http://www.usatoday.com/tech/news/internetprivacy/2003-07-02-hacker-attack_x.htm

Thanks EC. Did you see the free Zone Alarm problem at Extreme Tech? It seemed so far out that I did not post it, but it is strange that the ZA paid for versions are not effected by it at all. You take care!

So far it is only a script kiddie warning. We will see though.

Websites are defaced all the time, so saving defacements until a certain day is not a huge deal.

A "contest"? Hype.

Defacing is becoming passe. Now to generate public interest, there has to be more than a threat - there has to be a contest.

Here's a quote from another board about the ZA issue:

Zonelabs WILL fix "hole" in free firewall

"Regarding the "ShellExecute" vulnerability recently reported at BugTraq, Zone Labs will make a fix for its free ZoneAlarm product available in the next two weeks. In the meantime, users of ZoneAlarm should keep in mind the following facts:

- This vulnerability has not been exploited to our knowledge.

- This vulnerability requires that a malicious application is running on the affected PC. For this to occur, an attacker would have to break through the other protection layers of ZoneAlarm (firewall, stealth mode etc.) as a first step."

***

As for the hacker warning, I think this time it's different. Dafacements are common BUT not on this scale, IF they can do it. What worries me is that they will TRY on Sunday. And worse yet, it is foolish to minimize this and dismiss it, as ANY secuirty hole is just that, a hole and it could lead to MORE weaknesses.
Any effort like that HAS to be watched as I think it is not an idle threat, but something that could be done.

Reagardless, I guarantee EVERY security officer and admin around is checking their systems a little closer today.

Well, we should not dismiss, no. Then again, anybody can cry wolf. This is the Internet, rumors spread. So take everything, even from the media, with a grain of salt.

There is very real point where you (the sysadmin) have done what you can to secure a public server. Granted, most sysadmins seem to never reach this. But we only hear of those who have failed, not the successful admins.

If there is an exploit that you do not know about, then it is out of your direct power. All you can do is log and listen at that point (unless you feel like scouring you code and patching - assuming open source). There is always another precaution (and checking your defense is always good), but in the end you are subject to the flaws of your executing binary.

(*anonproxy assumes the role of devil's advocate*...) Hacker threats are usually worthy of some diminishing from the scale the mass media portrays them. If you remember Mitnick's trial, the nuclear-threat was an early example. Now public opinion is much more subdued, but still enlarges the hacker more than necessary.

That is not to say that these threats should be be ignored or diminished to the point where there is no threat.

There is always a threat, 24/7. Without anyone having to make one it exists. This is a reality of the Internet.

Most news articles rarely mention that defacements happen constantly. They are practically like the weather. AOL IM exploits were once news-worthy topics (the odds of being a victim were incredibly low without a static IP, broadband, etc.).

Also, the idea of a contest appeals to script kiddies. Script kiddies do not innovate, they over-emphasize and are repetitious. They wear exploits out because they are merely capable of grunt work. In fact, devising a contest for them is a fairly effective way of getting them out.
(*anonproxy assumes role as himself again*...)

You are right EC, defacement en masse is a relatively new thing and should be taken seriously. Just do not run with the news, run the with the facts (and we are a little low on these right now).

By the way, glad to have your opinion EC. (Thats why I post instead of keeping it to myself).

On Sunday, I'll be watching my own boxes, this after several security audits, so we'll see, but it will be somewhat anti-climatic if nothing happens, as the press will jump all over that and the kiddies will be further inflammed, so then another contest will be set-up for later.
Will have my LINUX firewall box up by then, but am creating several for myself and a few others, but I'll be ready.

Anonproxy -- well put post, as I can see you'll be watching too.

This hacking contest is aimed at defacing websites, not attacking individual computers as I understand it. So if you have a website, make sure you have back up copies of everyhing on your site on your own hd and on removable media like CD's.