Re: [ossig] Johor State Goverment Site defaced

[Seah Hong Yee <hongyee@xxxxxxxxxxxxxxxxxxxxx>]

On Tuesday 24 February 2004 3:16 pm, Nicholas Adrian Suppiah wrote:
> Hi all,
>
> Can I know what brought up this URL? Why this site so specifically,
> considering so many other are being affected?

I think everyone would expect a govt agency would have more resource to run a 
more secure server especially with one high profile agency.  It sort of 
represent the government of a state so to speek. One would expect them to 
hire at least a full time sysadmin to do something like this. 

>
> Surely, they could have easily done a system restore when they had the
> time. With all the money in the world and nobody with operating "proper"
> procedures, things like this just cannot be avoided. Until a central agency
> is allocated to ensure every exposed system (to the public) is monitored
> (or atleast approved to operate) and advised on steps to take, they will
> have to spend and spend.
>
> "Oh, there is such an agency, some where..." somebody whispered.
>
> -----Original Message-----
> From: owner-ossig@mncc.com.my [mailto:owner-ossig@mncc.com.my]On Behalf
> Of kengheng
> Sent: 24 February 2004 14:34
> To: ossig
> Subject: Re[2]: [ossig] Johor State Goverment Site defaced
>
>
> Hi all,
>    I think the admin just replaced the html file for the URL, all seem
>    back to normal, but the server vulnerabilities still there as can
>    check from the netcraft, the site still on win2k Apache/1.3.28
>    (Win32) PHP/4.3.3. I think they didn't learnt the lesson after this
>    inccident.
>
> Tuesday, February 24, 2004, 8:55:41 AM, you wrote:
>
> IWS> kengheng wrote:
> >> Hello ossig,
> >>
> >>   http://www.johordt.gov.my
>
> IWS> http://uptime.netcraft.com/up/graph/?host=www.johordt.gov.my
>
>
> IWS> "The site www.johordt.gov.my  is running Apache/1.3.28
> IWS> (Win32) PHP/4.3.3 on Windows 2000"
>
> IWS> Hasn't been rebooted since sometime in December.  I feel fairly
> IWS> sure there's been some Win2k critical updates since then.
>
>
> IWS> Imran
>
>
>
>
>
>
> ---
> CONFIDENTIALITY NOTICE & DISCLAIMER
>
> This email and any attachment may contain confidential, privileged content
> and/or copyrighted information of APIIT SDN BHD ('Message'). If you are not
> the addressee indicated in this Message (or responsible for delivery of
> this Message to such person) any use, disclosure, retransmission or
> dissemination of this Message or any part thereof is strictly prohibited.
> If you have received this in error, please notify the sender immediately by
> return e-mail and delete this Message from your computer. Take note that
> any privilege or confidentiality attached to this Message is not waived,
> lost or destroyed due to this disclosure. Whilst all care has been taken,
> APIIT SDN BHD's management disclaims all liability for loss or damage to
> person or property arising from this Message being infected by computer
> virus or other contamination. Opinions, conclusions and other information
> in this Message that do not relate to the official business of APIIT SDN
> BHD shall be understood as neither g! iven nor endorsed by APIIT SDN BHD.
> ---
>
>
>
> ---------------------------------------------------------
> To unsubscribe: send mail to ossig-request@mncc.com.my
> with "unsubscribe ossig" in the body of the message


---------------------------------------------------------
To unsubscribe: send mail to ossig-request@mncc.com.my
with "unsubscribe ossig" in the body of the message