funsec mailing list archives
Re: Network solutions admits to "few hundred" defacements
From: "Thomas Raef" <TRaef () wewatchyourwebsite com>
Date: Wed, 20 Jan 2010 16:57:45 -0600
No. Not with them. The thing is, with the case of Network Solutions, is that from what I've read it was the result of remote file inclusion (RFI). How is it they have to take the fall for that. Granted if it happened on a shared server it shouldn't have infected hundreds of websites on that same server, but, from what I know, RFI attacks are typically the result of bad programming. Thomas J. Raef e-Based Security "You're either hardened or you're hacked!" We Watch Your Website "We Watch Your Website - so you don't have to."
-----Original Message----- From: Burian, Matthew J. [mailto:mjb () burianit com] Sent: Wednesday, January 20, 2010 4:37 PM To: Thomas Raef Cc: funsec Subject: Re: [funsec] Network solutions admits to "few hundred" defacements I had a similar issue with some of my clients sites that were hosted with InMotion Hosting (http://www.inmotionhosting.com) several months ago. I was not sure if it was a breach of the companies servers, or insecure credentials on the part of the client. About 100 lines of identical text including links to various bogus online pharmacy websites was injected into each HTML file. Anyone heard anything about this? Matt Burian | IT Consultant Burian Information Technology, LLC. On Tue, Jan 19, 2010 at 10:48 AM, Thomas Raef <TRaef () wewatchyourwebsite com> wrote:http://blog.networksolutions.com/2010/update-web-site-defacement-issue/"We have discovered the cause of a limited attack on websites hostedonNetwork Solutions Unix servers where a few hundred sites wereaffected.Hackers were able to add a file displaying illegitimate content ontop ofthe customer website content. This was an issue on multiple serversandunknown intruders were able to get through by using a file inclusion technique. There was no danger to any personally identifiable orsecureinformation." Thomas J. Raef e-Based Security "You're either hardened or you're hacked!" We Watch Your Website "We Watch Your Website - so you don't have to." _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Network solutions admits to "few hundred" defacements Thomas Raef (Jan 19)
- Re: Network solutions admits to "few hundred" defacements Burian, Matthew J. (Jan 20)
- <Possible follow-ups>
- Re: Network solutions admits to "few hundred" defacements Thomas Raef (Jan 20)