From owner-freebsd-security  Thu Apr 26 21:36:45 2001
Delivered-To: freebsd-security@freebsd.org
Received: from hecky.it.northwestern.edu (hecky.acns.nwu.edu [129.105.16.51])
	by hub.freebsd.org (Postfix) with ESMTP id 931DA37B422
	for <freebsd-security@FreeBSD.ORG>; Thu, 26 Apr 2001 21:36:42 -0700 (PDT)
	(envelope-from stuyman@confusion.net)
Received: (from mailnull@localhost)
	by hecky.it.northwestern.edu (8.8.7/8.8.7) id XAA15118;
	Thu, 26 Apr 2001 23:36:40 -0500 (CDT)
Received: from confusion.net (dhcp089069.res-hall.nwu.edu [199.74.89.69]) by hecky.acns.nwu.edu via smap (V2.0)
	id xma015081; Thu, 26 Apr 01 23:36:34 -0500
Message-ID: <3AE8F712.472BAEC0@confusion.net>
Date: Thu, 26 Apr 2001 23:35:31 -0500
From: Laurence Berland <stuyman@confusion.net>
X-Mailer: Mozilla 4.75 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Alan Clegg <alan@clegg.com>
Cc: mudman <mudman@R181204.resnet.ucsb.edu>,
	freebsd-security@FreeBSD.ORG
Subject: Re: defaced websites and the like
References: <Pine.BSF.4.30.0104251453340.9592-100000@R181204.resnet.ucsb.edu> <20010425210621.C43159@diskfarm.firehouse.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

So you're the one who solved the list issues?  Thank you.  Defaced is a
good resource and is, if nothing else, a good source of amusement when
tired of reading real web pages.  Thanks a million

L:

Alan Clegg wrote:
> 
> Unless the network is lying to me again, mudman said:
> 
> > Maybe as a good follow up, would using one OS over another OS change
> > the risk assessment for this kind of thing? (although I admit this last
> > question would take into account a lot of different variables)
> 
> I hate to toot my own horn, but... *TOOT*
> 
> Check out http://www.attrition.org/mirror/attrition/ for a relatively
> comprehensive list of defacements, including breakdowns (and graphs)
> by OS, web server type, etc... for example:
> 
>         http://www.attrition.org/mirror/attrition/os.html#APRIL2001
> 
> While I'm not part of the attrition team, I do now host their defacement
> mailing list.  To be advised of defacements as they are "snapshotted",
> send an e-mail to:
> 
>                 defaced-l-subscribe@mailinglists.org
> 
> Each annoucement includes the type of system defaced (OS), web service
> running (apache, IIS, etc etc), and the "group" that did the defacement.
> 
> There is also a link back to the attrition mirror so you can see what
> the defaced page looked like even after the owner 'fixes' the problem.
> 
> AlanC
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

-- 
Laurence Berland
Northwestern '04
stuyman@confusion.net
http://www.isp.northwestern.edu/~laurence

"The world has turned and left me here"

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message