Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Hack Attack on Men's News Daily
Men's News Daily ^ | 17 December 2004 | Self

Posted on 12/17/2004 1:02:48 PM PST by mrustow

click here to read article


Navigation: use the links below to view more comments.
first previous 1-2021-4041-53 next last
To: Prime Choice

Thanks, but your entry for "hacker" is incomplete. You only quoted positive definitions.


21 posted on 12/17/2004 2:59:36 PM PST by mrustow ("And when Moses saw the golden calf, he shouted out to the heavens, 'Jesus, Mary, and Joseph!'")
[ Post Reply | Private Reply | To 19 | View Replies]

To: healey22; HiTech RedNeck; Patriot76; blam; L.N. Smithee; fella; MissAmericanPie; glc1173@aol.com; ..

Hacker Devil Zing!


22 posted on 12/17/2004 3:02:49 PM PST by mrustow ("And when Moses saw the golden calf, he shouted out to the heavens, 'Jesus, Mary, and Joseph!'")
[ Post Reply | Private Reply | To 21 | View Replies]

To: Doctor Raoul; Lurker; Lexington Green; mickie; van helsing; AmericanVictory; Octar; holden; ...

Hacker Devil Zing!


23 posted on 12/17/2004 3:08:28 PM PST by mrustow ("And when Moses saw the golden calf, he shouted out to the heavens, 'Jesus, Mary, and Joseph!'")
[ Post Reply | Private Reply | To 22 | View Replies]

To: Doctor Who?; Standing Wolf; LiberalBuster; Josiah6; NoControllingLegalAuthority; bullpuck; ...

Hacker Devil Zing!


24 posted on 12/17/2004 3:10:42 PM PST by mrustow ("And when Moses saw the golden calf, he shouted out to the heavens, 'Jesus, Mary, and Joseph!'")
[ Post Reply | Private Reply | To 23 | View Replies]

To: mrustow
Thanks, but your entry for "hacker" is incomplete. You only quoted positive definitions.

No, it's complete. Only ignorant people refer to crackers and scriptkiddies as "hackers."

25 posted on 12/17/2004 3:13:30 PM PST by Prime Choice (Merry Christmas and a Happy New Year! ...And no, my powers can only be used for Good.)
[ Post Reply | Private Reply | To 21 | View Replies]

To: skeeter; Ditto; Owen; fnord; NicoleGTalum; dirtboy; KLT; Reschev; cookcounty; wheels; ...

Hacker Devil Zing!


26 posted on 12/17/2004 3:14:04 PM PST by mrustow ("And when Moses saw the golden calf, he shouted out to the heavens, 'Jesus, Mary, and Joseph!'")
[ Post Reply | Private Reply | To 24 | View Replies]

To: Prime Choice
Thanks, but your entry for "hacker" is incomplete. You only quoted positive definitions.

No, it's complete. Only ignorant people refer to crackers and scriptkiddies as "hackers."

It's incomplete; only a dishonest person would refer to hackers exclusively in positive terms.

27 posted on 12/17/2004 3:18:16 PM PST by mrustow ("And when Moses saw the golden calf, he shouted out to the heavens, 'Jesus, Mary, and Joseph!'")
[ Post Reply | Private Reply | To 25 | View Replies]

To: TomMix; innocentbystander; Hodar; DonQ; TLBSHOW; NorthernRight; sandmanbr; NoClones; sneakypete; ...

Hacker Devil Zing!


28 posted on 12/17/2004 3:19:24 PM PST by mrustow ("And when Moses saw the golden calf, he shouted out to the heavens, 'Jesus, Mary, and Joseph!'")
[ Post Reply | Private Reply | To 27 | View Replies]

To: MineralMan
Is the site self-hosted or is it hosted by another company?

MensNewsDaily.com is virtually hosted on a multi-host system run by hostway.com.

sasumata$ nslookup www.mensnewsdaily.com
Server:         localhost
Address:        127.0.0.1

Name:   www.mensnewsdaily.com
Address: 64.41.127.150

sasumata$ whois -h whois.arin.net 64.41.127.150

OrgName:    Hostway Corporation 
OrgID:      HSWY
Address:    1 N. State St.
City:       Chicago
StateProv:  IL
PostalCode: 60602
Country:    US

NetRange:   64.41.64.0 - 64.41.127.255 
CIDR:       64.41.64.0/18 
NetName:    HOSTWAY-05
NetHandle:  NET-64-41-64-0-1
Parent:     NET-64-0-0-0-0
NetType:    Direct Allocation
NameServer: NS.SITEPROTECT.COM
NameServer: NS2.SITEPROTECT.COM
Comment:    
RegDate:    2001-02-15
Updated:    2001-05-14

TechHandle: AN94-ARIN
TechName:   Administrator Network 
TechPhone:  +1-312-994-7690
TechEmail:  noc@hostway.com 

OrgTechHandle: AN94-ARIN
OrgTechName:   Administrator Network 
OrgTechPhone:  +1-312-994-7690
OrgTechEmail:  noc@hostway.com

29 posted on 12/17/2004 3:20:14 PM PST by Prime Choice (Merry Christmas and a Happy New Year! ...And no, my powers can only be used for Good.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: mrustow
It's incomplete; only a dishonest person would refer to hackers exclusively in positive terms.

Alright, sport. Let's see your computer security credentials. Put up or shut up.

30 posted on 12/17/2004 3:20:54 PM PST by Prime Choice (Merry Christmas and a Happy New Year! ...And no, my powers can only be used for Good.)
[ Post Reply | Private Reply | To 27 | View Replies]

To: JoJo Gunn

Love your handle. How did you manage to freeze the screen, and copy and post it? I've seen this before, but never asked anyone how it's done.


31 posted on 12/17/2004 3:23:56 PM PST by mrustow ("And when Moses saw the golden calf, he shouted out to the heavens, 'Jesus, Mary, and Joseph!'")
[ Post Reply | Private Reply | To 7 | View Replies]

To: Prime Choice

nothing wrong with php...

however front page server extensions are an open door to most proficient crackers.

who would dare try to corrupt the prototypical php, mysql, apache trinity by mixing in pathetic offerings from microslop?

... and think it would stand for any length of time.


32 posted on 12/17/2004 3:26:48 PM PST by Robert_Paulson2 (real republicans WIN.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: MineralMan

my guess?
they used front page extensions to hack and overflow the memory buffer, and used the open priviledges to change the ownership, password and access parameters to RWX --- ---.

the server people cannot even READ the raw files.

and since they are on a virtual host, there is no way to do anything but kill the server AFTER they transfer all of the other sites to another one.

and that takes time especially if they are running 'enterprise' systems for businesses on the same server... the security piplelines will allhave to be rewritten, and the real danger, is that root has been sacrificed on the alter of multiple virtual hosting... and that they may not even be able to run a backup tape on the machine, before pulling the plug.

and the hackers may be using that to compromise the other sites on that server.

just my guess, and probably WRONG.


33 posted on 12/17/2004 3:32:03 PM PST by Robert_Paulson2 (real republicans WIN.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: Prime Choice
It's incomplete; only a dishonest person would refer to hackers exclusively in positive terms.

Alright, sport. Let's see your computer security credentials. Put up or shut up.

Wrongo, "sport." Since I never claimed to be a "computer security" expert, there's nothing for me to put up or shut up about. Are you a tenured professor? If not, you should be. You play projection, deflection, diversion and intimidation games like the holder of an endowed chair. You don't get to frame a discussion to your liking, and then intimidate anyone who refuses to accept your frame.

34 posted on 12/17/2004 3:32:24 PM PST by mrustow ("And when Moses saw the golden calf, he shouted out to the heavens, 'Jesus, Mary, and Joseph!'")
[ Post Reply | Private Reply | To 30 | View Replies]

To: Robert_Paulson2
nothing wrong with php...

PHP version 4.3.9 is vulnerable to meta character attacks. The bug could enable an attacker to read arbitrary files from the filesystem of a webserver that hosts PHP scripts.

In addition PHP versions 4.3.6 until 4.3.9 as well as PHP versions 5.0.0 until 5.0.2 contain a bug that enables an attacker to manipulate the file name of uploaded files to perform directory traversal.

These forms of attack can be used to leverage access to the system.

however front page server extensions are an open door to most proficient crackers.

That's why I always referred to it as "Front Plague." ;o)

who would dare try to corrupt the prototypical php, mysql, apache trinity by mixing in pathetic offerings from microslop?

It's a mystery to me!

35 posted on 12/17/2004 3:38:09 PM PST by Prime Choice (Merry Christmas and a Happy New Year! ...And no, my powers can only be used for Good.)
[ Post Reply | Private Reply | To 32 | View Replies]

To: mrustow
Since I never claimed to be a "computer security" expert, there's nothing for me to put up or shut up about.

Bull. You were spouting your ignorant tripe that the definition of hacker thus far provided was incomplete. Thus you were insisting that you had more knowledge on the subject. When I pointed out that your views were based on ignorance, you claimed I was dishonest.

So, punk: put up or shut up.

36 posted on 12/17/2004 3:39:39 PM PST by Prime Choice (Merry Christmas and a Happy New Year! ...And no, my powers can only be used for Good.)
[ Post Reply | Private Reply | To 34 | View Replies]

To: mrustow

To the right of F12 there's a button marked "print screen" or some similar abbreviation. You push it and the image is copied onto the clipboard, and can be opened/pasted with any image program.

I use Irfanview and XnView, a couple of freebie image programs, for most all of my dabbling, but you can do it with Windows Paint.

http://www.irfanview.com/

http://www.xnview.com/

To post it, there's several free sites. I used this one, a no frills place:

http://www.uploadyourimages.com/


37 posted on 12/17/2004 3:45:22 PM PST by JoJo Gunn (More than two lawyers in any Country constitutes a terrorist organization. ©)
[ Post Reply | Private Reply | To 31 | View Replies]

To: Robert_Paulson2
they used front page extensions to hack and overflow the memory buffer, and used the open priviledges to change the ownership, password and access parameters to RWX --- ---.

If that were the case, the directory would need to be owned by user 'nobody.' Since the defaced page is still being served up, I'd wager the permissions are more like chmod octal 0711 (or -rwx--x--x) which will allow readability of specified files, but not directory listings by an unprivileged account. (The root account should be able to read the directory regardless of said permissions, though.)

the server people cannot even READ the raw files.

Are they logged in as root? Also, are they using statically-compiled ls from a read-only medium?

38 posted on 12/17/2004 3:45:26 PM PST by Prime Choice (Merry Christmas and a Happy New Year! ...And no, my powers can only be used for Good.)
[ Post Reply | Private Reply | To 33 | View Replies]

To: mrustow

Addenda: if you want to copy a small window, such as a popup window, hold down "ALT" and click the print screen button. That way it captures the foreground image.


39 posted on 12/17/2004 3:47:39 PM PST by JoJo Gunn (More than two lawyers in any Country constitutes a terrorist organization. ©)
[ Post Reply | Private Reply | To 31 | View Replies]

To: mrustow; Sir Gawain; BrooklynGOP

Mens News got Pizzowned by l33tzorz h4xorz!!


40 posted on 12/17/2004 3:55:31 PM PST by Texaggie79 (Did I just say that?)
[ Post Reply | Private Reply | To 1 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-53 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson