Full Disclosure mailing list archives

Re: Cyberwar between Israel and Turkish Hacker

From: Valdis.Kletnieks () vt edu
Date: Tue, 06 Sep 2011 23:43:20 -0400

On Wed, 07 Sep 2011 04:55:36 +0530, Mohit Kumar said:

Turkish hacker "*TurkGuvenligi*" hijacked some 350 Israeli websites on
Sunday evening

"*The hack represents a 10%-15% spike compared to the average number of
daily hacks of Israeli websites*,"


Hmm... if 350 is a 10% spike, then the base value must be 3500 hacks *per day*
of Israeli websites.  I found a reference for there being 81,743 *.il domains
as of a few days ago:

http://www.webhosting.info/registries/country_stats/IL

Now admittedly, there's not a one-to-one correspondence between domains
and websites.  However, 3.5k hacks per day for 81K domains works out to
an *average* rate of every domain getting hacked at least once a month.
And remember kiddies - if out of 10 domains, 9 manage to fly under the wire
and not draw hacker's attention, that 10th domain needs to get whacked over
twice a week to keep that average up. ;)

One also has to wonder if all 350 sites were customers of the same DNS provider
and only one DNS server got hit.  Of course, in that case, the *real* story may
well have been "hacker nails DNS server, redirects everybody to his hack site
with a wildcard, only 350 out of 20,000 domains actually notice anything
happened".

Or it was actaully "Hacker nails DNS server for 7 or 8 high-eyeballs sites,
happens to nail 20,000 other domains on the same DNS server, of which 350
happened to be .il domains, and instead of the obvious "World Hackers Day"
interpretation, somebody concluded the fact that 350 were .il domains meant it
was "cyberwar against Israel". I wonder if there were 18.000 .com addresses
invovled too, if that would make it "cyberwar against the US".

/me suspects that it was "cyberwar against The Man, Dude" and 350 .il domains
were just accidental collateral damage.  But that doesn't make as good a narrative.

Fortunately, narratives are almost never connected to reality anyhow.

Just sayin' ;)

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Cyberwar between Israel and Turkish Hacker Mohit Kumar (Sep 06)
- Re: Cyberwar between Israel and Turkish Hacker Valdis . Kletnieks (Sep 06)