Slashdot Mirror
Web Site Attacks Are On The Rise
Nicholas Roussos writes "According to recent numbers from 2004, website attacks are on the rise, and many of them are being performed by mischevious school kids. Some of their favorite targets include U.S. government and military websites."
I couldn't help but notice that almost every site with a link in a slashdot article gets virtually nuked!
there must be a connection, but what?
A feeling of having made the same mistake before: Deja Foobar
According to recent numbers from 2004, ...
According to recent numbers from 2003,
According to recent numbers from 2002,
According to recent numbers from 2001,
According to recent numbers from 2000,
Website attacks are on the rise.
I bet we see this in 2005 as well.
What would really be news if we saw website attacks decline.
It could be worse, it could be Monday.
Hello, I am a mischievous school kid.
I have certainly seen the number of attacks rising on our academic computing resources as well as my blog. Tracking IPs leads to lots of cable modems from Comcast and such which could be zombies, but given the lack of sophistication from those IPs, I have to wonder. Most of the attacks from these cable modem IPs are scripts directed at Windows vulnerabilities and buffer overflow attacks, but a few coming from Taiwan and Korea as well as some in the Balkans are fairly sophisticated that sometimes appear to come via compromised computers from other universities for example. Depending upon how sophisticated they are, I have reported some of them to Federal authorities who have the resources to subpoena logs and go after folks intruding into Federal resources. Interestingly others have also recently reported intrusions followed by blackmail which are likely not the domain of script kiddies. Certainly, comedy aside, one wonders if many of these kids have any idea of what they could actually be dealing with. Back in 1982 (we were 12), all that happened to us after hacking into government computers was my friend Lance getting his Apple ][+ confiscated followed by a job offer 9 years later from the same folks who confiscated his computer back in 1982. Now however, hacking into even an educational system could net you serious Federal penalties depending upon the system one hacks into. One admin friend of mine at a certain government lab is absolutely militant about this stuff. It has become her all consuming hobby to track these folks down and allocate whatever government resources she can muster to prosecute intruders into her systems. Woe be unto those that intrude into one of Melissa's systems.
Visit Jonesblog and say hello.
... they're attacking slashdot too and posting dupes!
Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
.. and I would have gotten away with it too if it wasn't for you meddling kids!!!!
We have an, unpublicised tech support website for our company use only. On looking at the weblogs, it looks like 80-90% of all traffic is attempted hacks. We even went as far as contacting the ISP of one particularly keen individual, they, of course, weren't in the slightest bit interested.
Just because your paranoid doesn't really mean they aren't out to get you
"For the average person it sounds complicated but if you know what you are doing it's really quite easy," he said.
Couldn't that statement be applied to any subject?
I think that comment is a little misleading...How many 15-16yr olds do you know with a policatal opinion like being called schoolboys?
Some would say that most news outside of the main NYT and others is generated by PR firms providiing "information" to reporters in the hopes of getting an article published. I would argue that the interesting thing about this "article" is not that the non-news it contains:
* website attacks are most commonly peformed by schoolboys
* attacks are on the rise
* attacks are commonly politically motivated
This "news" isn't new. Thus, who asked for the article or provided the info in it? Symantec, pushing antivirus software? Cisco, trying to induce worry about security in general and sell their more 'secure' routers? IBM, EDS, Siemens, or someone else, selling E-Commerce security software?
Being a critical reader is not just asking, "is this story true". Nowadays, it's asking, "Why was this story published?"
-- Kevin
Unitarian Church: Freethinkers Congregate!
What I find interesting is that the U.S. Government is constantly at battle with hordes of "mischievious school kids," and actually has a big PROBLEM with it.
Explain to me, again, how school children can pose a serious threat to the United States government, and we still have the balls to declare war on a country in the middle east?
"Web Site Attacks Are On The Rise"
Tsssss... What is the world coming to when people get attacked by web sites. I still remember when we could co to sleep and leave the computer unlocked.
AIC - 166 defacements - 21.28%
GForce Pakistan - 116 defacements - 14.87%
Silver Lords - 101 defacements - 12.95%
WFD - 59 defacements - 7.56%
ISOTK - 17 defacements - 2.18%
fuvoo: watch something
There's just more targets.
A computer makes it possible to do, in half an hour, tasks which were completely unnecessary to do before.
I thought they were just w4r-h4rd3n3d AOL script kiddies!
Both articles from the summary indicate that the attacks on the the U.S. govt and military computers were just that, attacks. Anyone have any info on whether these were successful attacks or not? The Zone-H website is running a little slow to figure it out.
As the owner of a web hosting company for several years now (and one that stays away from Windows as much as possible), we've noticed a dramatic spike in attempted attacks on our servers in the past 12 months. If you put an unprotected /tmp directory (i.e. one that allows executable files) in a server that's connected directly to the Internet, you're asking for trouble. We've seen these boxes sending out spam or DOS'ing other servers (mostly targeting IRC servers) in a matter of hours from when we put them online. The hackers find some exploit like an old version of phpBB, insecure PHP code, etc. It's really not that hard; if you have several sites on a server, chances are that one of them has something vulnerable in a web-accessible directory. It's gotten so bad that we've devoted part of our standard CentOS install to locking down the /tmp directory so no files can be executed (and explaining this change to our customers.)
/tmp to get around the noexec mount option. The hack works like this:
/tmp.
/tmp! (Argh.) So we simply educate them and tell them how to lock the servers down themselves, and why putting any scripts in /tmp is a Bad Idea.
Worse yet, the hacks have now turned to running perl or php from the command line on things in
1) Find exploitable site. (Again, with the number of insecurities in commonly-used programs like phpBB, or god forbid, the *Nuke series, this isn't hard.)
2) Upload perl script to
3) Run "perl [script name]" repeatedly to accomplish your goal.
We've again locked down our servers to prevent this, but unfortunately, we can't make this part of our default install because our customers like to run perl and php from
It's not just us, either... go to any forum where webmasters or hosting company owners congregate and you'll see this is one of the most common problems out there. Linux is no longer more secure as a web server... not when you factor in most of the PHP programs out there that people love, at least.
Simpli - Your source for San Jose dedicated servers and colocation!
Use of "electronic mail" has increased.
-Randy
Website attacks are definitely on the rise. Last week, police arrested askjeeves.com for suspicion in a string of armed robberies.
Where does the school board find them and why do they keep sending them to ME?
How did they come to the conclusion that many of these attacks are by kids? Just that the hacks spike when school is out? The article really didn't go into much detail.
Nowadays, if you don't protect your website from being hacked, you might as well expect it to be hacked. Maybe they should try hacking Argus systems Pitbull LX and win(?) money.
He who knows best knows how little he knows. - Thomas Jefferson
I don't think it's just web site stuff.
I think it's attacks period.
LogWatch is constantly telling me that people are trying to break into my servers via sshd or via ftpd.
The really sorry part is that since most of them take place from outside the US, I dont even bother to report it, since the ISPs wont do anything about it.
Indeed, some good fodder for movies back then, but a slap on the wrist. What behavioural change might one expect if some existing statutes were pulled into effect, such as child endangerment, contributing to the deliquency of a minor, etc, where parents don't keep up with what their kids have been doing on the computer?
Seems entirely reasonable that at some point someone will drag the kid away from the parents/home to be placed in some child welfare state. Legal experts opinions welcome.
A feeling of having made the same mistake before: Deja Foobar
By empty-headed schoolkids bent on mischief. These attacks are called "comments".
400,000 attacks per year world-wide is a SERIOUS under-estimate.
Over the last couple years, I've noticed a large number of web projects being run & maintained by people who don't understand computer security or system administration [1].
:)
Concepts like 'rotate the log files or your disk will fill up & crash the site' or "Don't use FTP-- the passwords are sent over the Public Internet in cleartext" are beyond many of these website maintainers. Even many programmers who are great at project design, Object Oriented development, layout, etc. still miss these major issues.
It's no suprise that website attacks are on the rise-- the projects are being run by people who know enough to be dangerous, but don't know enough to run the project well.
[1] or good design, or simplified design, but that's another topic
94% of Repubs and 21% of Dems voted to renew the Patriot Act
"A lot of 15- and 16-year-old guys are smart enough to have strong political opinions,"
Agreed, VERY strong political opinions!... just usually not their own.
"Well, my teacher says Kerry is great because he likes *insert rapper here*", or "OMFG, EATING ANIMALS IS MEAN".
Most of their political opinions don't mean a thing. Not to say all kids are like this, of course.
"A lot of 15- and 16-year-old guys are smart enough to have strong political opinions," Roberto Preatoni, Zone-H founder, told Reuters on Monday.
Since when did intelligence become a prerequisite for having strong political opinions?
The Adventures of Jonathan Gullible: A Free Market Odyssey
web sites should be caged or leashed at all times, and large, aggressive breeds of web site should require a license. Also, teach your children never to tease web sites.
The evaluation of an action as 'practical' . . . depends on what it is that one wishes to practice.
I assume you mean to complain the stats weren't published in January I guess. Your comment is modded funny, and this may have been your goal. If not, just who do you think should be busting his or her ass to get you this timely information. Somebody got around to looking at the trend and published it, and you seem to be bitching they didn't personally call you on New Year Eve with the final stats.
Chill.
Letter To Iran
I wish people will stop calling these script kiddie noobs "Hackers". Remember the days when a hacker was a skilled programmer? The media said, "Hey! Let's call criminals who use computers hackers! ('cause it sounds scary.) I am sorry, but the people who do this are no more of a hacker than a person who writes his name on the bathroom wall is a criminal mastermind.
In Soviet Russia, Websites attack you!
Even the phone company can pull your wire if you keep others from making or receiving phone calls.
They CAN have their common carrier status and still be allowed/encouraged/required to pull the plug on computers that are doing "network harm."
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
When I did those kind of things in my younger days it was purely educational.. Because I did those things, my PC won't be hacked. If it does, then it means there's more I need to learn.. (by the way, my PC name is "insecure" - I'm asking for it) Wrecking a car and a computer system are two different things. Computer systems are recoverable, and if they're not.. more lessons for the sysadmin. The money spent repairing the car (and whatever it crashed into) is what needs to be accounted for, just like the guy who hacks a system to find (and abuse) private data. That costs real money and time, a crashed server (or hell, even realizing you've just been hacked) is a lesson in the form of a minor headache that could have been much worse. If it can be hacked, it should be hacked. Not destroyed, abused, or used for ill-gotten advantages, but only so it can be fixed. It's one of the philosophies that melts in oh-so-nicely with the open source movement.
I went to eat some animal crackers and the box said, "Do not eat if seal is broken." I opened the box and sure enough..
It's going to hell in a handbasket but not because of the reasons you described.
Sex on TV isn't near as bad as some of the other crap that gets put on there.
I'd rather be forced to watch porn than assaulted with the groupthink propaganda this god forsaken country spawns.
Don't think, believe.
Don't think, buy.
Don't think, kill.
For the record, kids have never had morals.
I know that's what everyone told me when I was growing up, and It's what my great grandfather told my grandfather when he was a kid.
Tharkban (It is a signature after all)
Geez, that's as useful as saying that in order to prevent drunk driving fatalities, the Amish should all have chaffeurs. The problem isn't the language of the OS. Yes C doesn't have all the nifty security features of C# or Java, but that's not the problem. The problem is that most of the time script kiddies are using other languages to exploit an OS written in C. If the OS was written in C#, there would still be the same issue if the programming wasn't 100% secure. And we all know no program or OS is 100% perfect.
Well, there's spam egg sausage and spam, that's not got much spam in it.
Find a bunch of these l33t h4x0r5, then one day after school there's a rash of incidents like this:
A black van screeches to a halt at the crosswalk that 13 year old Brody Seminuk is standing at, the side door opens and men in black ski masks yank him off the sidewalk and into the van, in full view of his friends. The van jackrabbits away from the curb and the interrogation immediately begins.
MIB: WHO ARE YOU WORKING FOR!
BS: What?! I don't have a job!
MIB: DON'T BULLSHIT US! WE KNOW YOU'RE WORKING FOR INTERNATIONAL TERRORISTS!
BS: International terrorists!? But...! But...!
MIB: Don't lie to us boy! We'll beat the truth out of you if we have to!
BS: I don't know any terrorists! What are you talking about!?
MIB: You tried 32,812 times to break into www.edwards.af.mil!
BS: Oh shit!
Van stops in an underground parking garage, where Brody is shoved into a new van, with new interrogators.
MIB: WHO ARE YOU WORKING FOR!!
BS: I'm not working for anyone! I don't know any terrorists!
An old, battered van that has "Ed's plumbing" written on the side stops briefly and Brody is pushed out the back door, wearing only his underwear.
Friend 1: Dude, are you alright? We thought you were going to die!
Friend 2: They didn't rape you or anything, did they?
Brody: Got any money? I need a cab home.
Friend 1: Yeah, yeah, I have about $12.
Brody: call me a cab then.
Friend 2: What was that all about anyway.
Brody: Don't hack into Edwards. They really mean it.
Friend 2: You mean Edwards AFB?
Brody: Yes.
Friend 2: Um, what's that smell?
Brody: Shut up and dial.
"No problem. I have the capacity to do infinite work so long as you don't mind that my quality approaches zero."-Dilbert
The thing to do is to hold the ISP accountable if they don't hold the user accountable.
For example - I had this host that kept sending me half-megabyte virus executables via mail. I identified the ISP as Netvision in Israel. I tried to contact them repeately. They did nothing to stop this - they did not contact the user, they did not disconnect the user, they did not block the user's ability to send mail, NOTHING.
In cases like this, then HELL YES I say hold the ISP accoutable - they have failed to hold the user accountable.
If I start making prank calls from my phone, the phone company will kill my line if they get called about it. ISPs should be no exception.
www.eFax.com are spammers