Return-Path: <sentto-279987-3249-1003762582-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Mon, 22 Oct 2001 07:58:08 -0700 (PDT) Received: (qmail 27325 invoked by uid 510); 22 Oct 2001 14:55:52 -0000 Received: from n30.groups.yahoo.com (216.115.96.80) by 204.181.12.215 with SMTP; 22 Oct 2001 14:55:52 -0000 X-eGroups-Return: sentto-279987-3249-1003762582-fc=all.net@returns.onelist.com Received: from [10.1.1.220] by n30.groups.yahoo.com with NNFMP; 22 Oct 2001 14:56:22 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_0_1); 22 Oct 2001 14:56:21 -0000 Received: (qmail 63460 invoked from network); 22 Oct 2001 14:56:17 -0000 Received: from unknown (10.1.10.26) by 10.1.1.220 with QMQP; 22 Oct 2001 14:56:17 -0000 Received: from unknown (HELO red.all.net) (65.0.156.78) by mta1 with SMTP; 22 Oct 2001 14:56:17 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id f9MEuYp05411 for iwar@onelist.com; Mon, 22 Oct 2001 07:56:34 -0700 Message-Id: <200110221456.f9MEuYp05411@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Mon, 22 Oct 2001 07:56:33 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Pakistani.Group.Strikes.U.S..Military.Web.Site] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Pakistani Group Strikes U.S. Military Web Site BrianMcWilliams; Newsbytes Copyright 2001 Post-Newsweek Business Information, Inc. Delivering on earlier threats, a Pakistani hacking group defaced a Web site operated by the U.S. Department of Defense on Saturday. A crew known as GForce Pakistan replaced the home page of the Defense Test & Evaluation Processional Institute (DTEPI) site with a text message about terrorism and Islam. The defaced page also included several photographs described by the attackers as depicting Muslim children killed by Israeli soldiers. The vandalized site, located at <a href="http://www.dtepi.mil">http://www.dtepi.mil> , was still viewable Saturday evening. Two other addresses affiliated with the site, including <a href="http://enduringfreedom.dtepi.mil">http://enduringfreedom.dtepi.mil> and http://nasa.dtepi.mil , were also vandalized with the same message. Operation Enduring Freedom is the name given by the Department of Defense to its campaign against terrorists in Afghanistan and elsewhere. The attackers' message said Arabs and Muslims fear "retaliation due to unjustified stereotyping and accusations" in the wake of the Sept. 11 attacks on America. The group also criticized the U.S. for historically failing to stop worldwide violence against Muslims. Traffic requests to the DTEPI site appear to be handled by KCnet, an Internet service provider in Kansas City. According to Brian Martin of the Attrition.org hacking information site, the attackers may have used a technique called "DNS poisoning" to cause the defacement. Rather than attack the DTEPI Web server directly, GForce may have penetrated the site's name server and redirected visitors attempting to reach the DTEPI site to a compromised server at KCnet, according to Martin. GForce's message included a threat to deface 1,500 U.S., British, and Indian Web sites in the next month, and claimed to have already obtained sensitive data from Indian government officials. The group also threatened to launch a one terrabyte-per-second denial of service attack against a site that had apparently published information critical of the defacers. "We have suffered throughout the ages and will suffer no more. This is the era of cyberwarfare, where once again the Muslims have prevailed. We will not rest till every node, every line, every bit of information contained in our suppressors has not been wiped out, returning them to the dark ages," said the message. On Wednesday, GForce vandalized a Web server operated by the National Oceanic & Atmospheric Administration (NOAA). In a message at the defaced site, the attackers said they were part of a group called the Al-Qaeda Alliance Online that planned to target "major US military and major British Web sites" in coming days and jeopardize their internal security. The Defense Test & Evaluation Processional Institute provides online and CD-ROM training courses in modern defense testing, according to a copy of the site's original homepage cached by the Google search engine. The defaced page also contained a link to an animated presentation about Islam located at a site operated by the Muslim Student Association at Oregon State University. Alldas' mirror of the defaced site is at <a href="http://defaced.alldas.de/mirror/2001/10/20/www.dtepi.mil/">http://defaced.alldas.de/mirror/2001/10/20/www.dtepi.mil/> . Reported by Newsbytes, <a href="http://www.newsbytes.com">http://www.newsbytes.com> ------------------------ Yahoo! Groups Sponsor ---------------------~--> Pinpoint the right security solution for your company- Learn how to add 128- bit encryption and to authenticate your web site with VeriSign's FREE guide! http://us.click.yahoo.com/yQix2C/33_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:56 PST