army.mil defaced
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: army.mil defaced

  1. #1
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786

    army.mil defaced

    come on army!?!


    02/23/2004

    http://www.zone-h.com/en/news/read/id=4043/

    Another web site (tsn.wes.army.mil) belonging to the US Army got defaced yesterday, a member of the Brazilian crew r00t_system modified the index page to put the name of his group on it "amarelo was here ! r00t_system defacers crew 2004 ! irc.brasnet.org /j #ry ! sur00t@america.hm ! fuc".

    It is the fourth US Army site to be hacked this year, this time the Windows 2000 box with the Microsoft IIS 5 web server had its frontpage extensions misconfigured.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  2. #2
    It goes to show how our Homeland Security dollars are being managed. It's a sad, sad thing to know they do not take measures to secure something like the Army's servers.

  3. #3
    Ah tis it is a shame that the Government worries about everything else, but protecting there own Servers, that could hold secret imformation.
    Who says that if it was that easy to deface there website, maybe it would be easier to steal private information?
    Well if there frontpage extensions are misconfigured, then what else is misconfigured?

    thanks for the interesting read Tedob

    .:front2back:.

  4. #4
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    I was about to say who says the site has anything of importance until I visited it this morning: "Tri-Service Solicitation Network". Good lord! It's the bidding site! I thought these sites were supposed to meet certain standards in regards to security.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  5. #5
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    Well if there frontpage extensions are misconfigured, then what else is misconfigured?
    My money would be on print servers.............whilst .gov and .mil users have plenty of funds for anything that is "cutomer facing" or a "battlefield application", their internal IT has a very lean budget...........politicians and generals just don't understand

    So a former apps or file server is pressed into service as a print server, with its internet connectivity still enabled and minimal security. After all, who expects their print server to attack them? This is also true of commercial organisations, people don't think/bother to sanitise the machine when it is decomissioned.............they just move the files (which users want) and apps (which incur licence fees)?

    It is vaguely reminiscent of the "old days" when IT was responsible for mainframe and mid-range stuff, and most users had dumb terminals (OK there were a few PCs with 5250 emulation cards in them) and most PCs were stand alone and purchased by the user departments.

    The weakest point in the organisation was the conference and meeting rooms, because the kit was frequently under the control of HR (human remains) People came in with lectures and presentations on floppy disks, and most viruses were boot sector or file infectors............In my experience, HR are not the strongest growth in the vinyard when it comes to AV?

    So go check your print server security folks.............you may get a surprise

    Cheers
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  6. #6
    Member
    Join Date
    May 2002
    Posts
    93
    While I share all of your concern with this (Old Air Force net security guy) I love to see when people start talking about 'classified information' or private information. If its military and its on the web, its usually not that important.

    Classified information has its own internal network, not connected to the WWW. So while hacking some obscure army server does challenge the security of military networks as a whole, it is by no means an indication that 'classified information' or private information is on the outside.

    There is a shake up in military IT. A few years ago you had decently experience folks(like myself) handling what we call Information warfare. As times change, they need folks like me in other places, filling other positions. So in comes the civilian contractor. So right now we are in a state of tranistion in a lot of areas, and as you can expect, sometimes turnover of systems isn't all that great.

    But hey thats not an excuse either.

    Anyway

    *edit* I misread something and decided to act too harshly. Good points all around
    Tachyon

    |-----|Alcohol is my anti-drug |-----|

  7. #7
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Tachyon is correct. If someone needs access to the internet and classified systems at the same time, he or she will have TWO separate systems on the desk. While oversight into non-classified systems isn’t overly tight, those systems carrying classified information are critically screened. It does give off an impression of lax security though when PUBLIC web servers are defaced. I imagine they get hammered 24/7. No one here can honestly say they would come out ahead if those groups targeted your own domains. I wouldn’t boast that in public anyway.

    This could be and example of how a small oversight into configuration of a webserver is very costly.

  8. #8
    Senior Member The Old Man's Avatar
    Join Date
    Aug 2001
    Posts
    364
    Without going into great detail here, we need to remember that every "command" is actually a separate entity, with different IT personnel, different levels of training and different levels of security interest and capability as well as different internal personnel problems. "Homeland Security from D.C." cannot monitor the *actual* security at every remote or separate command. In fact, nothing of military combat value is really classified below the Division level as far as equipment goes. If you are an officer in a SOF unit, or a major commander,chances are some "enemy" (used to be the Russians, maybe still is, and don't forget the ChiComs) has a more complete folder on you than your own Personnel office does. This is not to say that unit security breaches are not serious, they are of course. One problem with military IT security is the spiderweb of civilian contractors: If just one of them has a link into the mainframe then anyone in that office, or anyone who can tap into that office, may be able to access the data wherever those computers are hooked together by a modem.
    And don't forget the disinformation factor; if i am a division commander and there is a hostile across the fence, i just might start sending my subordinates nasty messages about not ordering any ammo and we're clear out of everything, all the tanks and trucks that are broke down and all the soldiers that have gut-wrenching diarrhea and can't even stand up straight, and if the enemy attacked right now we'd just have to wave the white flag.... well, you get the idea.
    The only way you are going to get *really* tight security at every computer terminal in the military is to require serious IT-security levels for every IT specialist at the lowest unit level. And as soon as you do that, every qualified E7 in the military will get out and go to work for industry starting at five times the wage he makes in the military after being there for 12 years. So you compartmentalize the serious information and the serious data, the serious systems, and do the best job you can with the other stuff.
    Really over-simplified, but you get the idea...

    (edit) went to see the site, and it's simply a consolidation of all the jobs you (as a contractor) might bid on from that facility and some others who piggyback on the site. The same info is posted hardcopy all over the planet at publicly available corkboards. Not a bad idea to consolidate the solicitations where everyone with internet savvy can have an equal chance at contract jobs for the military.
    Still not an excuse for an improperly configured server...

  9. #9
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    *sigh* Make it five...

    http://www.zone-h.org/en/defacements/special

    Come on Army!
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  10. #10
    People what does this tell you?if you have win 2000 server get rid of it!!!!the patchs dont block all the holes in that software. Also if thay are using tsn for web hosting?the address may be a coincdence, but i have to say tsn doesnt know security if it bit them in the a**

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •