[pchelpers] Hacker Threat
- From: "s m d" <indigo@xxxxxxxxxxxxx>
- To: pchelpers@xxxxxxxxxxxxx
- Date: Thu, 03 Jul 2003 10:25:37 -0700
Got this link today and thought I'd pass it along. I'm not sure how serious of
a threat this is but if it's true, there could be problems for web site owners
this weekend.
-Susan
(the URL may be broken)
http://www.computerworld.com/securitytopics/security/hacking/story/0,10801,82730,00.html
ISS warns of coordinated hacker attack on July 6
Hackers in the Defacers Challenge get points for defacing Web sites
By Paul Roberts, IDG News Service
JULY 02, 2003
Content Type: Story
Source: IDG News Service
An international hacking contest scheduled to begin this weekend could cause
headaches for organizations worldwide and disrupt the Internet, according to a
warning from Internet Security Systems Inc. (ISS).
The contest, known as the Defacers Challenge, awards points to malicious
hackers who successfully compromise an organization's Web server and deface its
Web pages.
ISS first became aware of the contest last week by monitoring Web sites and
Internet Relay Chat channels frequented by malicious hackers who specialize in
defacements, according to Peter Allor, manager of X-Force Threat Intelligence
Services at Atlanta-based ISS.
Rather than focusing on the volume of defacements, the Defacers Challenge is
set up to reward the skill of malicious hackers who can compromise systems
running less prominent operating systems, including Apple Computer Inc.'s Mac
OS and Unix variants such as IBM's AIX and Hewlett-Packard Co.'s HP-UX.
Contest organizers even set up a Web page (www.defacers-challenge.com) that
outlines the rules of the game, including a point system for compromised
machines -- one point for Windows, five for HP-UX and Macintosh -- and
guidelines for what counts as a valid defacement.
The target is to deface 6,000 Web sites. A prize of free Web site hosting is
offered to the malicious hacker who can reach that goal first or accumulate the
most Web sites in trying to do so, according to information posted on the site.
The challenge is scheduled to begin Sunday and last for six hours, though
information on the exact time hasn't been released, Allor said.
ISS doesn't know which hacker or group of malicious hackers is responsible for
organizing the challenge.
Although the contest and Web page may be a joke, ISS noticed an increase in
reconnaissance and probing scans of Web sites that may be connected to the
contest, Allor said. Malicious hackers may be scouting out high-value systems,
or even compromising them in advance so that they can quickly be defaced once
the contest begins, he said.
ISS recommends that organizations deactivate unneeded public-facing Web servers
and turn off unnecessary services on Web servers that are needed, in addition
to applying any necessary software patches to potentially vulnerable machines,
Allor said.
Recently disclosed software vulnerabilities that haven't yet been patched are
attractive targets for hackers, he said.
--
____________________________________________________
Another FREE service from Jayde Online http://www.jayde.com
Private,Web-based email accounts at http://www.jaydemail.com
Powered by Outblaze
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at //www.freelists.org/cgi-bin/lsg2.cgi
List archives at //www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Good advice is like good paint- it only works if applied.
Other related posts:
