[ISN] Stuph for 8.8.01

From: InfoSec News (isnat_private)
Date: Wed Aug 08 2001 - 01:42:10 PDT

Next message: InfoSec News: "[ISN] How to fix your hosed Cisco 675 Router - Especially after attack by Code Red Virus"

Previous message: InfoSec News: "[ISN] Feds: Spy Tool Is a Secret"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello all!

One of the things I really missed when Attrition.org stopped archiving
defacements was the mailing that was sent out whenever some party
decided to deface a site.

Two of my favorites were the defaced-alpha and the defaced-.mil/.gov
lists which were basically the same list. Whenever someone defaced
either a .int, .gov, or .mil Attrition would send out a alert for all
those lucky parties that got stuck with the Skytel or Blackberry pager
for that week and had to react on that news. (Be it securing,
prosecuting, doing the forensics, or kicking in the door of whoever
was dumb enough to deface websites from home. (: )

I didn't have to worry about any of that, but if I was teaching on a
day when an alert was sent out, it would really nail the point home
about the consequence sloppy security.

If you weren't on the Defaced-Alpha list, basically the alerts
included who was defaced, who defaced it, the URL, and where it's
archived.

Since Alldas.de decided to take over the defacement mirrors from
Attrition, they are now doing alerts of defacements. So with that I
thought I would try out their .gov list, & .mil list, initally I
didn't like the lists since I had the alerts sent to both my Nokia
phone and my Palm VIIx and because of one line in the alert I couldn't
read the message on my phone.

A little note to their helpdesk about this, and they moved the
offending line towards the bottom of the alert, so now on my Nokia I
can see who was defaced, the defacer, and the IP address of the site,
on my Palm VIIx I can see the whole alert, which is nice.

I can now highly recommend these lists if you are really interested in
a .TLD breakdown of defaced websites in your mailbox, or need to know
when specific .TLD's are defaced for your alpha pager.

http://defaced.alldas.de/ml/?archives=ml

While Alldas doesn't really have an Alpha list, this is how I've got
the list configured for my phone & Palm.

Click the .TLD that you wish to monitor, enter your e-mail address, &
click on the box, you might have to mail: ml-managerat_private
if you are using a forwarding service for your paging devices and
can't reply back to the mailing list request.

Cool, eh?

Cheers!

William Knowles
wkat_private




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
of the mail.

Next message: InfoSec News: "[ISN] How to fix your hosed Cisco 675 Router - Especially after attack by Code Red Virus"
Previous message: InfoSec News: "[ISN] Feds: Spy Tool Is a Secret"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Aug 08 2001 - 05:57:08 PDT