Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Stuph for 8.8.01

From: InfoSec News <isn () c4i org>
Date: Wed, 8 Aug 2001 03:42:10 -0500 (CDT)
Hello all!

One of the things I really missed when Attrition.org stopped archiving
defacements was the mailing that was sent out whenever some party
decided to deface a site.

Two of my favorites were the defaced-alpha and the defaced-.mil/.gov
lists which were basically the same list. Whenever someone defaced
either a .int, .gov, or .mil Attrition would send out a alert for all
those lucky parties that got stuck with the Skytel or Blackberry pager
for that week and had to react on that news. (Be it securing,
prosecuting, doing the forensics, or kicking in the door of whoever
was dumb enough to deface websites from home. (: )

I didn't have to worry about any of that, but if I was teaching on a
day when an alert was sent out, it would really nail the point home
about the consequence sloppy security.

If you weren't on the Defaced-Alpha list, basically the alerts
included who was defaced, who defaced it, the URL, and where it's
archived.

Since Alldas.de decided to take over the defacement mirrors from
Attrition, they are now doing alerts of defacements. So with that I
thought I would try out their .gov list, & .mil list, initally I
didn't like the lists since I had the alerts sent to both my Nokia
phone and my Palm VIIx and because of one line in the alert I couldn't
read the message on my phone.

A little note to their helpdesk about this, and they moved the
offending line towards the bottom of the alert, so now on my Nokia I
can see who was defaced, the defacer, and the IP address of the site,
on my Palm VIIx I can see the whole alert, which is nice.

I can now highly recommend these lists if you are really interested in
a .TLD breakdown of defaced websites in your mailbox, or need to know
when specific .TLD's are defaced for your alpha pager.

http://defaced.alldas.de/ml/?archives=ml

While Alldas doesn't really have an Alpha list, this is how I've got
the list configured for my phone & Palm.

Click the .TLD that you wish to monitor, enter your e-mail address, &
click on the box, you might have to mail: ml-manager () defaced alldas de
if you are using a forwarding service for your paging devices and
can't reply back to the mailing list request.

Cool, eh?

Cheers!

William Knowles
wk () c4i org




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: