Results 1 to 10 of 10

Thread: Defacement Question

  1. #1

    Lightbulb Defacement Question

    I was roaming on Zone-H.org today, and was looking at different defacements by different groups. Here is a defacement I found particularly interesting: Defaced Page

    I was wondering, how in the world did this defacer get all of this info? Is this public record and he just posted it, did he/she illegally get into a database somewhere, or did the victim just give the information up on IRC?

    How much info is out there for the "taking?" I thought some of this stuff was private (like SSN's), but it is obvious it is not by this defacement. This is really scary if you ask me

    I was also thinking how careless some (including I) get when chatting, posting, or just throwing information un-encrypted or cautiously on the Internet. This to me is how carelessness can really backfire.

    How "private" is our private information?

    Edit: Sorry for the broken link


  2. #2
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Washington D.C. area
    Well the link you posted was erased so I can't see the actual data. Foundstone has a number of good articles (www.foundstone.com) that deal with fingerprinting techniques.

    What is scary is that some companies actually post a TON of useful info on their websites that can be used to comprimise their networks. After some sniffing around, I have found this to be absolutely true.

    Bottom line is that we are responsible for our data security.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  3. #3
    AO Decepticon CXGJarrod's Avatar
    Join Date
    Jul 2002
    linuxguy99: I cant find the link, but Forbes magazine wrote an article about how they had a Private Investigator find out as much info about one of their writers as possible. Within days, the PI had Social Security numbers, bank numbers and all kinds of other info. Most of it was done through social engineering.
    N00b> STFU i r teh 1337 (english: You must be mistaken, good sir or madam. I believe myself to be quite a good player. On an unrelated matter, I also apparently enjoy math.)

  4. #4
    Senior Member
    Join Date
    Jan 2003

    holy smokes!!!

    That is some scary stuff-fbi directions to the house were a little amusing but ....-Because of that I don't use my real name for anything , except where absolutely required and I know anyone determined to get personal info on me could do so but I deal with the web in a state of extreme paranoia. I don't even do anything wrong to the best of my knowledge and I take pains to cover my tracks.
    Interesting post-thank you
    the only way to fix it is to flush it all away-tool

  5. #5
    Junior Member
    Join Date
    Feb 2003
    The link worked for me, and that is an amazing collection of information.

  6. #6
    Senior Member
    Join Date
    Jul 2002
    That just trips me out, wonder if they used one of those, buy now for 29.95 and get all the dirt on anyone anywhere proggies.
    Every now and then, one of you won't annoy me.

  7. #7
    Join Date
    Mar 2003
    That's really weird coincedence...I work for the company that supplies that guys DSL......I work about 10 minutes from that guys house...ha ha.....

  8. #8
    Senior Member
    Join Date
    Sep 2001
    Wow, did you notice, in the dir of the hacked highschool server:
    08/31/01 03:01p 1,006 katyisd_key.txt
    09/25/01 03:09p 3,644 katysslcert.txt
    07/02/01 12:37p 1,020 NewKeyRq.txt

    SSL cert compromised? That CAN'T be good!
    (Of course being rooted is never good, but now they have (well, SHOULD) have the issuer revoke the cert and issue a new one...
    (You can see they're cert info with this link: (https://www.katy.isd.tenet.edu/) )
    Anyone care to go lookup verisign's revoked certificate list to see if one of their (the highschool) certificate has been reported revoked recently? (I don't have the time to check myself right now...)

    Credit travels up, blame travels down -- The Boss

  9. #9
    Join Date
    Feb 2003
    That is scary how people can just find out all kinds of stuff about you just by hacking. I dont know why they would want to know all of that info but I wouldnt want anything about me on there. This is one of the main reasons I need to get Linux, I need more security than what Windows 98 provides!

  10. #10
    Senior Member
    Join Date
    Dec 2002
    Actually bludgeon, those programs dont really work. My friend had one and it wouldn't give us very much information on anyone. The only thing we got out of it was the address, phone number, and a map to where the person lives. It only really told us where to go if we wanted information on someone.
    The only four things i need are food, water, a computer, and the internet.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts