[Moderator: As I told Jason Storm, working on a server before hand constitutes more than "one hour" of working on it. Just because you don't do all of the hacking in one sitting doesn't mean the time wasn't spent. I still say that hacking 300 servers, OR doing what they did to 300 vhosts on a single server probably took more than an hour. For those of you saying "who cares", it is a matter of media being misleading or lying in order to make the story more dramatic.] Reply From: jason storm <swopet_private> > [Moderator: Unfortunately I replied without reading the entire > article. :) Yes, you can change 300 vhosted sites in an hour. > BUT, that brings up another mistake. Hacking a single server > with 300 vhosts doesn't qualify as a "mass attack" in my eyes.] In point of fact, hacking 300 servers in an hour is entirely feasable. It would be a matter of scanning the servers before hand, say for bind and qpopper vulnerablity, then simply running a perl script that went down a list of servers, rooting each, executing a simple ftp command from each to get a tar archive via ncftp from a anonymous server. Once the archive was downloaded, the server could then be told to untar the archive, perform a 'find / -name index.html', and selectively replace each one with an altered version from the archive. As mentioned, if the servers were trojaned before hand this would be no challenge at all, and wouldnt really constitute a 'mass hack' in my eyes. Btw, if this was posted two months ago, Id say it wasnt realistic. At the moment however, with so many distrubutions requiring vital upgrades to keep out even the most inept intruder, I consider this 300-hacks-per-hour proposal to be feasable. Anyone who claims such a scenario is beyond the skills of the media's beloved "average hacker" is woefully out of touch with the nature of net security as it stands. Jason Storm Admin, Negation Industries -o- Subscribe: mail majordomot_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:57:54 PDT