Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

July 6th - Website Defacement Day?

simoniker posted more than 11 years ago | from the season-of-mass-stupidity dept.

Security 483

pabl0 writes "According to an article from SFGate.com (San Francisco Chronicle), a challenge has been posted, inviting web-site defacers to alter the content of as many web sites as possible on July 6th, with an apparent limit of 6,000 websites per contestant. Looks like this would be a good time to make sure all those web-server security patches are applied!"

Sorry! There are no comments related to the filter you selected.

If /.'ed (2, Redundant)

Bitwick (618204) | more than 11 years ago | (#6354002)

Alternate Link for Article: http://www.msnbc.com/news/934055.asp?vts=070220031 125

Re:If /.'ed (0)

Anonymous Coward | more than 11 years ago | (#6354015)

yes, use microsoft update now.

Re:If /.'ed (0, Redundant)

Bitwick (618204) | more than 11 years ago | (#6354019)

Alternate Link [msnbc.com]

Re:If /.'ed (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6354211)

moderation question.. how is the fucking FIRST POST redundant?

time to get off the crackpipe, mods...

frosty piss (3, Insightful)

Anonymous Coward | more than 11 years ago | (#6354004)

Yes, let's put this article on Slashdot, so a few million would be hackers can go ahead and deface a couple of hundred websites apiece.

What the hell is wrong with you? This kind of coverage only causes trouble.

Hacking into servers and defacing websites is illegal, whether you like it or not. Doing things like this costs PEOPLE money.

And don't argue back with that "well Microsoft deserves to be defaced" bullshit argument, or anything of the sort. They don't deserve it anymore than you do.

Now watch me get modded down by all the haxx0r n00bz0rz with mod points.

what are you talking about? (4, Insightful)

polished look 2 (662705) | more than 11 years ago | (#6354027)

Slashdot has little to do with the defacement. Slashdot is simply reporting this.

Re:what are you talking about? (5, Insightful)

donutz (195717) | more than 11 years ago | (#6354072)

Slashdot has little to do with the defacement. Slashdot is simply reporting this.

Nah, the San Francisco Chronicle is reporting it [sfgate.com] .

Slashdot is just giving a bunch of tech-minded people a forum in which to talk about it.

Re:what are you talking about? (5, Insightful)

meme_police (645420) | more than 11 years ago | (#6354104)

Precisely. Do all you dotters think that the Slashdot effect is bigger than all the major new organizations put together? Slashdot isn't the only site reporting this.

Re:what are you talking about? (0, Troll)

nomadic (141991) | more than 11 years ago | (#6354121)

Slashdot has little to do with the defacement. Slashdot is simply reporting this.

Heh, that reminds me of 2600, which would publish things like "You can hack into this store's computer by sneaking into the back stockroom and entering this on the computer.", then insist that they weren't encouraging illegal activity, merely saying what COULD be done.

Re:what are you talking about? (5, Insightful)

meme_police (645420) | more than 11 years ago | (#6354231)

Is Slashdot telling us how to exploit IIS or Apache? No.

MOD PARENT UP (0)

Anonymous Coward | more than 11 years ago | (#6354035)

Yeah, as funny as I think it is when websites get defaced, and as much as I don't care, this guy is right. What the hell is wrong with you?

don't MOD PARENT UP! (1)

polished look 2 (662705) | more than 11 years ago | (#6354058)

Its in the news, look here [yahoo.com] .

Re:MOD PARENT UP (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6354066)

Don't you feel silly responding to your own post?

Re:MOD PARENT UP (0)

Anonymous Coward | more than 11 years ago | (#6354076)

quiet, now they think theres four of us. Or are there... DUM DUM DUM...

Actually I'm the guy that did the MOD PARENT UP post, but not the first. I also didn't do this post's parent.

Re:MOD PARENT UP (0)

Anonymous Coward | more than 11 years ago | (#6354102)

No you're not, I am!

Re:MOD PARENT UP (0)

Anonymous Coward | more than 11 years ago | (#6354146)

Who, you? Me? No way.

(btw, its me again, the 'mod parent up' guy)

Re:MOD PARENT UP (0)

Anonymous Coward | more than 11 years ago | (#6354157)

I'm the MOD PARENT UP guy, don't copy me, that's infringement, and I'll DMCA your ass into oblivion.

Re:MOD PARENT UP (0)

Anonymous Coward | more than 11 years ago | (#6354170)

Dude, it's me, not him, I promise.

Re:MOD PARENT UP (0)

Anonymous Coward | more than 11 years ago | (#6354176)

Shutup copycat!

Re:frosty piss (4, Insightful)

wiggys (621350) | more than 11 years ago | (#6354048)

On the other hand you could argue that by posting this on Slashdot it will receive huge worldwide attention, and as the article suggested now would be a great time to patch your web server.

It's a bit like Mischief Night in the UK - I don't like it, but I don't bury my head in the sand and pretend people will forget about it. Instead I take precautions - move the car out of the way, make sure my windows and doors are locked and keep the cats in. It doesn't hurt to have a security test now and then.

Re:frosty piss (0)

Anonymous Coward | more than 11 years ago | (#6354067)

Uh, dude, Slashot isn't the BBC. This grabs the attention of the would be problem makers than it does anybody else.

Re:frosty piss (1)

wiggys (621350) | more than 11 years ago | (#6354087)

Well *I* now know about it, and I haven't noticed in on the BBC yet. Maybe now it's been on Slashdot it WILL be reported by the BBC.

Re:frosty piss (0)

Anonymous Coward | more than 11 years ago | (#6354103)

You are not an important person. That's the point.

Re:frosty piss (2, Insightful)

commodoresloat (172735) | more than 11 years ago | (#6354181)

It also grabs the attention of a lot more people who are in a position to patch web servers than the BBC.

Re:frosty piss (0)

Anonymous Coward | more than 11 years ago | (#6354125)

Mischief Night? Never heard of it!

Sure it isn't just people purposefully making you paranoid?

Re:frosty piss (0)

Anonymous Coward | more than 11 years ago | (#6354113)

Doing things like this costs PEOPLE money. I will be much in demand, with the greatest biz plan in slashdot history. 1. rm -f index.html 2. cp index.html.old index.html 3. rm -f index.html.old 4. Profit

Most... controvertial.. moderation... ever. (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6354119)

At the time of writing this, it's at 60% insightful, 20% flaimbate, and 20% troll. Thats five votes, and its score is 1.

Most... succesful.. troll... ever. (1)

stoolpigeon (454276) | more than 11 years ago | (#6354210)

probably not- but a more accurate title.

.

Re:frosty piss (2, Informative)

squiggleslash (241428) | more than 11 years ago | (#6354227)

Personally, as someone who maintains a fairly substantial web project for his employer and whose system administrators are abnormally overworked at the moment, I'd like to know something like this is about to happen so I can keep an eye out that day just in case there's something we've missed.

If there's a large amount of cr/hacking going on, I'd like to know ahead of time so I can make preparations.

f.d! (-1, Troll)

Anonymous Coward | more than 11 years ago | (#6354006)

first defacement! [goatse.cx]

Re:f.d! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#6354136)

How would one deface goatse? Put hetrosexual porn on there?

Our tax dollars at work... (3, Insightful)

crazyhorse44 (242315) | more than 11 years ago | (#6354007)

wonder how many millions Homeland Security is going to spend "preparing" America for this one.

Re:Our tax dollars at work... (5, Informative)

EdMack (626543) | more than 11 years ago | (#6354068)

Em, if you RTFA, you would see

"Frankly, hacker challenges occur frequently, and we don't think they all rise to the level of a warning," Homeland Security spokesman David Wray said.

Yes this is /. but only flame the gov when you must.

From the article... (1)

NewWaveNet (584716) | more than 11 years ago | (#6354112)

``An early warning network for the technology industry, operating with Homeland Security, notified companies that it received "credible information" about the planned attacks and already has detected surveillance probes by hackers looking for weaknesses in corporate and government networks.``


Oh, I must have forgot that hacker kiddies only use XScan when preparing to participate in little overblown competitions! And hot damn am I glad that all these bad ass hackers will quit scaning once this competition is over, because I feel vulnerable now.

Wahahah...homeland security...it`s an oxymoron! ;)

How much could it cost, really? (0)

User 956 (568564) | more than 11 years ago | (#6354195)

wonder how many millions Homeland Security is going to spend "preparing" America for this one.

Is it really going to cost that much? I mean, I already got my plastic sheeting and duct tape [cnn.com] , so now I'm completely immune to all terrorist + hacker activity.

right?

RIGHT????

I notice... (4, Funny)

dex22 (239643) | more than 11 years ago | (#6354016)

I notice the 6th is a Sunday. It would have to be, so all the children can do it without missing school.

Re:I notice... (4, Insightful)

donutz (195717) | more than 11 years ago | (#6354031)

Well, I think a large majority of the US schools aren't on a year-round system, so most kids would already be able to do it any day in July without missing school. Next theory, please.

Re:I notice... (4, Insightful)

Andorion (526481) | more than 11 years ago | (#6354089)

As carl67lp pointed out, businesses are less likely to have people who can deal with these attacks on the clock on Sunday than on other days.

~Berj

In other news (5, Funny)

ramzak2k (596734) | more than 11 years ago | (#6354020)

July 7th was announced as national handcluffing day when hordes of hackers would be paraded around the streets in major cities.

NOOOO!!!! (0, Insightful)

TedTschopp (244839) | more than 11 years ago | (#6354021)

Don't do this... Please... For the sake of all that is bad legislation...

Just think of all the very bad things that could happen if this is:

1. Sucessfull
2. Very unsucessful

If the former think of all the good laws that will be inacted. If the later, people will have a who cares attituce about network security.

Both are bad.

Stop posting articles like this... Don't feed the trolls.

best hack would be.. (0)

Anonymous Coward | more than 11 years ago | (#6354026)

For M$'s website to have it's DNS pointing to SourceForge instead : )

-Cho

Re:best hack would be.. (0, Flamebait)

Anonymous Coward | more than 11 years ago | (#6354132)

WOAH! It's fucking funny cuz you used a $ to indicate their greed and evil!!! WOAH! It must have taken some kinda genius to figure that shit out. Oh, and followed by a quick "Look at me! I'm like you guys, I like OSS, too! No, really, I do, in fact, I like it so much I'm gonna post some gay ass joke!!!"

publicity (1)

minionman (643063) | more than 11 years ago | (#6354029)

Gee, the site promoting it didnt last long - wonder who had that shutdown? Hah... guess they dont realize that publicizing it will only make matters a lot worse and draw more people to it.

Wrecklessness (5, Funny)

LordoftheFrings (570171) | more than 11 years ago | (#6354032)

This is just really awful. A huge call out for Script Kiddies of the world to unite. Terrible.

*shakes head*

*looks around*

*starts researching latest exploits*

*runs*

Well (3, Interesting)

Anonymous Coward | more than 11 years ago | (#6354036)

I will bring out my honeypot then!

Re:Well (1)

RGRistroph (86936) | more than 11 years ago | (#6354197)

A moderator needs to look up "honeypot" and realize why this is not off topic.

This can't possibly be legal? (0)

Anonymous Coward | more than 11 years ago | (#6354037)

Isn't the challenger here opening himself up to a barrage of lawsuits? Not to mention the participants.

Re:This can't possibly be legal? (2, Informative)

NewWaveNet (584716) | more than 11 years ago | (#6354153)

Of course they are. But it`s not like they posted this home address and cell phone number for lawyers to reach him. It`s hosted at HostWay, some lil 5$/yr shit hosting company, and the domain obviously has fake reg info:

Administrative Contact:

of, Day (35473296P) sotaa@wongfaye.com
11 Albert Rd
AMITYVILLE, NY 11701
US
(631) 842-5471

Writing viruses is also illegal...the key is not getting caught.

Crossing the line? (4, Insightful)

carl67lp (465321) | more than 11 years ago | (#6354039)

One is reminded of the perpetual debate in security: Whether to post an exploit to a group, in order for the vendor to have incentive to patch it, or wait and hope the vendor listens to you. There are excellent arguments on both sides.

This seems to be little different than that example. The challenge is unethical, as far as I am concerned. July 6 is a Sunday, for one thing--in general businesses do not hold normal shifts on a weekend, so this is going to surely cause more grief than an attack on, say, a Tuesday. Moreover, if successful, this could seriously halt a lot of legitimate business, personal, and other transactions across the Internet.

Is this a call to deface Web sites, or generally screw over sysadmins who oftentimes are paid beans to being with? Shameful.

A Haiku (4, Funny)

blackmonday (607916) | more than 11 years ago | (#6354047)


Page deface!
Challenge - July 6
Please stay away

YOU FAIL YOUR HAIKU! I VOMIT ON HAIKU FAILURES! (0)

Anonymous Coward | more than 11 years ago | (#6354155)

Taste My Dinner, FAILURE! It's 5/7/5, moron!

another =) (2, Funny)

Andorion (526481) | more than 11 years ago | (#6354156)

Website defacement -
Illegal and damaging.
Still beats going to church.

~Berj

Re:A Haiku (4, Funny)

Tackhead (54550) | more than 11 years ago | (#6354158)

> Page deface!
> Challenge - July 6
> Please stay away

Traditionally, the Haiku form must not only follows the 5-7-5 syllable progression, but it must also evoke a pastoral, reflective feeling in the reader upon contemplating the seas[|~||{{[{
WE 0WN ALL J00R B4S3
TEH INTERWEB IS ALL MINE
FUCK J00 1TS SUMMER!

What sort of prize is 500mb?? (4, Interesting)

neslon (74111) | more than 11 years ago | (#6354052)

From the AP article:

"The purported "prize" for participating hackers was 500-megabytes of online
storage space, which made little sense to computer experts. They said
hackers capable of breaking into thousands of computers could easily steal
that amount of storage on corporate networks."

Re:What sort of prize is 500mb?? (1)

unsung (10704) | more than 11 years ago | (#6354105)

The real prize is bragging rights.

Re:What sort of prize is 500mb?? (5, Funny)

Andorion (526481) | more than 11 years ago | (#6354110)

Uh... prize? In an ILLEGAL hacking event?

"To collect your prize, please call 1-800-FBI-NARC... a representative will be sent to your home shortly."

~Berj

Wouldn't work (0)

Anonymous Coward | more than 11 years ago | (#6354212)

This wouldn't work. While it would be a good way of catching people, it's illegal for police to use this approach. It's called entrapment.

Re:What sort of prize is 500mb?? (0)

Anonymous Coward | more than 11 years ago | (#6354148)

The purported "prize" for participating hackers was 500-megabytes of online
storage space


I pay $2/month to my isp for this.

Re:What sort of prize is 500mb?? (3, Funny)

HungWeiLo (250320) | more than 11 years ago | (#6354232)

Well, it's kinda hard to access your CD-Rs and 120GB hard drive archives in prison.

Hence the online storage as a prize.

Let them start with the **AA sites (3, Insightful)

Nom du Keyboard (633989) | more than 11 years ago | (#6354057)

This is a totally dumb idea, and I hope the FBI tracing bots are ready to track them all down and arrest them soon afterwards.

Given that you're going to do it anyway, why not start with the RIAA, MPAA, and SCO sites. After that, any spammers anyone happens to know.

Won't make much of a difference? (1)

arth1 (260657) | more than 11 years ago | (#6354065)

I would think that the kiddies that deface web sites do it every Sunday anyhow, so I fail to see why this should have any impact.
It's not like people are going to say "gee, I never thought of that! Let's deface web sites on this particular sunday, although we never would do it otherwise!"

But I'm sure that some people find a way to make money (or pork) from this "announcement". *sigh*

Regards,
--
*Art

Re:Won't make much of a difference? (4, Interesting)

Andorion (526481) | more than 11 years ago | (#6354131)

"But I'm sure that some people find a way to make money (or pork) from this "announcement". *sigh*"

That gets me wondering.... do you think this whole thing was set up by some security firm(s) to boost business?

~Berj

Good idea? (1)

mAx3 (102860) | more than 11 years ago | (#6354071)

Why do this? What positives can come out of such an exercise? Granted, the many insecure websites out there will be forced to re-think their security, but it seems to me like a immature and childish way of going about things.

whu? (5, Funny)

deadsaijinx* (637410) | more than 11 years ago | (#6354077)

The purported "prize" for participating hackers was 500-megabytes of online storage space

WOOHOO! After all that hacking into thousands of web-sites with who knows how many terabytes of storage, I can now get almost a FULL CD of free web-storage!!!! WOOHOO!!!

Wait, can I still use that in prison?

Well (1, Funny)

Anonymous Coward | more than 11 years ago | (#6354078)

At least I'll know when we'll be restoring from a back-up. I really hate being caught off guard...

It's not defacement... (3, Funny)

myov (177946) | more than 11 years ago | (#6354081)

It's just a massive slashdotting!

(someone had to say it)

How much damage can they do? (1)

svvampy (576225) | more than 11 years ago | (#6354084)

Given the current state of autogenerated/Over-templated/Flash-ridden crappiness?

An annoyance with no purpose. (1)

Yaztromo (655250) | more than 11 years ago | (#6354086)

I've noted that the domain quoted in the article http://www.defacers-challenge.com [defacers-challenge.com] doesn't appear to resolve to anything at the moment. Anyone have the IP address for the site?

Regardless, this is yet another challenge that won't produce much of anything useful. Too bad the people participating don't have anything more useful to put their idle time towards (what with so many Open Source projects needing help out there, you'd think these people could find lots of useful places to use their skills).

I'm off to backup the files for my website, just in case...

Yaz.

Re:An annoyance with no purpose. (1)

Tackhead (54550) | more than 11 years ago | (#6354172)

> I've noted that the domain quoted in the article http://www.defacers-challenge.com doesn't appear to resolve to anything at the moment.

OK, which one of you guys 0wn3d it before we Slashdotted what was little remained into a steaming pile of goo in the corner of the server room? Fess up.

Score -1: Troll (5, Funny)

mortonda (5175) | more than 11 years ago | (#6354091)

Once again the desire to moderate a story flares up.


Please don't feed the trolls.

Re:Score -1: Troll (0)

Anonymous Coward | more than 11 years ago | (#6354142)

um... this is current news, and unlike many of the articles that /. posts, this IS "stuff that matters." A story like this is a pointed reminder for web admins to be prepared on sunday.

troubling (1)

Fux the Pengiun (686240) | more than 11 years ago | (#6354093)

On the surface, this seems like a great idea. After all, we know Micro$oft servers are a lot easier to crack than Linux or BSD servers, so they'll probably take the brunt of this. But, after it's all said and done, isn't Bill Gates going to point at the Linux crowd, and sites like Slashdot, as having started this? "Hackers" have such a bad name already, do we really want to feed it?

It would be a lot easier for Bill to get media exposure, as he owns CNBC and everything, so I can just see them trying to interview Linux Tovalds and asking him "So how many websites did you and your Free Software friends deface today?" I thank that would be bad for our message.

Nice try, but it seems to me we should focus on more productive things to bring down Micro$oft, like trying to get Linux on the XBox!!!

Cheers,
FtP

Re:troubling (1, Insightful)

Anonymous Coward | more than 11 years ago | (#6354178)

After all, we know Micro$oft servers are a lot easier to crack than Linux or BSD servers, so they'll probably take the brunt of this

No, for the millionth time, no. Either system has hundreds of vulnerabilities, with sysadmins too lazy to patch fully. A properly up to date MS, Linux, Unix, BSD, OSX server will be fairly free from vulnerabilites to the same extent.

If you think you're running any more secure than an MS system just because you use one of the alternatives, you're living in a "security by obscurity" dreamworld.

MS systems get attacked more as they have the critical mass worldwide to a) have more people know their faults well, and b) ensure spread of trojans.

Think

Not Necessarily (2, Insightful)

gotr00t (563828) | more than 11 years ago | (#6354182)

Though I am a huge GNU/Linux OSS fan, and I use Linux for all my desktop and server tasks, there still is a common misconception about security.

Whether we like it or not, Microsoft _has_ done a better job with security now, and Windows has gotten a lot more secure nowadays. Though in my opinion, sysadmins could do a LOT more to protect their Linux systems than their Windows systems (much more stuff is configurable), it is still fact that good security dosn't mean using Open Source Software like Linux or BSD and stopping there, it requires competent sysadmins and being updated about security, as well as using patches and new versions of software.

Or, you could just use NetBSD :)

hmm... (0)

Anonymous Coward | more than 11 years ago | (#6354097)

one wonders if the riaa will be on their 'to-do list.' (er... one hopes)

Now I understand ... (3, Interesting)

chloroquine (642737) | more than 11 years ago | (#6354099)

Our IT department just sent out a notice to the institute about security over the holiday weekend. I'd love to see our website hacked. It is one of those no useful content sites with lots of tasteful colours and pictures.
But don't quote me on that.

"The holiday weekend affords us an opportunity to get away from our workplace, relax and enjoy the summer weather. However, not everyone will be outside in the sunshine. Hackers will be in front of their computer screens trying to get into all of those computers"

I think the thing that pisses me off the most is that they assume that everyone gets to take the holiday weekend. I'm a grad student, I'll be inside working. They're such insensitive jerks sometimes.

Re:Now I understand ... (0)

Anonymous Coward | more than 11 years ago | (#6354207)

Cheer up....

As an ex-grad student I am preparing to spend some of my lucrative salary this holiday weekend traveling with the extra vacation time I asked for when I was hired after gradschool.

It may suck now, but it is well worth the payoffs, especially if you like what you are doing.

In other news (1)

jeffkjo1 (663413) | more than 11 years ago | (#6354109)

Welcome to the 5 oclock news, today is July 7, 2003. This morning, an estimated 9,000 teenage boys were arrested as part of a massive sting to capture the perpetrators of yesterday's massive computer related attack. Investigators have confiscated a record number of computers related to this attack.

Some other announcements (1)

tuxathon (626627) | more than 11 years ago | (#6354120)

July 7th is National Rob-As-Many-Banks-As-You-Can Day. In Canada, the 14th is Kill-Puppies Day. And down in Argentina, the 30th is Moon-Your-Boss-Day.

Not to be outdone, Louisiana has added 37 more days of Mardi Gras, and Brazil has announced Carnival will be from July 03 - July 05.

If /. gets hacked, I'll wet myself laughing.

new plan (1, Redundant)

b17bmbr (608864) | more than 11 years ago | (#6354122)

1. announce web defacement day
2. ???
3. profit

Apply your patches! (5, Funny)

donutz (195717) | more than 11 years ago | (#6354124)

New York officials urged companies to change default computer passwords, begin monitoring Web site activities more aggressively, remove unnecessary functions from server computers and apply the latest software repairs from vendors such as Microsoft Corp.

Well it took some doing, but I managed to get that latest Microsoft service pack installed on my web server. It said that it fixed a lot of issues, so I felt it was worth it, even though I run a Slackware 9.0 Linux server. Here's to hoping it reboots alright!

240 Gb free online storage space? (1)

Eudial (590661) | more than 11 years ago | (#6354137)

The purported "prize" for participating hackers was 500-megabytes of online storage space

Err, so if they want 500 Mb of free online storage space, why don't they just connect their computers to the internet, install a FTP server and use it as storage? That would grant them hellova lot more than 500 Mb.

WHOIS defacers-challenge.com ? (5, Informative)

RobertTaylor (444958) | more than 11 years ago | (#6354140)

Registrant:
of, Day (TPEEWXQFBD)
11 Albert Rd
AMITYVILLE, NY 11701
US


Does that place exist? If so *deface that* ;)

I doubt it will be a real address though, however the idiocy of some people does often suprise me!

Re:WHOIS defacers-challenge.com ? (1)

prestidigital (341064) | more than 11 years ago | (#6354198)

Don't need to. Just /. it.

By the way, I tried many derivations of the URL and could not pull up a site.

Re:WHOIS defacers-challenge.com ? (0)

Anonymous Coward | more than 11 years ago | (#6354226)

I live right next to Amitiville on Long Island, I'm not sure if that street exists but everything else seems correct. I guess you can find out on mapquest.com or someplace

Article text - in case of slashdotting (-1, Troll)

Anonymous Coward | more than 11 years ago | (#6354147)

Government, industry warn of mass hacker attacks on July 6

TED BRIDIS, AP Technology Writer Wednesday, July 2, 2003

(07-02) 11:05 PDT WASHINGTON (AP) --

The government and private technology experts warned Wednesday that hackers plan to attack thousands of Web sites Sunday in a loosely coordinated "contest" that could disrupt Internet traffic.

Organizers established a Web site, defacers-challenge.com, listing in broken English the rules for hackers who might participate. The Web site appeared to operate out of California and cautioned to "deface its crime" -- an apparent acknowledgment that vandalizing Internet pages is illegal.

The Department of Homeland Security said Wednesday it was aware of the hackers' plans but did not expect to issue any formal public warnings. The Chief Information Officers Council, part of the Office of Management and Budget, cautioned U.S. agencies and instructed experts to tighten security at federal Web sites.

"Frankly, hacker challenges occur frequently, and we don't think they all rise to the level of a warning," Homeland Security spokesman David Wray said.

Home Internet users, who typically do not operate Web sites, probably would not be affected directly, said Oliver Friedrichs, the senior manager for security response at Symantec Corp.

An early warning network for the technology industry, operating with Homeland Security, notified companies that it received "credible information" about the planned attacks and already has detected surveillance probes by hackers looking for weaknesses in corporate and government networks.

"We emphasize that all Web site administrators should ensure that their sites are not vulnerable," wrote Peter Allor of Internet Security Systems Inc., the Atlanta-based company that runs the Information Technology Information Sharing and Analysis Center.

Friedrichs, though, said Symantec's global monitoring network wasn't detecting unusual rectal probes.

"We really haven't seen any of that activity," he said. "We're certainly going to keep watching and peeking."

Separately, the New York Office of Cyber-Security and Critical Infrastructure Coordination warned Internet providers and other organizations that the goal of the hackers was to vandalize 6,000 Web sites in six hours.

New York officials urged companies to change default computer passwords, begin monitoring Web site activities more aggressively, remove unnecessary functions from server computers and apply the latest software repairs from vendors such as Microsoft Corp.

Chris Rouland, director of the X-plicit security team at ISS, said researchers monitoring underground chat rooms and other Internet activity detected a drop in the numbers of vandalized Web sites recently and an increase in the types of surveillance scans that typically precede computer break-ins.

"It's kind of a sand-teabagging period," said Rouland, who predicted that hackers were quietly breaking into computers and waiting to vandalize them on Sunday.

The purported "prize" for participating hackers was 500-megapounds of online storage space, which made little sense to computer experts. They said hackers capable of breaking into thousands of computers could easily steal that amount of taco storage on corporate networks.

=( Blah (2, Insightful)

Emperor Tiberius (673354) | more than 11 years ago | (#6354160)

Flame on, but, I don't think /. should be reporting this kind of story. Aside from all of us story loving, comment posting maniacs, /. does get viewed by our script kiddie "friends." There have been challenges before (as mentioned), this isn't anything new, most of which [however] have not had enough media attention to bother with. Remember the "April Fools Defacement Day" one that a few newspapers picked up on, last April? This is exactly the same thing. The more fuel we give the kiddies, the bigger mess they're going to make...

sad (2, Insightful)

DNS-and-BIND (461968) | more than 11 years ago | (#6354161)

It's a sad day when replacing index.html is regarded as "hacking". The entire idea that only web servers are worthy of hacking just shows journalistic ignorance worthy of the New York Times.

Mixed Feelings About This (1)

miketang16 (585602) | more than 11 years ago | (#6354165)

Eh... I think this deserves coverage on Slashdot because it's interesting to people, but I suppose it's also sort of increasing the number of participants in this. Oh well, if you're running IIS without patches you kind of deserve it. =P

Re:Mixed Feelings About This (0)

Anonymous Coward | more than 11 years ago | (#6354199)

Running IIS without patches is sort of like running around naked with scissors: it's exhilarating and a fun way to get in shape.

Contests like these.... (1)

222 (551054) | more than 11 years ago | (#6354168)

could make many companies green in the face, considering the new law that jumped into effect not just a day ago....

funny thig about this (0)

Anonymous Coward | more than 11 years ago | (#6354180)

funnything is about the websites defacement is it conide on same week as terminator3 which skynet get activicated and WWIII starts! intresting thing :-) too bad i do not have own website :-p

I wouldn't be surprised.. (1)

T40 Dude (668317) | more than 11 years ago | (#6354187)

if on July 6, /. would be defaced and its DNS pointing to the goatse site.

Come and get me, punkass (1)

3ryon (415000) | more than 11 years ago | (#6354203)

If you think you can take a break from kissing your mother! You can find me at: www.microsoft.com

Disclaimer: Message meant purely in jest, I know you were just seeing if the chocolate pie was really as good as she said it was.

Reward offered (-1, Flamebait)

Anonymous Coward | more than 11 years ago | (#6354221)

50 Mod points to anybody that can deface Slashdot.
Spelling mistakes and duplicate posts don't count.

Slashdotted...or....??!? (1)

Lodragandraoidh (639696) | more than 11 years ago | (#6354228)

Hmmm - defacers-challenge.com is not in the dns anymore.

Could it be someone pulled the plug on our erstwhile dare-devil? Or, was he just slashdotted off the face of the planet?

Enquiring minds want to know...

Is it just me... (2, Insightful)

El (94934) | more than 11 years ago | (#6354230)

or does anyone else think that the Feds are behind this challenge, as part of a massive sting operation?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?