Good ol' Web Defacements
Shaylan just wrote us "my website has been taken over" ... "people are using them without my permission".
He attached a file which is probably collected from his site. It includes a flash animation and redirects to what looks like a Turkish political website. I don't speak turkish, so I am not sure what side/view the site covered. However, the entire episode certainly brought back long subpressed memories about turkish/armenian usenet fights and "hacked by chinese" messages spread by Code Red. Political "hacktivism" has kind of taken a lesser role these days with everybody focusing on making money.
But what are the lesson here?
He attached a file which is probably collected from his site. It includes a flash animation and redirects to what looks like a Turkish political website. I don't speak turkish, so I am not sure what side/view the site covered. However, the entire episode certainly brought back long subpressed memories about turkish/armenian usenet fights and "hacked by chinese" messages spread by Code Red. Political "hacktivism" has kind of taken a lesser role these days with everybody focusing on making money.
But what are the lesson here?
- They are still out there. Usually bottom feeding on the scraps left by bots (or using bots to their advantage of course).
- "Best Practices": Its hard to run a hacker-proof website. But its like anything... a little effort goes a long way and keeps out most of the riff-raff.
- Shared Servers: Don't use them for business critical web sites. They are fine to run a hobby site from. But for anything else: Get a dedicated system. IMHO, the jury is still out if virtual machines provide enough separation.
Keywords:
0 comment(s)
My next class:
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
×
Diary Archives
Comments