Article

Defacement challenge puts Web sites on alert

Edward Hurley, SearchSecurity.com News Editor

U.S. systems administrators should make sure their Web servers are secure before heading home for the long July Fourth weekend. This weekend, the "defacers' challenge" takes place, which pits hackers against one another in a game to deface Web pages.

Defend against defacement challenge

The New York State Office of Cyber Security & Critical Infrastructure Coordination has issued an advisory on the hacker contest expected this weekend. Here is a list of recommendations for keeping systems secure:

  • Make sure default passwords for Web servers and other remotely accessible systems are changed to stronger ones.
  • Remove sample applications such as CGI scripts or Active Server Pages not being used by production Web servers.
  • Lock down Microsoft FrontPage extensions. By default, everyone can use them to author Web pages, even through proxy servers.
  • Ensure that Web server logging is on so that, if a Web page is defaced, one can learn how it was done.
  • Create a current backup of the Web server. A good backup is essential for timely

    Requires Free Membership to View

  • remediation of a defaced Web page.
  • Apply the latest security patches for your Web servers and underlying operating systems.

It's too early to say whether the contest will mean an onslaught of Web defacements over the weekend. "This is a hard one to predict," said Pete Allor, manager of Internet Security Systems Inc.'s X-Force threat intelligence services.

Allor hopes companies will use the advance warning to lock down their systems so their Web pages don't get defaced. But, on the other hand, the hackers have also had time to prepare. "In some cases, sites could already have been identified and hacked. They'll put the defacements up on Sunday," he said.

In the meantime, companies should scan their systems for vulnerabilities and install all needed security patches. "You may think you are secure, but you made a configuration change that opens up your Web server," Allor said.

The contest, believed to be the first such event, gives points to hackers when they access an organization's Web servers and deface pages. They can rack up more points for successfully hacking sites running on more obscure operating systems, such as the Apple operating system and Unix flavors HP-UX and IBM's AIX. A successful defacer would get fewer points for breaking into more popular Microsoft or Linux systems.

If enough hackers take part in the challenge, it could disrupt Internet activity as defaced Web pages are taken down to be repaired.

ISS has received "credible information that hacker groups are conducting reconnaissance scans prior to the 'contest' to identify vulnerable systems," the company said.

"However, major activity won't publicly surface until the early hours of July 6, 2003," ISS said.

FOR MORE INFORMATION:

SearchSecurity.com technical tip: "What your Apache Web server is telling the bad guys"

SearchSecurity.com news exclusive: "New critical IIS buffer flaw exploited"

SearchSecurity.com technical tip: "Vulnerability assessments: Leave the scanning to somebody else"

FEEDBACK: Are you taking this hacker challenge seriously?
Send your feedback to the SearchSecurity.com news team.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: