Re: Animal Rights Hacktivist Group?

["Jay D. Dyson" <jdyson () treachery net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 17 Mar 2003 ciso () hushmail com wrote: 

> This is my second attempt at posting this.  For some reason the last
> post had a weird URL in it.  The activity has increased today we had a
> system defaced that was at latest patch level AFAIK.  The defacement
> message simply said;  "HALL was here" 

        Confirm that the system was at its latest patchlevel.  Also, what
is the OS of the system?  Did you leave any unnecessary services running? 
Did your users have strong passwords in place?  Do you allow cleartext
login services on your system?  Does your system have a trust relationship
with another, less-secure system?  All of that can play a role in your
system being compromised. 

> Has anyone seen any activity from an animal rights "Hacktivist" group
> over the last few weeks? I am the Security Officer for an organization
> that runs a number of animal related web sites and we have seen multiple
> attempts and even threats placed into our IIS logfiles in the form of
> invalid requests. 

        There are no true "hacktivists" who run around defacing web sites. 
Genuine "hacktivism" is like genuine altruism: those who engage in it do
not do so to draw attention to themselves.  They quietly do their thing
and let the action speak for itself.

        What you've got here is an ordinary band of defacers who are
trying to be cute.  Their "message" is no more meaningful than if they'd
written "Kilroy Was Here" on your main page.

        Bottom line: there are no web site defacing "hacktivists"; only
opportunists and gullible "journalists" (using the term loosely) who will
hype up anything involving the Internet so it'll sell more copy. 

- -Jay

  (    (                                                        _______
  ))   ))   .-"There's always time for a good cup of coffee"-.   >====<--.
C|~~|C|~~| (>----- Jay D. Dyson -- jdyson () treachery net -----<) |    = |-'
 `--' `--'  `-Better to die with honor than live without it.-'  `------'

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (TreacherOS)
Comment: See http://www.treachery.net/~jdyson/ for current keys.

iD8DBQE+d3jCTqL/+mXtpucRAlbZAKDNE3lJah0QDCYF+YJ1Q9+ZooJJKACfY3Bl
HFpInndVNt/GOl2xzZZdOOw=
=nHaz
-----END PGP SIGNATURE-----


----------------------------------------------------------------------------

<Pre>Lose another weekend managing your IDS?
Take back your personal time.
15-day free trial of StillSecure Border Guard.</Pre>
<A href="http://www.securityfocus.com/stillsecure";> http://www.securityfocus.com/stillsecure </A>