homepage Welcome to WebmasterWorld Guest from 54.227.182.191
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Subscribe to WebmasterWorld

Home / Forums Index / Local / Foo
Forum Library, Charter, Moderators: incrediBILL & lawman

Foo Forum

    
The Reg has been hacked
glitterball




msg:4358580
 7:50 pm on Sep 4, 2011 (gmt 0)

It would seem that the register.co.uk has been defaced.

 

wheel




msg:4358584
 8:11 pm on Sep 4, 2011 (gmt 0)

Too bad,that's a great site.

In good news, it seems like the UK police are starting to grab people like this and lock them up. About time, I'd like to live in a world where hackers had the serious likelihood of jailtime for practicing.

tangor




msg:4358587
 8:30 pm on Sep 4, 2011 (gmt 0)

Yikes! I was there at 5am (my time) this morning. Just checked a few minutes ago and "can't reach site, try again in a few minutes). Then find this post at WW. Have no doubt that the weekend hit was intended (fewer people in the office).

robzilla




msg:4358596
 9:06 pm on Sep 4, 2011 (gmt 0)

Same goes for UPS, it seems. The servers weren't hacked, but the perpetrator changed the domains' nameservers somehow.

J_RaD




msg:4358638
 12:01 am on Sep 5, 2011 (gmt 0)


I'd like to live in a world where hackers had the serious likelihood of jailtime for practicing.


hacking isn't evil, its these types go around making a mess for no good reason.

tangor




msg:4358681
 6:34 am on Sep 5, 2011 (gmt 0)

Back on line... but no reports yet...

Frank_Rizzo




msg:4358728
 9:16 am on Sep 5, 2011 (gmt 0)

DNS hacked, not the sites themselves.

Serious issue for punters of betfair, or registered (cookie login details saved) users of sites such as dell, ups, telegraph.

Whilst there is no evidence yet that any of the sites were spoofed to garner login details the risk was there.

Note too that many hackers just do this for fun and bragging rights. What they are doing is, ironically, a good thing. They are exposing the weaknesses and flaws with major institutions who should know better.

In cases like this (if it was just a redirect to a defacement page) shows the worst case scenario of what can be done. This group just did the redirect to a defaced site and got their 15 minutes of fame.

Now what if, 2 weeks ago, a rogue group did exactly the same exploit but did not crow about it? What if they redirected users to spoof sites and gathered thousands of login details?

wheel




msg:4358769
 1:21 pm on Sep 5, 2011 (gmt 0)

If they put the people who did this in jail for a good long time, then in 2 weeks the next group will think long and hard about redirecting users to a spoof site. Right now there's no deterent.

pageoneresults




msg:4358798
 2:08 pm on Sep 5, 2011 (gmt 0)

Turkguvenligi managed to hack NetName's DNS servers through a SQL injection attack, which involves putting commands into a web-based form to see if the back-end database responds. If those commands aren't scanned for malicious code, an attacker could gain access to the system.


Turkish Hackers Strike Websites With DNS Hack
[PCWorld.com...]

Zone-H.org
[Zone-H.org...]

J_RaD




msg:4358818
 3:47 pm on Sep 5, 2011 (gmt 0)


If they put the people who did this in jail for a good long time, then in 2 weeks the next group will think long and hard about redirecting users to a spoof site. Right now there's no deterent.


then the DNS spoof bug would never be fixed. I don't like what they do but we don't have to drop the hammer on them as a murder 1 convict. The problem is this new hash of kiddies think that because they are behind a keyboard they think they are invisible and can get away with anything. I find it very odd that they are missing this most basic of steps.

I have never done such things in my past but.....

To catch a thief........



All great security pros lived another life, if they didn't they wouldn't be great. Its the double edged sword.

wheel




msg:4358831
 5:08 pm on Sep 5, 2011 (gmt 0)

Yeah, well I'm not big on the argument that criminals and vandals are somehow doing society some sort of service. The damage is still done.

And not all great security pros lived another life, any more than I have to be dead to sell life insurance or cops have to be crooks first. You've got a bunch of ridiculous arguments all in one post.

Frank_Rizzo




msg:4358865
 8:08 pm on Sep 5, 2011 (gmt 0)

Would you rather they just ran MITM attacks, or stole login credentials and then covered their tracks?

Because that's what the real thieves are doing.

Script kiddies are finding an insecure lock and just spray painting the walls. They are letting you know that others may have been in there previously, copied all your documents and left without trace.

This is what the antisec movement is about. They are exposing the totally inadequate security which large corporations, governments and military sites are using. They are exposing the security experts (whom are paid millions) as pure snake oil peddlers.

Yes, what the script kiddies are doing is an annoyance. But if your site is ever going to be hacked let it be hacked by someone who has just left a note on your front page and told you about it, rather than a thief in the night who stole your data and you never get to know about it.

Leosghost




msg:4358876
 9:23 pm on Sep 5, 2011 (gmt 0)

^^^ what he said ..I had a site on a shared hosting package on a server that was hacked about 10 years ago..the experience and the fact that the hackers left their tag..allowed me to follow them to a forum ..where I found them discussing how it was done..

I had trusted my host at the time to have done the job of securing the server properly ..they had not..

I moved host overnight .. taught me a lot ..about people selling hosting packages who have no tech knowledge at all, just a point and click interface..and who allow all kinds of crap on their servers ..with no idea how to protect them ..or who just don't really care ..

Same goes for DNS..

Nowadays..I want people who rent me servers or space who I can phone 24/7/365 ..and who answer the phone with the company name that sold me the space and the bandwidth ..Not some "open a ticket"..send an "email" outsourced support that deals with multiple "hosters"..

A "deface" is "a wake up call"..that a door was left open ..that others may have already been through, in the past, silently ..or might have been able to, in the future, silently, without you ever knowing.

wheel




msg:4358878
 9:28 pm on Sep 5, 2011 (gmt 0)

Where I live there's basically no crime. We rarely lock our doors, frequently when we're not even home. I've returned home and found front doors wide open, garage door wide open, and kids playing down the street. I don't lock my car doors in the parking lots at the mall. The neighbor's teenage daughter jogs around the block at 11pm.

It's horrible. You know what would help? Some break and enters. That'd be great, remind us all how poor our security is. Yeah, that'd be wonderful - thanks folks for the lesson. Because they'd be doing us a favor, reminding us to lock our doors and not go out after dark.

g1smd




msg:4358884
 9:41 pm on Sep 5, 2011 (gmt 0)

Not the same comparison at all, because with the internet they can break in from the other side of the world, and while you're in.

Leosghost




msg:4358886
 9:52 pm on Sep 5, 2011 (gmt 0)

I live in the same kind of place..and do the same kind of things ..and for 15 years living on the Côte d'azur..also didn't lock my doors and on hot nights left them open...and slept...still do here..never lock the doors when we go out..

Have the good fortune to live in places where people care about those around them.

Hosters are a different matter..most are too busy counting the money to care about the service.


as g1smd said ..the two things do not compare..

wheel




msg:4358900
 11:30 pm on Sep 5, 2011 (gmt 0)

They compare fine, it illustrates exactly the point. it's the same argument that criminals somehow are doing any kind of service. What hogwash.

Leosghost




msg:4358908
 12:09 am on Sep 6, 2011 (gmt 0)

Well in that case we should probably just take off and nuke them and their families from orbit ..its the only way to be sure ..

I'll bring the biscuits..you'll bring the ...

lucy24




msg:4358909
 12:18 am on Sep 6, 2011 (gmt 0)

How 'bout this way.

You leave for a long vacation, and in the excitement of the moment forget to close your back door. By and by a neighbor notices, closes and locks the door. And then leaves on a vacation of his own, overlapping your own absence, or simply forgets all about it.

If they leave a note on your kitchen counter saying "I locked the door on such-and-such date", you are alerted to the possibility of Something Bad having happened before then. If not, you may never know that you left the door open. Until months later, when you look for a special piece of jewelry and find the box empty.

Then again, if the kind neighbor had a warped sense of humor they would lock the door-- but only after rearranging your furniture, adjusting the curtains and putting your pictures upside-down.

J_RaD




msg:4359070
 2:55 pm on Sep 6, 2011 (gmt 0)


And not all great security pros lived another life,


I said great ones, and yes if you don't think like one you'll never be 1 step ahead of one.

wheel you are obviously still pretty ripped over what was done to you in the past.

Planet13




msg:4360097
 5:54 pm on Sep 8, 2011 (gmt 0)

Removed by poster

Habtom




msg:4360313
 2:17 am on Sep 9, 2011 (gmt 0)

A registrar hacked through SQL injection -- that is unsettling.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Local / Foo
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved