Forwarded by: cult hero <jericho@attrition.org>
William Knowles pointed me to www.realspy.com today, as they had
apparently changed their web page after a recent defacement.
Below is the message currently up on their server:
Due to hackers rewriting my pages from others websites, we will be
down for 1 to 2 weeks to reconfigure a hardware firewall and newly
designed web page.
We are sorry for this inconvenience
On another note, to all you harmfull hscker and crakers---YOU CAN KISS
MY ASS!
I am a member of the FBI's ANSIR program and I will be turning IP
address from my server logs over to them to (5-15-2000) today.
Just remember, don't pick up the soap!
This pathetic and unprofessional message demands several points be made.
Due to hackers rewriting my pages from others websites, we will be
down for 1 to 2 weeks to reconfigure a hardware firewall and newly
designed web page.
Perhaps this is how some companies reach exceptionally large damage
figures. Rather than hiring a security consultant for one day of work,
patching the hole and getting back to business, they use it as an excuse
to redesign the site. The charges associated with web design no doubt get
lumped into the 'hacker damage' figure. If the down time is 2 weeks to
"reconfigure" a hardware firewall, this shows a complete lack of technical
proficiency in applying basic security to a web site.
On another note, to all you harmfull hscker and crakers---YOU CAN KISS
MY ASS!
Great encouragement here. I am sure a 'real spy' would say exactly this.
You've already proven you are vulnerable and the computer criminals have
one upped you. Challenging them to do it again can only serve to hurt you
further and subject you to more attacks. Even if it is a trap with FBI
agents lying in wait, it is still taking away from your business. When the
next computer criminal breaches this site, do you think they will stop
with a simple web page defacement?
I won't even go into the whole 'hscker vs craker' debate.
I am a member of the FBI's ANSIR program and I will be turning IP
address from my server logs over to them to (5-15-2000) today.
This is an exceptional advertisement for the FBI ANSIR team, really. What
is ANSIR exactly, and what do they do?
http://www.fbi.gov/programs/ansir/ansir.htm
The program is designed to provide unclassified national security
threat and warning information to U.S. corporate security directors
and executives, law enforcement, and other government agencies.
Looking at a few of their advisories:
99-002 Upcoming Significant Anniversary Dates
99-007 China Cyber Activity Advisory
99-010 Well-publicized Hacker Activity Against U.S. Government Sites
Wow, what a truly relevant program to tout to hackers. Why not proclaim
your membership with a tennis club and threaten hackers with that too? In
case you aren't aware, ANYONE can report computer crime to the FBI. They
make it quite simple really. Here is a list of all their field offices in
case you'd like to report some crime yourself:
http://www.fbi.gov/fo/fo.htm
This of course begs the questions, why didn't ANSIR warn him about the
vulnerability used to exploit and deface the web site. Oh wait...
And the last comment from www.realspy.com:
Just remember, don't pick up the soap!
This sounds like something straight off the 'Happy Hacker' web site. The
vague threat that the computer criminal will not only be caught, but
prosecuted and sentenced to time in prison where they will have less than
pleasant relations with other prisoners. Given the rash of web defacers
who have taunted the FBI and proclaimed they would never be caught, this
hardly seems a deterent. More so that few of them ever see the inside of a
jail or prison.
So what does this kind of message really accomplish? Absolutely nothing
productive. It only serves to encourage more attacks, waste time and
resources that should be spent on business, and generally make the owner
look like a fool.
Why am I writing and picking on this site? Because in the course of
mirroring over a thousand defaced web pages, I have seen this reaction
before. What I haven't seen is a productive result following this kind of
obnoxious note being posted. I have only seen it cause further hassle,
further embarassment, and further work for the FBI.
Please, swallow your pride and respond to these incidents in a better
fashion. Starting pissing wars with people that know computer security
better than you doesn't seem too bright.
Brian Martin
ATTRITION Staff
ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERV@SecurityFocus.com with a message body of
"SIGNOFF ISN".
Received on Tue May 16 18:22 CDT 2000