Tuesday, July 8, 2008
Hacking the Hackers
There is a hacking war out there, and Israel is losing. Why? Because we usually care about the law and we usually live in countries that care about the law as well.
Meanwhile, those who don't care about the law run rampant, destroying websites and making problems for website administrators all over the world.
So, is a virtual war halachically permissible? Maybe the answer is legitimizing this warfare.
Can we amass our own army to fight it? Perhaps this would be the best answer--enlist hackers in the IDF and have them get busy with fighting the hackers against Israel and, of course, all the Jihadist and violence inciting websites out there.
It's a thought!
JPost.com » Health and Sci-Tech » Internet and Technology » Article
Jul 8, 2008 9:59 | Updated Jul 8, 2008 16:04
Digital World: Hacking back
By DAVID SHAMAH
While peace talks seem to be breaking out all over, the reality of life in the Middle East is perhaps better reflected in the ongoing cyber-warfare Israel is subjected to. Last month the Bank of Israel's Web site was busted up by Arab hackers, and just the other day, so was Dr. Baby (http://www.doctorbaby.co.il/), erasing months of work on their on-line catalog, according to this article on NRG (http://tinyurl.com/6go8wc) - which makes it sound like they didn't have a backup of the site.
While most of the hackers out there seem to be doing it for fun, there are lots of hackers who are in it for the politics. Many of them seem to be Turkish, but there are enough anti-Israel Arab hackers - and enough attacks on Israeli sites. Between July 1 and late Sunday, as I wrote this, something called the "Moroccan Jurm Team" (sounds like an appropriate name to me) had left their calling card on more than 100 Israeli sites.
Most hackers make sure to change the front page of a site, to announce their triumph and/or spread their messages. The JURMs have a fairly harsh message for Israelis, the usual stuff you can read on anti-Israel Web sites (Israel bad, Palestinians good) - as well as photos of suffering Palestinian children, etc. on some of the hacked sites.
You, too, can keep your finger on the pulse of the hacker world by surfing to http://www.zone-h.org/. The first thing a lot of hacker teams do when they break into a site is alert Zone-h, which records the hacked page in its archive for posterity. On the left side of the page you'll see the Attacks Archive link; click it, and then at the top of the Digital Attacks Archive page, click "enable filters," and type in .il in the Domain box on the right.; then click on the magnifying glass on the right to see the archived hacked version of the site. Do the search, and you'll see just how lousy security is on many Israeli Web sites.
Interestingly, the vast majority of hacked sites were located on Windows 2003 servers, with the occasional rare hacked site using Linux. But that's neither here nor there - we must defend our brothers' Web sites as our own.
If we assume that most people who bother to hack Web sites are pimply faced kids with no life, then we can be proud of our Israeli youth, who are too busy living a real life to have to get satisfaction with a virtual one. You'd think that our hackers would be on the offensive against countries like Iran or Egypt. But no - most of the hacks in the Iranian domain (.ir) seem to have been done by Iranian groups, like the Persian Boys Hacker Team; and ditto for Egypt, where there's a lot of Arabic on the hacked pages, and messages like "no harm meant, we're just testing your security."
There have been fledging attempts by pro-Israel hackers to go on the offensive against Israel's cyber-enemies, but after a burst of energy, the effort seems to die down (probably all the kids were studying for Bagrut). The dozens of teams from Turkey, Iran, Morocco, etc., seem to have all the time in the world to hack away at poorly defended Web sites.
So how do they do it? It's not like these hackers are such geniuses; chances are they're nothing more than "script kiddies" (http://en.wikipedia.org/wiki/Script-kiddie) who basically download ready made "rootkits," which they can use to invade a site. There are dozens of rootkits around, and they take advantage of known security defects and holes in different versions of Web server software - something any newbie administrator should be able to plug up by applying the proper software patches regularly released by Web server software makers.
Script kiddies get no respect or love from real hackers, who at least do creative and interesting stunts (www.phrack.org) - and do it for the public good. The script kiddies, on the other hand, are just interested in destroying - and if they can attach a political message to prop up their self confidence, then they're happy to do it. But don't think that political idealism is what motivates them.
Short of learning hacking techniques - i.e. basic programming - there's little the average fan of Israel can do to fight back against Islamo-Web terrorism. But as it happens, Google, of all sites, provides you with a few tools that might let you perform a little on-line mischief. And even if the Google Hack 2.0 tools don't lead you to sites you can have your way with, you'll still be fascinated by a trip to a side of the Web you never even realized existed.
First, you must see the video (at http://www.tinkernut.com/archives/18); you can also download a PDF with all the instructions. This is the original home of the next generation of Google Hacks, which, if anything, proves how ubiquitous the search engine has become.
For example, Google is indexing on-line cameras now. By entering the command intitle:"Live View / - AXIS into a Google search box, you'll get to an AXIS 241S Video Server, which in some cases you can control right from your browser (although all the ones I've come across want a name and password, which you of course have to figure out).
Other tricks include accessing someone's desktop ("vnc desktop" inurl:5800) - ditto on the passwords (the PDF's author has some tips on how to proceed there) and a hack to give you total mastery over a Web site, giving you PHP Administrator Access. Interesting, but where's the counter-hacking angle? Well, because many of these servers and devices don't have DNS names, they display their IP addresses as their Web connections. All you have to do is figure out which Web site is Iranian, Egyptian, Moroccan or whatever other group you want to stick it to.
At http://www.find-ip-address.org/ip-country/, you'll find the address blocks of IP addresses assigned to each country; if you know anyone who can write a little script comparing the results of a Google search to the relevant IP addresses - and find a device or server that will actually let you in - you'll be in the pro-Israel hacking business. But I'll be that, like your kids, you have too fulfilling a life to go for this idea. Still, it's nice to know that we can, if we want to!