Educause Security Discussion mailing list archives

Re: Rank My Hack


From: Bob Kalal <kalal.1 () OSU EDU>
Date: Wed, 31 Aug 2011 14:45:44 -0400

Note that the site also provides tutorials for XSS and SQL Injection as well as a set of tools ...

Bob Kalal

On Aug 31, 2011, at 2:09 PM, Webb, Justin wrote:

Well, we are a point worthy target, any .edu is worth 7500 points.

Sincerely,
 
Justin P. Webb
Security Analyst
IT Services, Marquette University
414-288-4196
justin.webb () marquette edu

From: "Everett, Alex D" <alex.everett () UNC EDU>
Reply-To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Date: Wed, 31 Aug 2011 18:06:20 +0000
To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Rank My Hack

Can anyone validate any of these?
My concern is that some of the claims seem quite dubious.
Well, I do see that finding an XSS is considered 'hacked'.

Sincerely,

Alex Everett, CISSP, CCNA
University of North Carolina

On Aug 31, 2011, at 1:24 PM, Nick Giacobe wrote:

You all might want to check out the new site RankMyHack to see if your sites have been compromised and listed on the 
leaderboard.
 
68 edu sites are listed in the current list of hacks at http://www.rankmyhack.com/hacks.php
 
Here is some very recent press about the RankMyHack Site:
 
http://www.washingtonpost.com/blogs/innovations/post/its-official-hacking-has-been-gamified/2011/08/30/gIQALidWrJ_blog.html
http://gizmodo.com/5836145/rankmyhack-gives-you-achievement-points-for-your-ballsiest-cyber-attacks
 
 
---
Nick Giacobe
Research Technologist V and Ph.D Candidate
College of Information Sciences and Technology
Penn State University
101 Information Sciences and Technology Building
University Park, PA 16802
 

Sincerely,

Alex Everett, CISSP, CCNA
Information Security Office
University of North Carolina at Chapel Hill
919.445.9393

<RMH.png>


Current thread: