Gosh, darn script kiddies!

Has your site ever been compromised through an embarrassing security hole? A few months back, a forgotten virtual machine in the DMZ part of a client's network was compromised... several times, by different people... It was amusing seeing how many modifications they made to some tables in a few databases, what they wrote, we got a pretty good kick out of it.

But it definitely got us thinking, these script kiddies go around all day, abusing zombie servers and google to find new victims, trying to hit a jackpot, hoping to find SSNs, credit card numbers or something similar. So, what can we do stop them? Well, secure that server, sure, but what else?

We could also alert people with holes in their machines, but hey, can we afford to do that? Yeah! We can, at least for visible holes those script kiddies exploit!

And on we go...

What's their modus-operandi? They look for a popular vulnerability, easy to exploit, and easy to find, with Google (the reason Google continuously makes the top-100 list of preferred security assessment tools as you can see here).

And this is exactly what we are doing, crawl the web for known security issues, try to assess if the hole is present in a particular server, try to identify the proper person to contact, either by email addresses published in websites hosted there or through the whois records, and alert them with proper information to fix this bug.

Simple enough! Yes, but we believe this could go a great length at stopping this type of attacks.

Stay tuned for more!

Hello server-owner!

We are writing you from Server Protectors to let you know that we have identified a potential security hole in your server with IP $ip. You might want to address this security issue as soon as possible since this issue can be easily found using the following query on google, $query.

CVE: $cve_data
URL affected: $url
Date: $date

You can read about why you are getting this in Server Protectors to crawl the web to alert vulnerable site owners.

Comments

Bob J, October 03, 2009 05:32 I think that's a great thing to do. Notifying admins that exploits exist can only help them in the long run. The faster they fix the bug, the better off they'll be. Keep it up.

Manoj T, October 03, 2009 07:29 Warning people of the vulnerabilities of their system is a great service. Most of us tend to go lax if nothing happens and the day the site is hacked, we are caught unawares. The need to be more aware of security concerns has to be drilled into people time and again. It is not that people do not know that the systems are vulnerable, but over a period of time they tend to get casual.

davids, October 03, 2009 09:41 I am just about to open a website for online sales that will definitely be profitable. I been worried about the many things that could effect my security. I will definitely be checking into more of this.

webknight18, October 03, 2009 14:17 Yes, it is important that companies know about vulnerabilities in their systems. Scrip kiddies are all over, and it is becoming increasingly hard to protect sensitive information like SSN, and credit card no's.

James Chapman, October 03, 2009 14:26 I am in the process of launching a new website this week and decided to search the internet for ways to protect it. That is when I came across your site and the useful information that you have here. Thank you so much it has given me new confidence. Good work.

Write comment
Name:
Email: