LANGUAGE
SEARCH
MAIN MENU
Homepage
News
Advisories
Download area
Digital attacks
 Attacks archive
 Attack notification
 Internet spam/frauds
Stay tuned
 Infosec pager
 Mailing list subscription
Passive public area
 Stats & Graphs
 Unsuccess stories
Active public area
 Legal corner
 Forum section
 Join Zone-h IRC chat
Zone-H club
 Staff performance
 Meet our staff
 Link to us
 Contact us
Commercials/Campaigns
 Zone-H e-Shop
 Anti-pedophily campaign
Disclaimer
Black or White hat?



IT is Zone-H's contribution to the IT security world. It is a tool for keeping always up to date administrators and ITsec professionals. It's cool. It's free. It's the InfoSec pager.
 
NEWS
Mitnick's company website www.defensivethinking.com defaced again for political reason (...shhhh! don't tell it to Zone-H!)
 
SyS64738 www.zone-h.org admin
02/23/2003
 
Today, February 23rd the website of the company Defensive Thinking belonging to famous hacker Kevin Mitnick has been re-re-re-redefaced. This time for political reasons. http://www.zone-h.org/defaced/2003/02/23/www.defensivethinking.com(1) /

The hacker DkD[|| after gaining access using a misconfiguration in the website (the same misconfiguration that allowed the previous intrusions) posted a wide pro-Palestine/Chechenia against Sharon/Bush/Putin proclama.

We at Zone-H fighted a little in order to get the mirror of the defacement as somebody at Defensivethinking was continuosly restoring the original main page and blocking the IP of our mirroring robot (like to say, if Zone-H doesn't mirror it, it will get unnoticed... Shhhhh!)

We eventually succeded to get the mirror .

The interesting thing, is that the boys at Defensive Thinking rather that fixing the configuration mistake (at the moment the full server content can be still browsable as an extension of your local directory) they were fighting against our mirrors or against the hacker who was redefacing the mainpage everytime it got fixed.

In an online chat session with DkD[||, he told to Zone-H that there were no personal reasons to attack Mitnick's server. "It's just a very good way to spread my message" declared DkD[||.

Are you wondering how it happened that ta company like Mitnick's one can get defaced so many times in a row? Easy to say! Let's Netcraft defensivethinking.com:

http://uptime.netcraft.com/up/graph/?host=www.defensivethinking.com

and we will see that they just changed the web hoster, thinking this time to have solved their problem:

OS, Web Server and Hosting History for www.defensivethinking.com

OS Server Last changed IP address Netblock Owner

Windows 2000 Microsoft-IIS/5.0 22-Feb-2003 66.117.200.43 Fuse Internet Access
Windows 2000 Microsoft-IIS/5.0 20-Jan-2003 65.223.48.102 Nexspace LLC
Windows 2000 Microsoft-IIS/5.0 20-Jan-2003 65.223.48.102 Nexspace LLC
Linux Apache/1.3.26 (Unix) 16-Jan-2003 209.151.245.6 Cyberverse Online
Windows 2000 Microsoft-IIS/5.0 1-Oct-2002 65.223.48.102 Nexspace LLC
Linux Apache/1.3.26 (Unix) 29-Sep-2002 209.151.245.6 Cyberverse Online

Thing is that the new web hosting company...was vulnerable as the previous one! (credits to friend nick to this info)

Our implacable mirrors are watching you...

 
Original article: www.zone-h.org