Security Information Vulnerability Research Security Blog

NASA sites running OS X defaced

July 28th, 2006 by Juha-Matti, Filed under: Web, Commentary, Apple

Zone-H lists the following NASA Web sites defaced today:

#1
http://avdc.gsfc.nasa.gov/phpgdv2

See mirror at zone-h.org/index2.php?option=com_mirrorwrp&Itemid=44&id=4402740

#2
http://avdc1.gsfc.nasa.gov/phpgdv2

See mirror and details at zone-h.org/index2.php?option=com_mirrorwrp&Itemid=44&id=4402742

Zone-H.org archive lists these as mass defacements of Byond Hackers Team.

WHOIS results for 128.183.103.227 are the following:

OrgName: National Aeronautics and Space Administration
OrgID: NASA
Address: IS05/Office of the Chief Information Officer
City: MSFC
StateProv: AL
PostalCode: 35812
Country: US

NetRange: 128.183.0.0 - 128.183.255.25

They have a separate “Cyberwar: the beginning” posting too:
www.zone-h.org/content/view/13932/30/

DiggRedditSlashdotTwitThisSphinnStumbleUpondel.icio.usFacebookGoogleTechnoratiE-mail this story to a friend!

-

Is your site safe from SQL Injection? Use Active Network Scanning to protect your network!

3 Comments:

  1. NASA sites running OS X defaced » Wagalulu - Technorati’s Top Tags » » NASA sites running OS X defaced, on July 28th, 2006 at 5:31 pm Said:

    […] Original post by SecuriTeam Blogs Blog Content Cloud & accessories apple back blog bluetooth business cell design digital first free good google home ipod july know last life link little love macbook market merchant microsoft mighty mouse news night online part permanent phone photo photos pics pictures post price review sale software time video wireless work world zune Search […]

  2. xyberpix, on July 28th, 2006 at 7:16 pm Said:

    I don’t think that the fact that they were running OS X REALLY has much to do with it, at the end of the day it’s your Apache config that matters, as these sites were firewalled pretty hecticly, namely ports 80 and 443 were open, so it was an Apache sploit, also due to the recent Apache advisories, it’s not too suprising really. Not that I’m sticking up for OS X at all, I love it, but I do know that it needs work, but hey, at least these days people are mentioning it, and no publicity is bad publicity. Nice post btw!

  3. Alpha, on July 28th, 2006 at 10:05 pm Said:

    the NASA sub domains actually defaced with nasty methods and frankly all of the nice methods that anothers think about this are truly false . seems to bypassed some firewalls or IDS’s but at all this sites will deface only with web applications Vuln . such as NASA subdomains that defaced by Ashiyane Security Team in last year . Thanks .

Security RSS Subscribe


Vulnerability Scanner