Page 242 - DCAP408_WEB_PROGRAMMING
P. 242
Web Programming
Notes Yet another suspicion is that the timing given might just be to divert attention and that the
actual hacking might take place some time before or after the so-called scheduled time
when companies might be less on their guard.
The contest, referred to as ‘Defacers Challenge’ has been put up on the Web site
www.defacers-challenge.com, by “Eleonara (67)” who claims the “help of some groups
from underground”
Everyone who can notify a defacement is entitled to participate, says the challenge. It will
check zone-h.org for statistics, “due to its notorious independency”. (This site tracks daily
hackings server and operation-system-wise).
The contest targets 6,000 sites worldwide, participants have to penetrate as many Web
servers as possible and deface the Web sites within the six hours given to them.
The contest follows a point-system, awarding one point for a Windows server, 5 for an
HP-UX or Macintosh server. The winners have been promised free Web space, hosting
services, a free domain name, and the like.
Captain Raghu Raman, Global Practice Head, Mahindra Consulting Special Services Group
(information security company), says the context seems to be more of a hoax since so
many Web sites cannot be hacked in the space of just six hours. “It is extremely impossible
since most commercial Web sites are hosted on single servers and have mirrored sites
which take over in the case of a single site faces any problem.”
He feels that the interest generated in the contest could attract many “kiddish” amateurs
whose simultaneous activity during those hours could create major bandwidth issues.
But he too advises precautionary actions. “Companies should look to strengthen their
systems and guard against any vulnerabilities. They should lock down their servers and
public domains, create awareness amongst internal security teams and remember that
hackers do not have to wait for the specified date to start. They can commence anytime.”
The most reliable indicator of whether an organisation’s Web site will be defaced or
otherwise compromised is if the organisation’s Web server is not appropriately secured,
or if it exhibits known vulnerabilities, which can be exploited, he says.
According to him, the following technical guidelines may be followed; making sure that
default passwords are changed. This should include Web servers and any other servers
that the Web server has a trusted relationship with; removing sample applications that are
not being used, such as CGI scripts and Active Server Pages, from Web servers; locking
down Microsoft Front Page Extensions (by default, those extensions are installed in a
manner that gives every user the ability to author Web pages, even through proxy servers).
The other measures recommended are turning the Web server logging on. Logs are essential
to determining how a defacement was accomplished so a recurrence can be prevented. Use
of the extended log format is recommended; and having a current backup of one’s Web
server. In the event of a defacement, a good backup is essential to quickly restore the
server to its original look.
Lastly, he recommends application of the latest security patches to one’s Web server and
the underlying operating system after appropriate testing.
Over the last six months, he says, nearly 571 Indian sites have been hacked. This is twice
the number of sites hacked in 2002. Most of the hackings have been claimed by Pakistani
hacker groups.
236 LOVELY PROFESSIONAL UNIVERSITY
