---------- Forwarded message ---------- Date: Mon, 21 May 2001 05:42:44 -0600 (MDT) From: security curmudgeon <jerichoat_private> To: defaced-commentaryat_private Subject: [defaced-commentary] ATTRITION: Evolution ATTRITION: Evolution Definition Attrition.org is a non-profit hobby site run by a handful of volunteers in their free time. Each staff member at Attrition has a day job that takes a considerable amount of time, as well as other hobbies, and a social life (despite popular rumor). Over the last two years, the site has moved from a few random specialty pages to an archive of over seven gigs of diverse material and specialized content. With no corporate backing, no income, no 'guidance', no leash and no muzzle, Attrition continued to move in a direction that values truth and bluntness over sugar coated words and fluff. Decision One of the most predominant sections of Attrition has been the defacement mirror. What began as a small collection of web site defacement mirrors soon turned into a near 24/7 chore of keeping it up to date. In the last month, we have experienced single days of mirroring over 100 defaced web sites, over three times the total for 1995 and 1996 combined. With the rapid increase in web defacement activity, there are times when it requires one of us to take mirrors for four or five hours straight to catch up. Add to that the scripts and utilities needed to keep the mirror updated, statistics generated, mail lists maintained, and the time required for basic functionality is immense. A "hobby" is supposed to be enjoyable. Maintaining the mirror is becoming a thankless chore. During this time, we have struggled to keep up various other sections of Attrition that have been a core part of the site. As the mirror grew and began to consume more resources, the other sections have found themselves on the backburner and rarely updated. In essence, what was once a hobby site run in spare time for fun has turned into a beleaguring second job. A job that comes with more headache, complaints, criticisms, slander and attacks than productive output or reward. In two years we have turned away countless computer security work that could have been fulfilled by a number of us. The abuse and ignorance we deal with from defacers and defacement victims is staggering, and some of that abuse spills over into actual attacks. Attrition has been taken down more than once by massive denial of service attacks which have inconvenienced our generous upstream provider, hundreds of other colo customers, and thousands of dialup customers, making our job even more difficult. With that, the mirror will no longer be maintained. We've served our time. Direction As the mirror itself is phased out, several aspects of the process will remain. One of the most useful and practical resources spawned from the mirror are the statistics generated. It is our intention to continue to perform statistical analysis of defacements by utilizing the Alldas mirror. We have already begun sharing incoming defacement notifications with them to help facilitate the accurate and consistent mirroring of sites as we learn of them. We will also continue to provide commentary and articles on high profile defacements, significant trends or other activity that warrants attention. Resurrection and revamping of our Errata section should happen in the short term. It has been an oft overlooked resource despite the infrequent updates. With security and hackers becoming ever more popular with the press outlets, the need for vigilance is growing. It is important for members of the security community to be aware of journalists and news outlets more interested in flashy headlines and a quick buck. The various subsections of our security page will continue to be updated including more guides to implementing security, testing security, forensics, incident response and more. No doubt various staff members will continue to add to the 'rants' page as time goes on. Several other areas such as the image gallery, music reviews, movie reviews, poetry, contests, and the ever popular 'Going Postal' will now receive more attention. Dedication As more and more hours were dedicated to running the mirror, the feeling of burnout crept into a few of us. Despite this, it is our intention that we stay dedicated to Attrition and improving it on a daily basis. This doesn't mean there will be new visible content on the news page every day. It does mean that every day we will be working on one aspect of the site or another. Often times this is done by answering mail, developing small utilities to help improve the quality of administrative life, or something else not visible to the web site. We are evolving, bear with us - and we'll continue to provide the community with the quality content it's come to expect, just in a different package. - The information and commentary is Copyright 2001, by the individual author. Permission is granted to quote, reprint or redistribute provided the text is not altered, and the author and attrition.org is credited. The opinions expressed in this mail are not necessarily the opinion of all Attrition staff members. Commentary Archive: http://www.attrition.org/security/commentary/ The Attrition Mirror: http://www.attrition.org/mirror/attrition/ Country/TLD Statistics: http://www.attrition.org/mirror/attrition/country.html Attrition Defacement Statistics: http://www.attrition.org/mirror/attrition/stats.html Operating System Graphs: http://www.attrition.org/mirror/attrition/os-graphs.html Other Web Defacement Mailing Lists: http://www.attrition.org/security/lists.html Contacting Attrition Staff: staffat_private To subscribe to Defaced Commentary, send mail to majordomoat_private with "subscribe defaced-commentary" in the BODY of the mail (without quotes). To unsubscribe, include "unsubscribe defaced-commentary" in the BODY of the mail. ISN is hosted by SecurityFocus.com --- To unsubscribe email isn-unsubscribeat_private
This archive was generated by hypermail 2b30 : Mon May 21 2001 - 23:05:36 PDT