the least important factor to consider.

    Since it's kind of a 'contest', who defaces the most websites, how much can you bet that a large % of them will be medium to small sites? Most will also be e-commerce related sites, since their security is often compromised by badly written e-commerce software.

    Now, take the normal MomAndPops.com, which sells apple pies. Client comes to the site expecting to buy apple pie and then find out that the site become a Hacker Advertisement site of some sort, or even worst, says that Apple Pie causes cancer. What will they say? "I'll come back later when the website is restored"? I don't think so. Most probably: "Shit, they stopped selling apple pie because it gives cancer!". It's sad, but a lot of people are gullible.

    So, the real problem is loss of sales because of it, and/or traffic/readership, and/or reputation or anything the website is based on. The longer the site remains defaced, the more the website loses. This is the real killer, especially for small to medium websites/e-commerce, and most of these aren't run by evil megacorporations.

    And your attitude of saying it's not that big of a deal because the corporation has enough money to fix it, or won't pay the guy in overtime, is not very wise. Sure, most of them exagerates the 'cost' of hackers and such, but it doesn't mean it isn't substancial, or that it just costs a simple fix of the website.

  4. An occasional incident can actually help... by kstumpf · · Score: 4, Interesting

    Sometimes people have to be burned before they will respect fire extinguishers.

    Our main webserver got hacked just last weekend. It was a RedHat 7.2 that was up for about 450 days straight and was kept pretty well patched. Unfortunately, some custom Apache stuff kept us held back on patching httpd. I guess it really does only takes one weak link in the chain. Once they got in, they put in a rootkit called ZK and started setting up a hidden webserver where they were trying to sell web space on MY box. ;)

    Lucky for me, I had a couple of cron jobs in place that used a hidden copy of tripwire and chkrootkit to check for intrusion and shutdown the network interfaces after they mucked around with sshd and the known hosts file. A cheap trick, but it worked.

    I'm actually glad it happened. My boss and all of upper management are finally taking security seriously, and I'm milking it for all its worth. Its basically a blank check to lock down the fort. We've eliminated 75% of static NATs, shoved things off the LAN and onto the DMZ, closed dozens of ports, sprung for RHN subscriptions, eliminated several old NT4 servers, and generally did away with all the "convenient hacks" our engineers insisted on.

  5. Ethics of drawing attention? by pabl0 · · Score: 4, Interesting
    Hi all,

    After seeing this submission published, I noticed several folks who mentioned the very good point that by posting this, I may very well be drawing the attention to the contest that would make it a "success". I essentially responded to this via a newly posted article on my site, but thought it was worth posting here as well, so that hopefully my reasoning will make more sense. (Article Follows.)

    Thanks,
    Paul Robinson
    gotclue.net

    As Slashdot was kind enough to post, the San Francisco Chronicle has an article about a hacker or group of hackers that are calling for massive website defacements as part of a warped (and highly illegal) contest, to occur entirely on July 6th. I considered not submitting the story to avoid drawing attention to it. After all, this could end up being the next "Y2K" where everyone sits around waiting for the doomsday that doesn't occur. To those who don't think I should've posted the story, I apologize -- but suggest you read the rest of this article to understand my reasoning.

    It's entirely possible that very few, if any, websites will be defacde that day. It's even possible that more may happen now that warnings are on high-traffic sites such as Slashdot; call it a self-fulfilling prophecy.

    Slashdot's reader pool contains a great many folks who own web servers or are site administrators, such as myself. Certainly there are a few black hats in the crowd, but for the most part, the audience is people in the trenches of the technology industry. I can't think of a better place to reach the people who's pagers would actually be ringing or vibrating on Sunday if/when defacements occur.

    Also, the story had already been picked up by mass media, such as the S.F. Chronicle. Since it was already being published to the general population, I feel that more good than harm would come from highlighting the issue in the technical community.

    My apologies to the others who rely on web/e-mail services from gotclue.net, as I've probably made this server a more likely target by drawing attention to the issue. I'll be reviewing patches and packages over the next few days and making some fresh backups, just in case. If I can have my cell phone ring on Sunday but, by doing so, keep a thousand other cell-phones from ringing for the same reason, so be it.