---------- Forwarded message ---------- Date: Wed, 27 Jun 2001 02:15:29 -0600 (MDT) From: security curmudgeon <jerichoat_private> To: defaced-commentaryat_private Subject: [defaced-commentary] Alldas.de Defacement Mirror .. Defaced On Tuesday June 26, 2001, a hacker named 'ThePike' managed to deface the European defacement mirror Alldas.de. Visitors to the site saw a modified news banner on the left side saying "ALLDAS GOT CRACKED! READ IT HERE". The front page was modified to include a small rant/message from the defacer regarding current defacement activity. His message warned other defacers that "security is not something funny" and cautioned would-be defacers about using their scripts to deface companies that rely on data security. For details on the defacement from Alldas: See http://www.alldas.de/?doc=news#11 For a mirror and the full text message left: http://defaced.alldas.de/mirror/2001/06/26/defaced.alldas.de/ It is interesting to note the amount of commands the attacker attempted to run and the likelihood that he shared the exploit with others. Given the command attempts came from 10 different IP addresses, one might wonder about the intentions of the OTHER people involved. Security web site Security.NL was contacted by someone, possibly from whiskunde.org, believed by some to be involved in the defacement. Security.NL posted an article (in Dutch) about the defacement, as well as mirror and screenshots: screenshots: http://www.security.nl/content.php3?page=reactie&id=2099&0 mirror: http://www.security.nl/misc/alldas.html Securitywatch article on the incident: http://www.securitywatch.com/New/fr_news_0_bugs.html It is refreshing to see Alldas.de provide details of the incident as well as make a mirror available on their site. It is that kind of integrity and honesty that is needed in the security community. - The information and commentary is Copyright 2001, by the individual author. Permission is granted to quote, reprint or redistribute provided the text is not altered, and the author and attrition.org is credited. The opinions expressed in this mail are not necessarily the opinion of all Attrition staff members. Commentary Archive: http://www.attrition.org/security/commentary/ The Attrition Mirror: http://www.attrition.org/mirror/attrition/ Country/TLD Statistics: http://www.attrition.org/mirror/attrition/country.html Attrition Defacement Statistics: http://www.attrition.org/mirror/attrition/stats.html Operating System Graphs: http://www.attrition.org/mirror/attrition/os-graphs.html Other Web Defacement Mailing Lists: http://www.attrition.org/security/lists.html Contacting Attrition Staff: staffat_private To subscribe to Defaced Commentary, send mail to majordomoat_private with "subscribe defaced-commentary" in the BODY of the mail (without quotes). To unsubscribe, include "unsubscribe defaced-commentary" in the BODY of the mail. ISN is hosted by SecurityFocus.com --- To unsubscribe email isn-unsubscribeat_private
This archive was generated by hypermail 2b30 : Wed Jun 27 2001 - 01:31:33 PDT