[ISN] Stuph for 8.8.01

From: InfoSec News (isnat_private)
Date: Wed Aug 08 2001 - 01:42:10 PDT

  • Next message: InfoSec News: "[ISN] How to fix your hosed Cisco 675 Router - Especially after attack by Code Red Virus"

    Hello all!
    One of the things I really missed when Attrition.org stopped archiving
    defacements was the mailing that was sent out whenever some party
    decided to deface a site.
    Two of my favorites were the defaced-alpha and the defaced-.mil/.gov
    lists which were basically the same list. Whenever someone defaced
    either a .int, .gov, or .mil Attrition would send out a alert for all
    those lucky parties that got stuck with the Skytel or Blackberry pager
    for that week and had to react on that news. (Be it securing,
    prosecuting, doing the forensics, or kicking in the door of whoever
    was dumb enough to deface websites from home. (: )
    I didn't have to worry about any of that, but if I was teaching on a
    day when an alert was sent out, it would really nail the point home
    about the consequence sloppy security.
    If you weren't on the Defaced-Alpha list, basically the alerts
    included who was defaced, who defaced it, the URL, and where it's
    Since Alldas.de decided to take over the defacement mirrors from
    Attrition, they are now doing alerts of defacements. So with that I
    thought I would try out their .gov list, & .mil list, initally I
    didn't like the lists since I had the alerts sent to both my Nokia
    phone and my Palm VIIx and because of one line in the alert I couldn't
    read the message on my phone.
    A little note to their helpdesk about this, and they moved the
    offending line towards the bottom of the alert, so now on my Nokia I
    can see who was defaced, the defacer, and the IP address of the site,
    on my Palm VIIx I can see the whole alert, which is nice.
    I can now highly recommend these lists if you are really interested in
    a .TLD breakdown of defaced websites in your mailbox, or need to know
    when specific .TLD's are defaced for your alpha pager.
    While Alldas doesn't really have an Alpha list, this is how I've got
    the list configured for my phone & Palm.
    Click the .TLD that you wish to monitor, enter your e-mail address, &
    click on the box, you might have to mail: ml-managerat_private
    if you are using a forwarding service for your paging devices and
    can't reply back to the mailing list request.
    Cool, eh?
    William Knowles
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Wed Aug 08 2001 - 05:57:08 PDT