Defacement challenge puts Web sites on alert |
 |
By Edward Hurley, SearchSecurity.com News Editor
03 Jul 2003 | SearchSecurity.com |
|
|
U.S. systems administrators should make sure their Web servers are secure before heading home for the long July Fourth weekend. This weekend, the "defacers' challenge" takes place, which pits hackers against one another in a game to deface Web pages.
|
Defend against defacement challenge
|
|
The New York State Office of Cyber Security & Critical Infrastructure Coordination has issued an advisory on the hacker contest expected this weekend. Here is a list of recommendations for keeping systems secure:
- Make sure default passwords for Web servers and other remotely accessible systems are changed to stronger ones.
- Remove sample applications such as CGI scripts or Active Server Pages not being used by production Web servers.
- Lock down Microsoft FrontPage extensions. By default, everyone can use them to author Web pages, even through proxy servers.
- Ensure that Web server logging is on so that, if a Web page is defaced, one can learn how it was done.
- Create a current backup of the Web server. A good backup is essential for timely remediation of a defaced Web page.
- Apply the latest security patches for your Web servers and underlying operating systems.
|
|
|
 |
It's too early to say whether the contest will mean an onslaught of Web defacements over the weekend. "This is a hard one to predict," said Pete Allor, manager of Internet Security Systems Inc.'s X-Force threat intelligence services.
Allor hopes companies will use the advance warning to lock down their systems so their Web pages don't get defaced. But, on the other hand, the hackers have also had time to prepare. "In some cases, sites could already have been identified and hacked. They'll put the defacements up on Sunday," he said.
In the meantime, companies should scan their systems for vulnerabilities and install all needed security patches. "You may think you are secure, but you made a configuration change that opens up your Web server," Allor said.
The contest, believed to be the first such event, gives points to hackers when they access an organization's Web servers and deface pages. They can rack up more points for successfully hacking sites running on more obscure operating systems, such as the Apple operating system and Unix flavors HP-UX and IBM's AIX. A successful defacer would get fewer points for breaking into more popular Microsoft or Linux systems.
If enough hackers take part in the challenge, it could disrupt Internet activity as defaced Web pages are taken down to be repaired.
ISS has received "credible information that hacker groups are conducting reconnaissance scans prior to the 'contest' to identify vulnerable systems," the company said.
"However, major activity won't publicly surface until the early hours of July 6, 2003," ISS said.
FOR MORE INFORMATION:
SearchSecurity.com technical tip: "What your Apache Web server is telling the bad guys"
SearchSecurity.com news exclusive: "New critical IIS buffer flaw exploited"
SearchSecurity.com technical tip: "Vulnerability assessments: Leave the scanning to somebody else"
FEEDBACK: Are you taking this hacker challenge seriously?
Send your feedback to the SearchSecurity.com news team.
|
|
|
|
