[3389] in WWW Security List Archive
RE: Web site attacks
daemon@ATHENA.MIT.EDU (Alex Filacchione)
Mon Oct 28 14:00:41 1996
From: Alex Filacchione <alexf@iss.net>
To: Carlo Caminiti Buerba <carlo.caminiti@comerci.com.mx>,
"www-security@ns2.rutgers.edu" <www-security@ns2.rutgers.edu>
Date: Mon, 28 Oct 1996 11:25:19 -0500
Errors-To: owner-www-security@ns2.rutgers.edu
The last two big incidents were the hacking and altering of the
Department of Justice and the CIA homepage. The hacker got in and
changed the webpages. All the gifs I think were links to other
servers so he didn't upload gifs. But he managed to alter the HTML
files.
Does anyone has more technical info on how those hackers got into the
system
and altered the pages?
=-=-=-=-=-
Sources say they were all done via the "phf bug" (if you are not familiar
with that bug, check out www.iss.net in vulnerability database). Aslo, the
NSA web site was hacked. Nothing was done to the look of it, but I believe
that files were taken (this is rumor, though, I have no confirmation of
this).
Whether they created a password file entry or added a "+ +" to an .rhosts
file, I don't know.
Alex F
alexf@iss.net
webmaster/security training
