Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: Spiff
It doesn't take very many people to hack that many websites. It just takes website administrators who don't secure their websites and keep their servers updated with the latest security patches. With the automated vulnerability scanning and exploitation tools available today and so many unpatched, unprotected websites, it is not too hard to hack and deface a large number of them.

It relies on the web masters to use Microsoft products. That much seems believable.

But mounting this level of attack requires planning, and multiple attackers, and would have happened much earlier (years ago) if it was as easy as you indicate.

There are automated bots out there which would have long since discovered these vulnerable machines if they were simply cases of unpatched machines.

The problem of unpatches machines largely affects ma and pa polyester, but most businesses either a) don't host their own site, or b) use automatic patching which even lethargic Microsoft has finally taked seriously.

Note he attacks were not random, they were targeted toward Danish and western sites. Picking vulnerable servers randomly would not yield such fine control.

So either the story is overblown (which one can never discount these days) or they had help. Rampaging muslims running up and down the streets just don't have the methods, knowledge or resources.

21 posted on 02/20/2006 7:17:00 AM PST by adamsjas
[ Post Reply | Private Reply | To 13 | View Replies ]

To: adamsjas
It relies on the web masters to use Microsoft products. That much seems believable.

Zone-H's own stats state differently:

By Operating System:
 
    Linux     57.3%    
    Win 2000     19.6%    
    Win 2003     9.6%    
    FreeBSD     3.8%    
    Win NT9x     2.8%    
    Unknown     2.4%    
    SolarisSunOS     1.6%    
    Windows     1.4%    
    MacOSX     0.3%    
    AIX     0.2%    
    IRIX     0.2%    
    BSDOS     0.1%    
    Remaining     0.7%    

It is just as easy to hack an unprotect, unpatched Linux-based webserver as it is to hack an Windows-based one. The difference is that once you own a Linux box, you really own it as you can do everything from the command line. With a Windows box there's a great many things that can't be done from the command line so it can actually be a more complex operation to do whatever you want on an exploited Windows box. I also think that the misconception about Linux somehow being more secure leads many administrators to go with Linux but not keep it properly patched and secured. I think this has contributed to the high number of defaced Linux systems compared to Windows systems.

I use both Windows and Linux. My notebook is dual-boot with Windows XP and Suse 10.0 (just changed it over the weekend from Mandriva Linux). Plus, I use a number of LiveCD Linux Distros for various purposes.

24 posted on 02/20/2006 7:32:04 AM PST by Spiff ("They start yelling, 'Murderer!' 'Traitor!' They call me by name." - Gael Murphy, Code Pink leader)
[ Post Reply | Private Reply | To 21 | View Replies ]
To: adamsjas
I did some checking at Zone-H, and in your favor I found that almost all of the defacements in the Danish top level domain .DK were done against Windows boxes.

I also found that many of the e-Jihad type stuff was done pretty randomly to systems all around the world and I did identify one group doing it who claimed to be Turkish.

26 posted on 02/20/2006 7:53:08 AM PST by Spiff ("They start yelling, 'Murderer!' 'Traitor!' They call me by name." - Gael Murphy, Code Pink leader)
[ Post Reply | Private Reply | To 21 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson