On December 18, two machines on the Institute of Telecommunication Sciences were defaced. ITS is the research and development branch of the National Telecommunications and Information Administration (NTIA), which is part of the Department of Commerce (DOC).
What is interesting here, is that two seperate defacing groups compromised two different machines on the same government network, both running HP-UX 10.20, on the same day.
In looking at each defaceement, both pages show the output from "uname -a" and "id". This is somewhat common to see on defaced pages, it adds to the list of coincidences. While the HTML style is different and their defacing history are seperate, it's still very curious.
Defaced by: Anarchy Control
Normal URL: http://elbert.its.bldrdoc.gov
Mirror URL: http://www.safemode.org/mirror/2001/12/18/elbert.its.bldrdoc.gov/
Defaced by: BHS
Site title: The Institute for Telecommunication Sciences (ITS)
Normal URL: http://www.its.bldrdoc.gov
Mirror URL: http://www.safemode.org/mirror/2001/12/18/www.its.bldrdoc.gov/
© 1999, 2000, 2001 Copyright Brian Martin
Permission is granted to quote, reprint or redistribute provided the text is not
altered, and the author and attrition.org is credited. The opinions expressed
in this text are not necessarily the opinion of all Attrition staff members.
To subscribe to this list, send mail to majordomo@attrition.org with
subscribe defaced-commentary in the BODY of the mail.