Please read the NOTES.
NEWS
The OS graphs are up-to-date through April, 2001.
NOTE: I have collapsed all BSD and Solaris into the "All Other" category.
Trends in Defacements by Operating System, August, 1999 through
April, 2001
Operating System Graphs
Defacement table categorized by Country and TLD (Top Level Domain), including
Banks, Churches, Police Stations (Over 70 Linked pages by Domain):
Country and TLD breakdown
As previously announced on the defaced-commentary list, Top Level Domain summary data for the years 1999-2000 is now updated. This is data that relates to TLDs only; find it here as well as the tar-ball of the logs for the entire archive.
The OS Tables page is now up-to-date, and should be on a daily basis. It had been busted since at least late summer. Funny, I used to get email about those sorts of things. I'm guessing that the usually up-to-date os-graphs have diverted traffic from it, which is too bad, since the tables have a finer-grained OS definition (NT-Windows 2000, BSD, Linux distros, and the "Other" category broken down, for instance), and not only that, you can use them for making your own graphs as well...
W00. A nice new total tables page is now up. I think
you will like it:
Annual, Monthly, Defacements per Day Tables and Spiff-Chart
Updated: Total Defacement Trends, January 1999 - December,
2000:
Total Defacement Graphs
Trends in Defacements by Webserver, August, 1999 - November, 2000:
Webserver Graphs (And please read
the updated
NOTES
for these graphs!)
Defacements counts by year, month, and since August 1999, Operating
System:
Operating System Tables
Other Resources
Subpoena Derby.
If you have an idea for a statistic you'd like to see from the mirror, feel free to email me your suggestions: munge@attrition.org
Subpoena Stats
Two 2703d Subpoenas has been delivered under seal. The first requested
information on two individuals. Apparently the FBI thought it
easier than delivering two seperate subpoenas. The second was to obtain
information on a single individual ('pimpshiz'). A third subpoena was
delivered after the mirror was discontinued by the US Postal Service.
NOTES:
It SHOULD go without saying that not all defacements are reported to Attrition, Attrition does not get every defacement that is reported to us, and that these statistics refer only to our archive.
All of the tallies, graphs, tables, and etc., count each "Mass Hack" as one defacement unless otherwise stated.
These statistics are prepared with a combination of Perl and a commercial statistics package, Stata. All graphics are from Stata.
Discrepancies: Yes. The easiest discrepancy to find is between total defacements and adding up the totals for each month. On one hand, a total and accurate count of the entire archive is desired, on the other, when we do date-based calculations or tallies, we kick out incomplete dates. Since we have a number of mirrors that don't have a complete date, the date-based calculations and the total count differ. Most of the incomplete dates are from or before early 1999.
The Bugtraq Vulnerability Database Statistics
http://www.securityfocus.com/vulns/stats.shtml
The Netcraft Web Server Survey
http://www.netcraft.com/survey/
The E-Soft Web Server Survey
http://www.securityspace.com/s_survey/data/
© 1999-2001 Copyright Matt Dickerson and Brian Martin
Excerpts from this page may be reproduced if
Attrition and the URL
http://www.attrition.org/mirror/attrition/stats.html are attributed.
Last modified: Thu Dec 6 08:18:50 EST 2001