Energy lab servers caught in compromising position
PC World reported
late last week that Web servers run by Brookhaven National Laboratory were hosting links to pornography sites.
The lab was not the only government organization caught unaware by surreptitious doings on its public-facing hardware. California's Madera County court site
actually contained ads for pornography sites and performance improvement aids.
Both organizations seemed to be unaware of the additional duties their servers were undertaking. We fathom malicious hackers, or their bots, broke into the Web servers and planted the additional material.
We're not out to vilify these organizations. There are a probably a lot more agencies where this could happen, or where it is already happening.
If this news causes you concern about your own Web site, take a look at recently reissued guidelines
from the National Institute of Standards and Technology on securing Web servers. It's a starting point.
Our favorite quote came from Trend Micro Inc. network architect Paul Ferguson: "You can't just put a Web server out there and forget about it any more."
Posted by Joab Jackson on Oct 08, 2007 at 9:39 AM