To be fair, there are many other ways to crack a site other than simple
defacements. Most hard-core crackers aren't interested in defacing a site
or even compromising a web server. Most companies avoid reporting
intrusions/server compromises making it difficult (if not impossible) to
determine the extent of damage.
From: B.K. DeLong <email@example.com>
To: firstname.lastname@example.org <email@example.com>
Sent: Fri Apr 27 08:31:04 2001
Subject: Re: [Fwd: chinese hackers]
At 06:25 AM 04/27/2001 -0400, you wrote:
> "To date, hackers already have unlawfully defaced a number of
>U.S. web sites, replacing existing content with pro-Chinese or
>anti-U.S. rhetoric. In addition, the NIPC previously reported on an
>Internet worm named "Lion" that is infecting computers and installing
>distributed denial of service (DDOS) tools on various systems.
>Analysis of the Lion worm's source code reveals that, when illegally
>exploited, it sends password files from the victim site to an email
>address located in China. For more information on the Lion DDOS tool,
>refer to NIPC Advisory 01-005.
Oh for crying out loud. I really hope it wasn't the NIPC that reported all
the Chinese defacements.If you look at the stats, China has been getting
slammed themselves of late. The interesting thing is that China has
already been claiming to be attacking American sites yet we as well
as other defacement mirrors have not seen the huge amount of hacked
Web sites China is claiming. (Personally, I haven't seen ANY) And we mirror
almost all defacements short of dialups, mail servers and sites that
didn't have a Web server to begin with.
So the claims of Chinese hackers that the US govt NOT reporting defacements
is a load of crap. They rely on Attrition and other defacement sites to
report it for them and the Chinese are certainly not letting us know- it's
not like we're some deep dark secret.
-- B.K. DeLong firstname.lastname@example.org 617.877.3271
http://www.brain-stream.com Play. http://www.the-leaky-cauldron.org Potter. http://www.attrition.org Security. http://www.zotgroup.com Work. http://www.artemisiabotanicals.com Herb.
This archive was generated by hypermail 2b29 : Sun Apr 29 2001 - 20:26:16 PDT