[defaced-commentary] Web vandalism contest results unclear

[InfoSec News <isn () c4i org>]

---------- Forwarded message ----------
Date: Sun, 6 Jul 2003 20:49:35 -0400 (EDT)
From: security curmudgeon <jericho () attrition org>
To: defaced-commentary () attrition org
Subject: [defaced-commentary] Web vandalism contest results unclear


[Visit treachery.net or attrition.org to see the spoof.]


Web vandalism contest results unclear

http://news.com.com/2100-1002_3-1023295.html?tag=fd_top

By Robert Lemos
Staff Writer, CNET News.com
July 6, 2003, 5:05 PM PT

Unknown attackers downed the largest recorder of Web site defacements
on Sunday, the same day that vandals had been thought to be planning
an online graffiti contest.

The attack left the security site Zone-H.org mostly inaccessible until
late Sunday and the effects of the contest largely in dispute. While
some 500 Internet addresses corresponding to defaced Web sites were
submitted to Zone-H.org, the intermittent accessibility of the site
meant that hundreds, if not thousands, more may have not been
recorded.

"We'll likely know over the next 36 hours," Roberto Preatoni, founder
and editor of Zone-H, wrote Sunday during an Internet chat with CNET
News.com.

Word of the contest spread quickly late last week after news reports
and security company Internet Security Systems publicized the event. A
Web site called the Defacers' Challenge urged online vandals to crack
into as many Web sites as possible on Sunday and report the
defacements to Zone-H, a neutral third party.

While Preatoni expected between 20,000 and 30,000 registrations of
hacked sites Sunday, far fewer came in. The lack of response, while
apparently due to the trouble that scofflaws had in contacting Zone-H,
could also be an indication that the rash of Web site attacks was
mainly a flop.

Zone-H.org is best known for its database archiving the snapshots of
Web sites that have been defaced. The Web site had to open an
alternative page for taking submissions for the contest. Preatoni said
he normally sees anywhere between 1,000 and 3,000 Web site defacements
on any given Sunday.

Because of the problems encountered by Zone-H.org, the person running
the challenge--a person using the handle "Eleonora(67)"--extended the
contest another 24 hours.

While chaos apparently stymied defacers' attempt at anarchy, many
security researchers criticized the amount of attention the event
received in the first place.

A group of security sites, including the former defacement archive
Attrition.org, lampooned the security industry and several government
organizations for taking the contest so seriously.

In fake defacements of six Web sites, titled "I panicked over the
Defacement Challenge scare and all I got was this lousy defacement,"
the experts stressed that attacks happen all the time. Moreover, they
added that the contest, which grants the winner a prize of lackluster
500 MB of storage on the Web, would not be taken seriously by the
majority of security researchers and hackers.

"We are basically saying that you should secure your systems like you
always do," said Richard Forno, author, independent security
consultant and a participant in the lampoon. "If you are any time of
IT (information technology) or security professional, this shouldn't
scare you."

-
The information and commentary is Copyright 2003, by the individual
author. Permission is granted to quote, reprint or redistribute
provided the text is not altered, and the author and attrition.org is
credited. The opinions expressed in this mail are not necessarily the
opinion of all Attrition staff members.

Commentary Archive: http://www.attrition.org/security/commentary/
The Attrition Mirror: http://www.attrition.org/mirror/attrition/
Country/TLD Statistics: http://www.attrition.org/mirror/attrition/country.html
Attrition Defacement Statistics: http://www.attrition.org/mirror/attrition/stats.html
Operating System Graphs: http://www.attrition.org/mirror/attrition/os-graphs.html

Other Web Defacement Mailing Lists: http://www.attrition.org/security/lists.html
Contacting Attrition Staff: staff () attrition org

To subscribe to Defaced Commentary, send mail to majordomo () attrition org
with "subscribe defaced-commentary" in the BODY of the mail (without
quotes). To unsubscribe, include "unsubscribe defaced-commentary" in
the BODY of the mail.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.