Comments on: PRI Website Target of Cyber-Aggression http://permaculture.org.au/2010/04/26/pri-website-target-of-cyber-aggression/ Permaculture News, Commentary and Worldwide Projects. Tue, 22 May 2012 06:34:12 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Peter http://permaculture.org.au/2010/04/26/pri-website-target-of-cyber-aggression/#comment-46768 Peter Tue, 27 Apr 2010 23:20:53 +0000 http://permaculture.org.au/?p=2939#comment-46768 There is a lot of activity in the recent weeks with defacement groups attacking servers in Australia. This is the ANZAC weekend activity: http://www.networkworld.com/news/2010/042710-cereal-hacker-on-defacement.html In the security world we consider it low-hanging fruit and not serious but when you get it done to you there is a personal reaction and attachment to the event so you are right in feeling the way you do but in the larger world of security attacks its not a huge deal. You are well served in having the backup, just spend some time when you get it and read up on "hardening" the various packages and operating systems you are using on the server and eliminate most of the easy-to-fix and low-hanging-fruit areas most kids and groups try to use to get in. Thats all you can do unless you want to start buying network security appliances to monitor traffic real time and take various defined actions if any triggers are set off. This expense and time involvement is usually reserved to larger organisations so you can look at first hardening the configuration settings of what you are using in your kit and then look at any open source software that can provide some of the features of the network security appliances to run along with the rest of the site. Cheers, Peter There is a lot of activity in the recent weeks with defacement groups attacking servers in Australia. This is the ANZAC weekend activity:
http://www.networkworld.com/news/2010/042710-cereal-hacker-on-defacement.html

In the security world we consider it low-hanging fruit and not serious but when you get it done to you there is a personal reaction and attachment to the event so you are right in feeling the way you do but in the larger world of security attacks its not a huge deal.

You are well served in having the backup, just spend some time when you get it and read up on “hardening” the various packages and operating systems you are using on the server and eliminate most of the easy-to-fix and low-hanging-fruit areas most kids and groups try to use to get in. Thats all you can do unless you want to start buying network security appliances to monitor traffic real time and take various defined actions if any triggers are set off. This expense and time involvement is usually reserved to larger organisations so you can look at first hardening the configuration settings of what you are using in your kit and then look at any open source software that can provide some of the features of the network security appliances to run along with the rest of the site.

Cheers,
Peter

]]> By: Michael Burns http://permaculture.org.au/2010/04/26/pri-website-target-of-cyber-aggression/#comment-46731 Michael Burns Tue, 27 Apr 2010 14:01:40 +0000 http://permaculture.org.au/?p=2939#comment-46731 I wonder if these are the same hackers who attacked the mutualaid.org server the last few weeks. The Finger Lakes Permaculture email list was lost. We are looking for our subscribers and directing them to http://flxpermaculture.net to reconnect with us. -Michael Burns I wonder if these are the same hackers who attacked the mutualaid.org server the last few weeks. The Finger Lakes Permaculture email list was lost. We are looking for our subscribers and directing them to http://flxpermaculture.net to reconnect with us.

-Michael Burns

]]> By: Butchasteve http://permaculture.org.au/2010/04/26/pri-website-target-of-cyber-aggression/#comment-46716 Butchasteve Tue, 27 Apr 2010 08:14:33 +0000 http://permaculture.org.au/?p=2939#comment-46716 Hopefully its just a random attack rather than one aimed at the philosophy of the site itself. I mean, how could anyone be angry with the idea of permaculture? Probably just some pimply basement dwelling computer troll auditioning for a job at microsoft. Hopefully its just a random attack rather than one aimed at the philosophy of the site itself. I mean, how could anyone be angry with the idea of permaculture? Probably just some pimply basement dwelling computer troll auditioning for a job at microsoft.

]]> By: michaelangelica http://permaculture.org.au/2010/04/26/pri-website-target-of-cyber-aggression/#comment-46711 michaelangelica Tue, 27 Apr 2010 07:42:32 +0000 http://permaculture.org.au/?p=2939#comment-46711 I am amazed that anyone would feel that threatened enough by permaculture forums to hack us. But this has happened twice now in recent history. Maybe we should promote "Buy Nothing Day" a bit more and watch the system disintegrate? ;) I am amazed that anyone would feel that threatened enough by permaculture forums to hack us.
But this has happened twice now in recent history.

Maybe we should promote “Buy Nothing Day” a bit more and watch the system disintegrate? ;)

]]> By: matt luthi http://permaculture.org.au/2010/04/26/pri-website-target-of-cyber-aggression/#comment-46705 matt luthi Tue, 27 Apr 2010 06:10:16 +0000 http://permaculture.org.au/?p=2939#comment-46705 Thank god you had a working backup stored on another server. This site is invaluable. Regards, Matt Thank god you had a working backup stored on another server. This site is invaluable.

Regards,
Matt

]]> By: Eric Smith http://permaculture.org.au/2010/04/26/pri-website-target-of-cyber-aggression/#comment-46700 Eric Smith Tue, 27 Apr 2010 04:51:31 +0000 http://permaculture.org.au/?p=2939#comment-46700 Shyte, just read your reply above Craig... They hit the server. Heck!!!!!!!!!!!!!! Shyte, just read your reply above Craig… They hit the server. Heck!!!!!!!!!!!!!!

]]> By: Eric Smith http://permaculture.org.au/2010/04/26/pri-website-target-of-cyber-aggression/#comment-46698 Eric Smith Tue, 27 Apr 2010 04:48:23 +0000 http://permaculture.org.au/?p=2939#comment-46698 Dang! I take some time off and when i get back everythings in a mess. To all coding kiddies and spammers... no parties while the mods are on holidays ;o) I'm waiting patiently with the rest of you... well waiting any way ;o) Dang! I take some time off and when i get back everythings in a mess. To all coding kiddies and spammers… no parties while the mods are on holidays ;o)

I’m waiting patiently with the rest of you… well waiting any way ;o)

]]> By: Eco4560 http://permaculture.org.au/2010/04/26/pri-website-target-of-cyber-aggression/#comment-46687 Eco4560 Tue, 27 Apr 2010 01:42:29 +0000 http://permaculture.org.au/?p=2939#comment-46687 Nasty stuff. I'm missing all my updates from Purple Pear and Mischief! Hope it gets fixed soon, and a big thanks to the team who is working to keep us all on line and in contact. Nasty stuff.
I’m missing all my updates from Purple Pear and Mischief! Hope it gets fixed soon, and a big thanks to the team who is working to keep us all on line and in contact.

]]> By: Craig Mackintosh http://permaculture.org.au/2010/04/26/pri-website-target-of-cyber-aggression/#comment-46677 Craig Mackintosh Mon, 26 Apr 2010 22:38:38 +0000 http://permaculture.org.au/?p=2939#comment-46677 Sorry Peter - but there's a bit more to it than that. It was a determined, prolonged attack over the course of several days. We're not talking just software code access, we're talking gaining root access at partition level and complete destruction of all data. >>Anyone with actual skills would have gotten a lot further... I don't know how much further they could have got... >>and would have done it without being detected. Excuse my tired sense of humour here, but there's no way they can destroy our hard drive without us noticing. I did mention in the post above, Peter, that they destroyed our server. It's nothing to do with the forum, the main site, or other. Sorry Peter – but there’s a bit more to it than that. It was a determined, prolonged attack over the course of several days. We’re not talking just software code access, we’re talking gaining root access at partition level and complete destruction of all data.

>>Anyone with actual skills would have gotten a lot further…

I don’t know how much further they could have got…

>>and would have done it without being detected.

Excuse my tired sense of humour here, but there’s no way they can destroy our hard drive without us noticing.

I did mention in the post above, Peter, that they destroyed our server. It’s nothing to do with the forum, the main site, or other.

]]> By: Peter http://permaculture.org.au/2010/04/26/pri-website-target-of-cyber-aggression/#comment-46675 Peter Mon, 26 Apr 2010 22:03:21 +0000 http://permaculture.org.au/?p=2939#comment-46675 Craig, I don't feel PRI is the focus of the attack for it's permaculture. Most likely just script kiddies using tools that take advantage of out-of-the-box php code ore default deployments of software not locked down to any level. Forums are usually the weak point for injection techniques or modied urls probing weaknesses. Anyone with actual skills would have gotten a lot further and would have done it without being detected. Cheers, Peter Craig,

I don’t feel PRI is the focus of the attack for it’s permaculture. Most likely just script kiddies using tools that take advantage of out-of-the-box php code ore default deployments of software not locked down to any level. Forums are usually the weak point for injection techniques or modied urls probing weaknesses.

Anyone with actual skills would have gotten a lot further and would have done it without being detected.

Cheers,
Peter

]]>