lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue, 06 Sep 2011 23:43:20 -0400
From: Valdis.Kletnieks@...edu
To: Mohit Kumar <thehackernews@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Cyberwar between Israel and Turkish Hacker

On Wed, 07 Sep 2011 04:55:36 +0530, Mohit Kumar said:

> Turkish hacker "*TurkGuvenligi*" hijacked some 350 Israeli websites on
> Sunday evening

> "*The hack represents a 10%-15% spike compared to the average number of
> daily hacks of Israeli websites*,"

Hmm... if 350 is a 10% spike, then the base value must be 3500 hacks *per day*
of Israeli websites.  I found a reference for there being 81,743 *.il domains
as of a few days ago:

http://www.webhosting.info/registries/country_stats/IL

Now admittedly, there's not a one-to-one correspondence between domains
and websites.  However, 3.5k hacks per day for 81K domains works out to
an *average* rate of every domain getting hacked at least once a month.
And remember kiddies - if out of 10 domains, 9 manage to fly under the wire
and not draw hacker's attention, that 10th domain needs to get whacked over
twice a week to keep that average up. ;)

One also has to wonder if all 350 sites were customers of the same DNS provider
and only one DNS server got hit.  Of course, in that case, the *real* story may
well have been "hacker nails DNS server, redirects everybody to his hack site
with a wildcard, only 350 out of 20,000 domains actually notice anything
happened".

Or it was actaully "Hacker nails DNS server for 7 or 8 high-eyeballs sites,
happens to nail 20,000 other domains on the same DNS server, of which 350
happened to be .il domains, and instead of the obvious "World Hackers Day"
interpretation, somebody concluded the fact that 350 were .il domains meant it
was "cyberwar against Israel". I wonder if there were 18.000 .com addresses
invovled too, if that would make it "cyberwar against the US".

/me suspects that it was "cyberwar against The Man, Dude" and 350 .il domains
were just accidental collateral damage.  But that doesn't make as good a narrative.

Fortunately, narratives are almost never connected to reality anyhow.

Just sayin' ;)

Content of type "application/pgp-signature" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ