Hackers taste their own medicine

Sunday, July 6th witnessed a mass hacking contest in which thousands of websites were attacked in a loosely coordinated effort to disrupt Internet traffic. A website named defacers-challenge.com declared that the contest aims to deface up to 6,000 websites within six hours. A perfect end to a quiet Sunday for CTOs worldwide.

Contestants gained points for compromised machines. Windows servers fetched one point, and HP-UX and Macintosh servers fetched five. The award was supposedly 500 MB of online storage, free hosting services, Web mail, unlimited e-mail forwarding, and a domain name of choice.

Here are a few technical guidelines suggested by Captain Raghu Raman, Global Practice Head, Mahindra Consulting Special Services Group to tighten network security. A hacker's contest or not, it pays to be secure anyway. Happy Sundays, everyone.

• Make sure that default passwords are changed. This should include Web servers and any other servers that the Web server has a trusted relationship with.
• Remove sample applications that aren't used anymore like CGI scripts and Active Server Pages, from Web servers.
• Lock down Microsoft Front Page Extensions. By default, those extensions are installed in a manner that gives every user the ability to author Web pages, even through proxy servers. This recommendation also applies to Front Page Extensions installed on Unix platforms.
• Turn Web server logging on. Logs are essential to determining how a defacement was accomplished so a recurrence can be prevented. Use of the extended log format is recommended.
• Have a current backup of your Web server. In the event of defacement, a good backup is essential to quickly restore the server to its original status.
• Apply the latest security patches to your Web server and underlying operating system after appropriate testing.

After the contest was over, the organizers saw that Zone-h.org, the Website designated to keep score of the hackers' progress was brought to its knees by a massive Distributed Denial of Service (DDoS) attack. A classic case of wrong-doers getting taste of their own medicine. This DDoS attack flooded the site with 900 Mbps of sustained traffic. It supposedly came from a group of Brazilian hackers unhappy about the contest.