Two machines compromised, w/ coincidences

Sun, 23 Dec 2001 01:24:50 -0500 (EST)

On December 18, two machines on the Institute of Telecommunication Sciences were defaced. ITS is the research and development branch of the National Telecommunications and Information Administration (NTIA), which is part of the Department of Commerce (DOC).

What is interesting here, is that two seperate defacing groups compromised two different machines on the same government network, both running HP-UX 10.20, on the same day.

In looking at each defaceement, both pages show the output from "uname -a" and "id". This is somewhat common to see on defaced pages, it adds to the list of coincidences. While the HTML style is different and their defacing history are seperate, it's still very curious.

Defaced by: Anarchy Control

Normal URL:
Mirror URL:

Defaced by: BHS

Site title: The Institute for Telecommunication Sciences (ITS)

Normal URL:
Mirror URL:

© 1999, 2000, 2001 Copyright Brian Martin
Permission is granted to quote, reprint or redistribute provided the text is not altered, and the author and is credited. The opinions expressed in this text are not necessarily the opinion of all Attrition staff members.

To subscribe to this list, send mail to with subscribe defaced-commentary in the BODY of the mail.

main page ATTRITION feedback