The original article has since been updated to reflect some of what I pointed out.
From: security curmudgeon (email@example.com) To: firstname.lastname@example.org Cc: errata submission
Date: Tue, 23 Oct 2001 09:57:53 -0600 (MDT) Subject: Taliban defacement article Sheesh guys... http://www.vnunet.com/News/1126342 But what has amazed security experts more is the fact that it took so long for someone to have a crack at the site. [What security "experts"? The ones that don't know how to use 'whois' or ones you asked for opinion without giving all the facts? Did anyone bother to look at when the domain was created? DOMAIN CREATED : 2001-09-15 00:00:00 I don't think I need to remind anyone of 9-11 vs 9-15 here..] Last night an as yet unheard of defacer going by the name of MaxMouse replaced the homepage of Talibanonline.com with images of the American flag and the message: "The United States will destroy you! You will pay for this you stupid fools!!!" [Did you consider that 'MaxMouse' may have created the domain?] Mark Read, network security analyst for MIS, said he wasn't aware of the site being defaced in the past, although a sister site, Taleban.com has been hit numerous times. [Well duh? Of course it hasn't been hit in the past. The domain is new. And really, is it "taleban" or "taliban" in these domain names, and do they really have anything to do with the real thing?] Read said it was likely that the attacker, who has not claimed any other defacements, was probably a script kiddie exploiting one of the holes in the IIS 5 webserver. "But I'm amazed it has taken someone so long to attack that name," he said. In an ironic twist to the story, it seems that although the site is registered to the Afghan National Taliban in Kabul, it is actually hosted by a US company called Network Commerce in Seattle, Washington. [Why is that ironic given the creation date for the domain?]