1996-09-02 - Re: Moscowchannel.com hack

Header Data

From: Adamsc@io-online.com (Adamsc)
To: “Igor Chudov” <snow@smoke.suba.com>
Message Hash: 9d92e643cf0fb18cae2e8ae951c26cde644ecc6654918dd6a979cdce9a326134
Message ID: <19960902051921875.AAA201@IO-ONLINE.COM>
Reply To: N/A
UTC Datetime: 1996-09-02 08:07:08 UTC
Raw Date: Mon, 2 Sep 1996 16:07:08 +0800

Raw message

From: Adamsc@io-online.com (Adamsc)
Date: Mon, 2 Sep 1996 16:07:08 +0800
To: "Igor Chudov" <snow@smoke.suba.com>
Subject: Re: Moscowchannel.com hack
Message-ID: <19960902051921875.AAA201@IO-ONLINE.COM>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 1 Sep 1996 10:09:32 -0500 (CDT), Igor Chudov @ home wrote:

>> > Not really crypto, but related to the DOJ hack in a way.
>> > 
>> > Moscow Channel is a pretty slick, Russian news/commentary >>page.  Their Web
>> > site was hacked and altered by someone who didn't seem to >>like Russians all
>> > Just a matter of time before some builds a dedicated Satan >>type tool that
>> > scans for  HTTP server holes or messed up file permissions >>to make locating
>> > potential victims easy.
>> Write your web site to a CD-ROM and hard-code the base >>directory into the
>> webserver.
>
>A hacker who has root can forcibly unmount the cdrom and mount >another
>directory on that node. Not a good solution.

Hack your system kernel to only allow mounting read-only media to that point. 
Most hackers wouldn't try "hot-patching" the system kernel.  The ones that can
probably have better things to do than hack your page.

- "'Anonymity is bad,' says a source who wishes to remain anonymous." - Nuff' said.
* Home: Chris Adams <adamsc@io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
* Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
* Work: cadams@acucobol.com | V.M. (619)515-4894 | (619)689-6579
* Member in good standing of the GNU whirled hors d'oeuvre






Thread