Slashdot Mirror

← Back to Stories (view on slashdot.org)

Web Site Attacks Are On The Rise

Posted by CmdrTaco on from the script-kiddies-under-every-rock dept.

Nicholas Roussos writes "According to recent numbers from 2004, website attacks are on the rise, and many of them are being performed by mischevious school kids. Some of their favorite targets include U.S. government and military websites."

16 of 281 comments (clear)

  1. Careful! by BWJones · · Score: 5, Interesting

    I have certainly seen the number of attacks rising on our academic computing resources as well as my blog. Tracking IPs leads to lots of cable modems from Comcast and such which could be zombies, but given the lack of sophistication from those IPs, I have to wonder. Most of the attacks from these cable modem IPs are scripts directed at Windows vulnerabilities and buffer overflow attacks, but a few coming from Taiwan and Korea as well as some in the Balkans are fairly sophisticated that sometimes appear to come via compromised computers from other universities for example. Depending upon how sophisticated they are, I have reported some of them to Federal authorities who have the resources to subpoena logs and go after folks intruding into Federal resources. Interestingly others have also recently reported intrusions followed by blackmail which are likely not the domain of script kiddies. Certainly, comedy aside, one wonders if many of these kids have any idea of what they could actually be dealing with. Back in 1982 (we were 12), all that happened to us after hacking into government computers was my friend Lance getting his Apple ][+ confiscated followed by a job offer 9 years later from the same folks who confiscated his computer back in 1982. Now however, hacking into even an educational system could net you serious Federal penalties depending upon the system one hacks into. One admin friend of mine at a certain government lab is absolutely militant about this stuff. It has become her all consuming hobby to track these folks down and allocate whatever government resources she can muster to prosecute intruders into her systems. Woe be unto those that intrude into one of Melissa's systems.

    --
    Visit Jonesblog and say hello.
    1. Re:Careful! by nizo · · Score: 5, Funny

      What is her site domain? Maybe I could point some of the zombies and such who keep poking around my domains with a redirect to her website so SHE can go track them down.....

      --
      I Am My Own Worst Enemy
    2. Re:Careful! by warpSpeed · · Score: 5, Insightful
      I swear I've posted this like 5 times this week, but ISPs should be held liable for malicious traffic comming from their networks if they don't do anything about it. It's getting ri-freakin-diculous people!

      Speaking as the owner of a very small ISP, this is very nearly imposible. How do you define "don't do anything about it"? Which ISP are you going hold liable? The one that sells bandwidth to the offending PC (IP address)? Or the upstream ISPs. What if the middle ISP is multi-homed? Perhaps some guy just left his WiFi open, and a neighbors infected laptop has latched on to it (I've seen this happen). Would the Open WiFi guy be the ISP in this scenario?

      It is not just getting "ri-freakin-diculous", it has been pretty bad for quite a while now. With better and cheaper bandwidth becoming more and more readly avaiable the problem will continue to get worse. However the ISPs here are common carriers, they cannot (and I do not want then to) track ever IP packet that travels over their network.

      Perhaps you could whip on the OS makers where the majority of these problems originate from?

  2. Worst of all... by nacturation · · Score: 5, Funny

    ... they're attacking slashdot too and posting dupes!

    --
    Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
  3. Oblig. by erktrek · · Score: 5, Funny

    .. and I would have gotten away with it too if it wasn't for you meddling kids!!!!

  4. No surprises there, then by davidmcw · · Score: 5, Interesting

    We have an, unpublicised tech support website for our company use only. On looking at the weblogs, it looks like 80-90% of all traffic is attempted hacks. We even went as far as contacting the ISP of one particularly keen individual, they, of course, weren't in the slightest bit interested.

    --
    Just because your paranoid doesn't really mean they aren't out to get you
  5. Re:I don't think that this is new though. by ackthpt · · Score: 5, Funny
    Website attacks are on the rise.
    I bet we see this in 2005 as well.
    What would really be news if we saw website attacks decline.

    There will be a decline ... cut-backs and all, we had to lay off a lot of script kiddies and the rest is being outsourced to East Velcro.

    --

    A feeling of having made the same mistake before: Deja Foobar
  6. choice quote by Reuters by Anonymous Coward · · Score: 5, Insightful

    "For the average person it sounds complicated but if you know what you are doing it's really quite easy," he said.

    Couldn't that statement be applied to any subject?

  7. Which PR firm generated this story? by justanyone · · Score: 5, Insightful


    Some would say that most news outside of the main NYT and others is generated by PR firms providiing "information" to reporters in the hopes of getting an article published. I would argue that the interesting thing about this "article" is not that the non-news it contains:

    * website attacks are most commonly peformed by schoolboys
    * attacks are on the rise
    * attacks are commonly politically motivated

    This "news" isn't new. Thus, who asked for the article or provided the info in it? Symantec, pushing antivirus software? Cisco, trying to induce worry about security in general and sell their more 'secure' routers? IBM, EDS, Siemens, or someone else, selling E-Commerce security software?

    Being a critical reader is not just asking, "is this story true". Nowadays, it's asking, "Why was this story published?"

    -- Kevin

    --
    Unitarian Church: Freethinkers Congregate!
  8. "Web Site Attacks Are On The Rise" by Anonymous Coward · · Score: 5, Funny

    "Web Site Attacks Are On The Rise"

    Tsssss... What is the world coming to when people get attacked by web sites. I still remember when we could co to sleep and leave the computer unlocked.

  9. Top 5 attackers by Virtual+Karma · · Score: 5, Informative
    Here is a list of top 5 attackers of Indian websites:

    AIC - 166 defacements - 21.28%
    GForce Pakistan - 116 defacements - 14.87%
    Silver Lords - 101 defacements - 12.95%
    WFD - 59 defacements - 7.56%
    ISOTK - 17 defacements - 2.18%

    --
    fuvoo: watch something
  10. There's not more attacks... by c0ldfusi0n · · Score: 5, Insightful

    There's just more targets.

    --
    A computer makes it possible to do, in half an hour, tasks which were completely unnecessary to do before.
  11. Worth Noting -- it's not just Windows servers! by SlashChick · · Score: 5, Insightful

    As the owner of a web hosting company for several years now (and one that stays away from Windows as much as possible), we've noticed a dramatic spike in attempted attacks on our servers in the past 12 months. If you put an unprotected /tmp directory (i.e. one that allows executable files) in a server that's connected directly to the Internet, you're asking for trouble. We've seen these boxes sending out spam or DOS'ing other servers (mostly targeting IRC servers) in a matter of hours from when we put them online. The hackers find some exploit like an old version of phpBB, insecure PHP code, etc. It's really not that hard; if you have several sites on a server, chances are that one of them has something vulnerable in a web-accessible directory. It's gotten so bad that we've devoted part of our standard CentOS install to locking down the /tmp directory so no files can be executed (and explaining this change to our customers.)

    Worse yet, the hacks have now turned to running perl or php from the command line on things in /tmp to get around the noexec mount option. The hack works like this:

    1) Find exploitable site. (Again, with the number of insecurities in commonly-used programs like phpBB, or god forbid, the *Nuke series, this isn't hard.)
    2) Upload perl script to /tmp.
    3) Run "perl [script name]" repeatedly to accomplish your goal.

    We've again locked down our servers to prevent this, but unfortunately, we can't make this part of our default install because our customers like to run perl and php from /tmp! (Argh.) So we simply educate them and tell them how to lock the servers down themselves, and why putting any scripts in /tmp is a Bad Idea.

    It's not just us, either... go to any forum where webmasters or hosting company owners congregate and you'll see this is one of the most common problems out there. Linux is no longer more secure as a web server... not when you factor in most of the PHP programs out there that people love, at least.

    --
    Simpli - Your source for San Jose dedicated servers and colocation!
  12. Script Kiddies by digitaldc · · Score: 5, Insightful

    How did they come to the conclusion that many of these attacks are by kids? Just that the hacks spike when school is out? The article really didn't go into much detail.
    Nowadays, if you don't protect your website from being hacked, you might as well expect it to be hacked. Maybe they should try hacking Argus systems Pitbull LX and win(?) money.

    --
    He who knows best knows how little he knows. - Thomas Jefferson
  13. Slashdot is constantly being attacked by Anonymous Coward · · Score: 5, Funny

    By empty-headed schoolkids bent on mischief. These attacks are called "comments".

  14. From the article: by asoko · · Score: 5, Insightful

    "A lot of 15- and 16-year-old guys are smart enough to have strong political opinions," Roberto Preatoni, Zone-H founder, told Reuters on Monday.

    Since when did intelligence become a prerequisite for having strong political opinions?

    --
    The Adventures of Jonathan Gullible: A Free Market Odyssey