Information Security News mailing list archives
[defaced-commentary] Rapid Increase in Windows 2000 in Overall NT Defacements
From: InfoSec News <isn () C4I ORG>
Date: Fri, 29 Dec 2000 02:02:22 -0600
Rapid Increase in Windows 2000 in Overall NT Defacements
------------------------------------------------------------------------
As for comments re: shift from NT4 to W2K - I honestly think that
a significant change will appear. I do not need a crystal ball.
Baring the sudden development of W2K vulnerabilities hereto unknow
[sic] and the sudden lack of MS response to them (which has been
markedly better than NT4 days), I can't see how you could figure
that W2K defacments would remain at a lower level than NT4. As
people upgrade they gain two things; one, all the enhancments to
security W2K brings inherently and two, easy access to patches via
windows update and the hotfix checker.
--Windows 2000 Advocate, via email October 25, 2000
I expect the trend in exploiting NT Web servers to peak again
soon, unless the unlikely happens. That is, all operators of IIS
quickly install the patch and secure their Web servers.
--Rik Farrow, IIS Unicode Bug Worst this Year
(http://www2.itworld.com/cma/ett_content_article/0,2849,1_3225,00.html),
October 30, 2000 Edition of ITWorld
Rik Farrow was unfortunately correct: NT defacements peaked again this November
(http://www.attrition.org/mirror/attrition/os-graphs.html#SPECIAL) .
Riding this new wave of IIS website defacements is Windows 2000, which
has a growing percent of all NT defacements:
Pct.
Month NT Win2k of NT
------- ----- ----- ------
Jan2000 255 0 0.0
Feb2000 261 1 0.4
Mar2000 321 4 1.2
Apr2000 224 2 0.9
Jun2000 246 4 1.6
Jul2000 225 7 3.0
Aug2000 210 9 4.1
Sep2000 168 13 7.2
Oct2000 306 15 4.7
Nov2000 411 61 12.9
Dec2000 258 42 14.0
Notes:
All figures are January 2000 through December 21, 2000
Windows 2000 was released in February of 2000
The 'NT' column refers to all NT defacements other than Windows 2000
The 'Win2k' column refers to all Windows 2000 defacements
The percentage column is a percent of total figure, and is calculated in
this manner: 100*Win2k/(NT+Win2k)
For a graphic perspective of the percent and the cumulative total of Windows
2000 defacements for the year up to December 21, 2000:
[see the URL below]
http://www.attrition.org/mirror/attrition/graphs/win2k.gif
It is inevitable that Windows 2000 will come to dominate NT defacements:
simple attrition of NT 4.0 and earlier versions guarantee that. The rapid
increase in Windows 2000 defacements is probably attributable to the fact
that virtually all new installations of NT will be Windows 2000, and new
installations will often be the most insecure and unpatched. It's also very
likely that Windows 2000 administrators are relatively inexperienced in
Windows 2000 security (I take this as a reasonable assumption).
Rik Farrow was correct: administrators didn't quickly patch their
webservers, even under the spector of defacements of major commercial
websites, or much worse, intrusions into large commercial websites to pilfer
financial or proprietary data, in the Infosec and IT news on an almost
weekly basis.
------------------------------------------------------------------------
munge () attrition org
? 2000, 2001 Matt Dickerson for Attrition.org
Last modified: Thu Dec 28 19:29:45 EST 2000
To subscribe to this list, send mail to majordomo () attrition org with
subscribe defaced-commentary in the BODY of the mail.
-
The information and commentary is Copyright 2000, by the individual author.
Permission is granted to quote, reprint or redistribute provided the text is not
altered, and the author and attrition.org is credited. The opinions expressed
in this mail are not necessarily the opinion of all Attrition staff members.
ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".
Current thread:
- [defaced-commentary] Rapid Increase in Windows 2000 in Overall NT Defacements InfoSec News (Dec 29)