Government sites apparently weren't targeted in Defacer's Challenge
- By William Jackson
- Jul 07, 2003
Winners reportedly will not be announced until tomorrow, but the big loser in Sunday's Defacer's Challenge appears to have been Zone.H, whose site was knocked offline by a denial-of-service attack and a subsequent barrage of legitimate traffic during the contest.
The Zone.H site at www.zone-h.org
, which verifies and reports Web defacements, was to have been used as the judging criteria in the race to deface 6,000 Web sites.
'July 6 has to be remembered as the messiest day in the of whole Internet history,' the site's administrator said in a written statement Monday.
But for just about everyone else, the contest was pretty much a nonevent. Of the defacements were recorded by Zone.H, the majority were in the .com domain and no .gov sites were reported hit. No high-profile sites reported damage.
Alfred Huger, senior director of development for Symantec Corp.'s Security Response team, said scans of port 80 were detected from 40,000 different IP addresses, about normal for a Sunday. 'It's a little bit higher but not much,' Huger said. 'We didn't see a significant rise in prescreening, either.'
Some Web sites were defaced during the day. Peter Allor, manager of the X-Force Threat Analysis Service at Internet Security System Inc. of Atlanta, put the number of known defacements at between 500 and 600, within the range for an average day. A really busy day can produce as many as 3,000 defacements, he said.
The challenge was organized by someone using the handle Eleonora, and publicized on a Web site at www.defacers-challenge.com. The goal was to deface 6,000 sites in the shortest time possible, or, failing that, to deface as many sites as possible in a six-hour window. The contest was extended to 15 hours.
The original Defacers Challenge site was taken offline July 3, but has apparently found a new host. The new site says the winners of the challenge will be published July 8. Allor said the text on the site appears to have been translated from Portuguese by a Web translation service.
The contest started at 9 a.m. Estonia time, but a large segment of the hacker community apparently had decided to boycott the event because of the publicity it had generated. Some expressed their displeasure by launching a denial-of-service attack against Zone.H, which is a neutral third party based in Estonia not directly involved in the challenge. The attacks kept the site offline from 10 a.m. to 6 p.m., and after that a flood of legitimate traffic swamped the server. The site was back online Monday morning.
Although the challenge appears to have been a bust, Allor and Zone.H said increased scanning was observed before the contest and warned that servers hosting Web sites could have been compromised in advance of the event and might still be attacked.
William Jackson is a Maryland-based freelance writer.