Site Menu

null.gif Home
null.gif MembersShow/Hide content
null.gif NewsShow/Hide content
null.gif DownloadsShow/Hide content
null.gif ContentShow/Hide content
null.gif SiteShow/Hide content
null.gif DrugsShow/Hide content
null.gif Physics
null.gif Nature
null.gif Poetry
null.gif Chess
null.gif Website
null.gif Internet
null.gif Tanakh

Site Info

Last SeenLast Seen
Server TrafficServer Traffic
  • Total: 9,203,759
  • Today: 215
Server InfoServer Info
  • Apr 13, 2021
  • 04:23 am EDT


This is the list of NukeSentinel(tm) banned IP addresses.

  • 84.17.45.*
  • 45.146.165.*
  • 187.3.64.*
  • 168.62.9.*
  • 217.182.252.*
  • 176.31.162.*
  • 80.215.203.*
  • 13.72.78.*
  • 94.102.59.*
  • 77.180.125.*
  • 5.135.125.*
  • 135.181.44.*
  • 27.124.127.*
  • 129.205.244.*
  • 179.61.158.*
  • 23.94.184.*
  • 144.168.166.*
  • 85.105.83.*
  • 23.94.154.*
  • 107.175.80.*


Thank you, Navy SEALs


You have been warned!
We have caught 2624 shameful hackers.

Defacements Statistics 2010

 Almost 1,5 million websites defaced, what's happening?

Marcelo Almeida (Vympel), Boris Mutina (Minor)

stats 2010

Last year the Zone-​H archived a sad record num­ber, we archived 1.419.203 web­sites deface­ments.

Why and how this is hap­pen­ing?

If you are look­ing at on the stats, the things remain the same: file inclu­sion, sql injec­tion, web­dav attacks and shares mis­con­fig­u­ra­tion are still at the top ranks of the attack meth­ods used by the defac­ers to gain first access into the server. As an impor­tant fac­tor influ­enc­ing the stats we con­sider the fact that last year brought a very high num­ber of the local linux ker­nel exploits.

Since many years ago, Linux became the most used OS for web­servers and of course the pre­ferred tar­get for the defac­ers. Last year we archived 1.126.987 attacks against web­sites run­ning on the Linux sys­tems. The most used exploit by the defac­ers is the CVE-​2010 – 3301,that was fixed in 2007 and was mys­te­ri­ously rein­tro­duced in 2008, in a large pile of ker­nel ver­sions x86_​64.

But should be the out-​of-​date Linux server the only rea­son of this huge amount of deface­ments?

Yes and no.

We were talk­ing about local ker­nel exploits, but the first prob­lem is in the web­site code. For exam­ple, we received too many sin­gle deface­ments due a remote upload flaw in OsCom­merce CMS, that allows the defac­ers to upload any­thing to the CMS folder with­out a proper cre­den­tial check. When this flaw became pub­lic, the devel­op­ers had a too much time to fix it, but the fix appeared few months later. Pity.

Year after year, the devel­op­ers are still cod­ing by an unsafely, keep­ing tons of the remote and local file inclu­sion and the SQL injec­tions, that the attack­ers use as the first step to gain the access into the server OS.

Then an another prob­lem with the out-​of-​date sys­tem is that the old ker­nel ver­sions indi­cate also that another pack­ages (some­times also mis­con­fig­ured) by per­form­ing priv­i­lege esca­la­tion for the services/​users access.

But we should not speak only about the Linux servers, the Win­dows Servers are also in the stats, (not) sur­pris­ingly still hacked by the same flaws like in year 2000 and early. Every year we also recorded a high num­ber of the web­dav and shares mis­con­fig­u­ra­tion attacks. For web­dav there are tons of the updates, for shares too, admin­is­tra­tors just need to put their hands on it and update and/​or change the con­fig­u­ra­tion.

From the results one out­come is clear – code devel­oper teams and web­server admins are still liv­ing in two dis­tinct worlds. And if some­thing is not work­ing prop­erly, their answer is that this is most likely the other side’s fault. While this “fight” con­tin­ues, the deface­ment count still grows up.

If you have any com­ments, send them to comments@​zone-​h.​org


Short URL:
Posted on Thursday, January 12, 2012 @ 14:34:18 EST by Southern 

click Related        click Rate This        click Share
Associated TopicsHacking




© ThemeFreaks


<< April 2021 >>


bookmark site

Bookmark Us
Bookmark Us

Set as Homepage
Set as Homepage

Support RavenNuke™

RavenNuke(tm) v2.40.01


10:32, The lips of the righteous know what is acceptable: but the mouth of the wicked speaketh frowardness.

R.O.P.: R.I.P.

Thousands of Deadly Islamic Terror Attacks Since 9/11

Islam spreads like a virus....
more: Islam violence

List of Islamic Terror Attacks For the Past 2 Months

Support Our Troops

Support Our Troops

© ThemeFreaks

Honey Pot

Bots in the pot!
We have [334] bots in the pot!

Page Generation: 0.34 Seconds