White hat security group
-
- Fame ! Where are the chicks?!
- Posts: 212
- Joined: 26 Mar 2006, 16:00
- 18
- Location: Infinite Loop
- Contact:
White hat security group
Have you ever seen a site that was hacked by a script kiddie, the f00l deleted the intire database, and left a stupid message like "i rule!" or "You've been p4wn3d by the b3st h4ck3rz in the worldz!!" ???????
Whel i am sick of seing those poor admis of sites such as: http://artfulwriter.com/archives/2006/0 ... e_hac.html
Lol just an example
Here is what i propose WE od:
1 - Create a White Hat Security group
2 - Recruit everyone interested (as long as they are trustworthy)
3 - create a help-mail account for helping hacked admins
4 - Advertise it everywhere possible, so it is of the knowledge of everyone
5 - Ask for the info wich the hacker left about himself
6 - Contact him and tell him to say hes sorry
7 - If he doesnt comply, tag him and pursue him till you fuck up his box (or anoy him till he ask for forgiveness)
Does anyone knwo what im talking about?
Is this an interesting idea?
Wouldnt it help Newbs to learn how to information gathering and hacking?
(by finding an possibly atacking the hacker)
Plz dont say i've been up all nite...
Whel i am sick of seing those poor admis of sites such as: http://artfulwriter.com/archives/2006/0 ... e_hac.html
Lol just an example
Here is what i propose WE od:
1 - Create a White Hat Security group
2 - Recruit everyone interested (as long as they are trustworthy)
3 - create a help-mail account for helping hacked admins
4 - Advertise it everywhere possible, so it is of the knowledge of everyone
5 - Ask for the info wich the hacker left about himself
6 - Contact him and tell him to say hes sorry
7 - If he doesnt comply, tag him and pursue him till you fuck up his box (or anoy him till he ask for forgiveness)
Does anyone knwo what im talking about?
Is this an interesting idea?
Wouldnt it help Newbs to learn how to information gathering and hacking?
(by finding an possibly atacking the hacker)
Plz dont say i've been up all nite...
-
- cyber messiah
- Posts: 1201
- Joined: 30 Apr 2006, 16:00
- 17
- Location: 127.0.0.1
Watch out man, using word 'white hat' on suck-o means asking for trouble,cya in debate board, thats something i learnt here, when you say white hat, people laugh at you..
Last edited by pseudo_opcode on 12 Feb 2007, 13:36, edited 1 time in total.
- bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
well, we ARE a "whitehat" group already...
anyone who owns a site which has been hacked would receive help here, BUT securing a site/server can be a lot of work and most people here (including me) can't afford to spend much more time to do jobs for free....and securing a site/server can quickly cost some hundred bucks, simply because it's nothing that can be done within a couple of minutes, analyzing already can take some hours.
the closest info you can get about the attacker is the IP, the next step would be to involve a lawyer which would have to force the network host of the IP to supply the personal data...and if the attacker is coming from a skiddie country (I'm saying no names here) you don't even get an answer and it's pointless to sue....
the next thing is that most site/server owners don't accept help when their site/server has been compromised, the usual reason is that they already know what was the reason: lazyness....security is a steady process which means patching, patching, patching.....so if I we would spend hours with securing a site/server it would be wasted time if the owner stays as lazy as before. and it's a sad but true fact that you can't even really secure some sites, for example when the site is on simple webspace and implementing serverbased security measures is not possible.
so in my opinion the only way this can work is:
owners of compromised servers/sites can always ask for help on the boards, but if somebody wants me (I can only speak for myself here of course) to do active work I'll not do it for free (if it's not a friend/part of the suck-o community). but I'm open to suggestions...
p.s. eppik, the dead link of your avatar is slowing down the load of the site, if you want to send it to bad_brain[at]suck-o.com and I'll upload it for you....
anyone who owns a site which has been hacked would receive help here, BUT securing a site/server can be a lot of work and most people here (including me) can't afford to spend much more time to do jobs for free....and securing a site/server can quickly cost some hundred bucks, simply because it's nothing that can be done within a couple of minutes, analyzing already can take some hours.
the closest info you can get about the attacker is the IP, the next step would be to involve a lawyer which would have to force the network host of the IP to supply the personal data...and if the attacker is coming from a skiddie country (I'm saying no names here) you don't even get an answer and it's pointless to sue....
the next thing is that most site/server owners don't accept help when their site/server has been compromised, the usual reason is that they already know what was the reason: lazyness....security is a steady process which means patching, patching, patching.....so if I we would spend hours with securing a site/server it would be wasted time if the owner stays as lazy as before. and it's a sad but true fact that you can't even really secure some sites, for example when the site is on simple webspace and implementing serverbased security measures is not possible.
so in my opinion the only way this can work is:
owners of compromised servers/sites can always ask for help on the boards, but if somebody wants me (I can only speak for myself here of course) to do active work I'll not do it for free (if it's not a friend/part of the suck-o community). but I'm open to suggestions...
p.s. eppik, the dead link of your avatar is slowing down the load of the site, if you want to send it to bad_brain[at]suck-o.com and I'll upload it for you....
- floodhound2
- ∑lectronic counselor
- Posts: 2117
- Joined: 03 Sep 2006, 16:00
- 17
- Location: 127.0.0.1
- Contact:
I am with bad brain on this one. I can not afford to take up m day doing security for others I don’t know and for free for that matter. Bad brain has a good point in that the site owners are lazy and can get help if they want to. It does take time and time is a important to me and my businesses that I run. Great idea but I am out unless more is considered. $ = time
₣£ΘΘĐĦΘŮŇĐ
-
- Fame ! Where are the chicks?!
- Posts: 212
- Joined: 26 Mar 2006, 16:00
- 18
- Location: Infinite Loop
- Contact:
Im not saying we will secure other peoples sites, just take justice into the people's hands
They saying: "Dont do things to others, that you wouldn't like done to you"
Thats waht im talking about
Like you get home and you don't wanna do anything or dont have anything to do on your pc.....
Just google for some hacked sites and trie and catch the bastards its fun...i guess...
They saying: "Dont do things to others, that you wouldn't like done to you"
Thats waht im talking about
Like you get home and you don't wanna do anything or dont have anything to do on your pc.....
Just google for some hacked sites and trie and catch the bastards its fun...i guess...
-
- cyber messiah
- Posts: 1201
- Joined: 30 Apr 2006, 16:00
- 17
- Location: 127.0.0.1
Yeah we forget that there are already people who are paid for that, maybe its fun, but that wont give us our daily bread, why would any 'hacked' admin co operate with us? I love investigating stuff, but does that mean the owner of hacked site would give us logs and documentation of the configuration??eppik wrote:Im not saying we will secure other peoples sites, just take justice into the people's hands
They saying: "Dont do things to others, that you wouldn't like done to you"
Thats waht im talking about
Like you get home and you don't wanna do anything or dont have anything to do on your pc.....
Just google for some hacked sites and trie and catch the bastards its fun...i guess...
I think we have enough reasons for not doing it no matter how much we like it.
Its just like there's a robbery in someone's house and we go and tell them "hey we are here to investigate stuff and catch robbers"
Agreed. Plus, remember, skiddies know nothing of wich they are doing, they all get caught just about all the time. Let justice come to them, dont bring it to them or else youll be the one in court. Not the skiddie destroying box's for fun. Most of them just use program's made by others, instead of actually taking out time and making your own, understanding how it works.
- LaBlueGirl
- Suckopithicus chickasaurus
- Posts: 513
- Joined: 22 Mar 2006, 17:00
- 18
- Location: Brussel
- Contact:
heeheepseudo_opcode wrote:Watch out man, using word 'white hat' on suck-o means asking for trouble,cya in debate board, thats something i learnt here, when you say white hat, people laugh at you..
Don't look at me in that tone of voice!!!
(kidding, lol)
"Hey, Crash!
Ever tried walking with no legs?
It's real slow!"
~Crunch, Crash Bandicoot TTR
Ever tried walking with no legs?
It's real slow!"
~Crunch, Crash Bandicoot TTR