Re: defaced websites and the like

From: Alan Clegg (alan@clegg.com)
Date: 04/26/01 

Date: Wed, 25 Apr 2001 21:06:21 -0400
From: Alan Clegg <alan@clegg.com>
To: mudman <mudman@R181204.resnet.ucsb.edu>

Unless the network is lying to me again, mudman said:

> Maybe as a good follow up, would using one OS over another OS change
> the risk assessment for this kind of thing? (although I admit this last
> question would take into account a lot of different variables)

I hate to toot my own horn, but... *TOOT*

Check out http://www.attrition.org/mirror/attrition/ for a relatively
comprehensive list of defacements, including breakdowns (and graphs)
by OS, web server type, etc... for example:

        http://www.attrition.org/mirror/attrition/os.html#APRIL2001

While I'm not part of the attrition team, I do now host their defacement
mailing list. To be advised of defacements as they are "snapshotted",
send an e-mail to:

                defaced-l-subscribe@mailinglists.org

Each annoucement includes the type of system defaced (OS), web service
running (apache, IIS, etc etc), and the "group" that did the defacement.

There is also a link back to the attrition mirror so you can see what
the defaced page looked like even after the owner 'fixes' the problem.

AlanC

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message