Sunday, July 6th
witnessed a mass hacking contest in which thousands
of websites were attacked in a loosely coordinated effort
to disrupt Internet traffic. A website named defacers-challenge.com
declared that the contest aims to deface up to 6,000
websites within six hours. A perfect end to a quiet
Sunday for CTOs worldwide.
points for compromised machines. Windows servers fetched
one point, and HP-UX and Macintosh servers fetched five.
The award was supposedly 500 MB of online storage, free
hosting services, Web mail, unlimited e-mail forwarding,
and a domain name of choice.
Here are a few
technical guidelines suggested by Captain Raghu Raman,
Global Practice Head, Mahindra Consulting Special Services
Group to tighten network security. A hacker's contest
or not, it pays to be secure anyway. Happy Sundays,
- Make sure that default passwords
are changed. This should include Web servers and any
other servers that the Web server has a trusted relationship
- Remove sample applications
that aren't used anymore like CGI scripts and Active
Server Pages, from Web servers.
- Lock down Microsoft Front
Page Extensions. By default, those extensions are
installed in a manner that gives every user the ability
to author Web pages, even through proxy servers. This
recommendation also applies to Front Page Extensions
installed on Unix platforms.
- Turn Web server logging
on. Logs are essential to determining how a defacement
was accomplished so a recurrence can be prevented.
Use of the extended log format is recommended.
- Have a current backup of
your Web server. In the event of defacement, a good
backup is essential to quickly restore the server
to its original status.
- Apply the latest security
patches to your Web server and underlying operating
system after appropriate testing.
After the contest
was over, the organizers saw that Zone-h.org, the Website
designated to keep score of the hackers' progress was
brought to its knees by a massive Distributed Denial
of Service (DDoS) attack. A classic case of wrong-doers
getting taste of their own medicine. This DDoS attack
flooded the site with 900 Mbps of sustained traffic.
It supposedly came from a group of Brazilian hackers
unhappy about the contest.