It can be hype or grandstanding - and it wouldn't be the first time. But we have always seen that the declarations of Al quaida leadership have always been followed up by some of its active cells or linked groups or some lunatic. Not always at the exact time or location or with the announced bloodshed, but some way or another these declarations aren't to be taken lightly.
It is time - while we are in Turkish hacker attack and the storm worm virus is collecting zombies for its botnet (even within the skynet network probably) - for the ISP's to start stopping the zombies and botnets using their collective power to get out who-ever they want.
Those who own websites - especially governmental, financial and political ones - need to stay on alert and upgrade permanently their backup, monitoring and security defenses.
If you haven't heard of a Reverse Proxy start reading about it. One tip take a reverse proxy with a totally different OS than the one you use to host the site. Tip two set the website behind an application firewall. Tip three let only port 80 traffic go between the reverse proxy and the website.
you were warned .... if nothing happens, look at it as an exercise.
Translation by Joseph Shahda of the Al Qaida 11/11 cyberwar declaration
Beginning of the translation:
….From this blessed forum I call on to the formation of “Jihadi Battalions to Attack the Internet” for the triumph of truth in the age of darkness so contribute with us in establishing these blessed Battalions.
A. The definition of “Jihadi Battalions to Attack the Internet”:
They are large group made from faithful members who love the truth and want the triumph of the religion and their job is to bring the truth to large segments in the world that do not have the full truth or get the real truth, and to do so by using the available means or create new methods.
B. The mission of “Jihadi Battalions to Attack the Internet”:
Spreading the truth of the muslim nation, of Jihad, and of Mujahedeen to the world and in particular to the place that live in darkness.
C. The vision of “Jihadi Battalions to Attack the Internet”:
Our vision is to draw a map of the world internet and reach 85% of the internet users, for example we see that the “Messenger Program” is used by approximately 99.9% of the internet users therefore we want to establish our own “Jihadi Messenger Program” to enter each house in the world.
The types of “Jihadi Battalions to Attack the Internet”:
1. The Information Battalions:
Formation of battalions in different languages to gather information about the threads posted in the islamic forum in all languages and non ilsmaic forums, as well as the youth forums in general and the islamic in particular.
2. Hacking Battalions:
The formation of Hackers groups from among the Moujahedeen to study the method of hacking the forums and develop new hacking methods.
3. Literature Attack Battalions:
The formation of writers groups from among our brothers to publish their old and new writings in all the forums presented by the Information Battalions.
4. E-mailing Battalions
The formation of groups from among the brothers to send all what is being published by the Moujahedeen in particular the “Sahab” and “Furqan” institutes to all e-mail boxes and here we pay a standing ovation to our brothers in “Al Nusara E-mail” because they were first in this domain but this time we not only send e-mail to who register his e-mail address but also to all humanity.
5. The Research and Development Battalions
The formation of the Research and Development Battalions to research, develop, and create new method to spread the information to the largest possible number of people or figure out the active people to send them the information.
6. The Advocacy Battalions:
The formation of advocacy battalions to call on people to join the “Jihadi Battalions to Attack the Internet”
7. Production Battalions:
The formation of battalions from among the brothers who are specialized on audio, video, flashes, and banners production to support the blessed battalions in its publications and to support the Advocacy battalions in its mission.
8. Translation Battalions:
The formation of translators battalions to translate from Arabic to the main languages or to other languages
9. The Security and Technical Battalions:
The formation of battalions form among the technical experts of forums and chat rooms and the security of the internet so they can from private chat rooms for each battalion and these chat rooms is not for visitors or reading or commenting but for the members of the battalions to discuss how to divide the work among themselves.
…….. Important Note:
Sheikh Osama may allah protect him said: “90% of the battle is through the media and the remaining is through weapons”.
End of the Translation source
Who could have thought that conversative bloggers would fight each other as much as communists do with each other ?
Well, they do and one of the players in the game is our own belgian brussels journal, the european "conservative" (other names come to my mind when reading this) blog by excellence. One of the writers is mr Belien whose wife is elected for the Vlaams Belang that by some US conservatives is being seen as a 'flemish interest party' (sic) but where another group of American conservatives grouped around this blog is calling them facists and racists and so on and refuse to have anything to do with them or with anyone - even conversatives - that have anything to do with them. Other American conservatives don't agree with this and want to have an united front to defend our morals and civilisation and so on, but these American conservatives don't want anything to do with that kind of people, because conservatism has nothing to do with racism and neo nazi's and so on. Needless to say that these democratic conservatives are hardly lamblasted for this, but they seem to have decided to stand firm. I normally have not much sympathy for them, but I always respect people who break away from silence, apathy and collaboration to defend democracy and freedom.
http://littlegreenfootballs.com/weblog/?entry=27801_WN_We... The last post untill now
the post that started it all http://littlegreenfootballs.com/weblog/?entry=27784_The_M...
and if you read those posts you find that the brussels journal is not so much a conservative democratic blog but a linkbelt of all kinds of extreme rightwing and oddright marginal groups and people that use the so called intellectual impression of the blog to give themselves some credibility. This is one of those 'intellectual links'
real conservatives are democrats and humanists, not scum
It is reconforting that not all US conservatives fall for the prins charming offensive that Vlaams Belang tries to set up in the US to upgrade their image here. Belien is the submarine for this task. It seems that this cover has been blown. Better late than never.
The turkish hackercampaign against .be sites is not slowing down, but it luckily didn't take the numbers and efforts from a real campaign that brought down substantial parts of the internet or the websites in some other countries. Let's hope it will stay that way. Or better that they cool down and understand that this cyberrioting has nothing to do with patriotism. It doesn't convince one man that they should think or act otherwise, on the contrary.
the numbers of hacked .be sites are still higher than normal and some like
and so on and so on..... not very big sites but like a botnet many small ones make one big network .....
Some of the sites that are being defaced this weekend were also defaced in the last several months. It could be that some hackers-crackers are only going through a list and methods that were successful before.
At the other side it is sorry to see that even professionals only put back their sites without closing the security holes that were responsable for the first hack and without controlling their website on other security problems. If you can't stand the heat, don't host yourself on the internet, go to REAL professionals (I am not linked to any of them - you don't see any advertising around here don't you ?).
The political question is if this campaign stays going the way it does if it isn't time that someone of something starts getting the responsabilities and instruments as written in the New Telecom Law to coordinate the Belgian ISP's and maybe major hosters and DNS to take appropriate measures. Or do we really have to wait untill a big major Belgian websites goes down ?
So if you were defaced-hacked last year look again at your logs and watch out for the scans and attacks coming your way. Also recheck your site for any other mistakes. There are some free opensource tools to do this quite efficiently like Nmap and metasploit. More such tools you can find on http://freeware.skynetblogs.be between the other free stuff.
If you wanna read about security, go to http://ebooks.skynetblogs.be for free books.
yahoo was known to have one of the best - if not the best online webmailservice around since long. It has adopted this service several times to new functions and possibilities but the change to web2.0 has fucked up their mailservice for good. You effectively can't use it and what is even more surprising there is no reaction whatsoever from whoever from Yahoo or the support service. If you google for the different problems with yahoo mail new (and for not being able to open attachment the old version also) than you see tens of tens of questions in all kinds of support groups but without any other response that they are aware of it and are working on it.
This is during for months now and you can't expect from your users that they will wait for much longer. Luckily for Yahoo we are a bit hostage because it would be nearly impossible to transfer everything to another account.
Meanwhile the business image of yahoo has been damaged.
http://be-hacked.skynetblogs.be indicates that the number of Belgian sites .be that were being hacked the last couple days has been going up even if we don't see any political proclamation as was the case last week. Nonetheless we see that the number of compromised sites and servers is going up.
Now that we are also working with a Turkish directory of defaced sites aside from other sources, we see more clearly that Turkish hackers are like bees to a compromised flower (site). If a site is defaced it will be defaced over and over again by different groups that sometimes are trying different techniques. Some websites that were/are defaced we see being reworked - in the same place or on another directory of the site - 5 times or more.
it is for this reason incredible that hosters and ISP's are not keeping more under control and that it is as if they don't care. Not only takes it sometimes days for the hack to be noticed or to be taken offline - even after the publication at http://be-hacked.skynetblogs.be but some older websites that were hacked are still hacked online.
It is time maybe for Google or dns.be or the ISP's to take some action. This could be
* a mail warning that the website is compromised and published as such and that they have 48 hours to take the website or the pages offline
* if they don't answer than dns.be can receive a message to change the website by a "404 under construction" (now I hear dns.be telling me that this would be enormous work, euh we are talking about 5 to 20 sites a week in normal circumstances. I am not sure how many would stay hacked after 2 days if they would be effectively blocked otherwise).
a leaking oiltanker is also repaired or taken to habor or emptied into another tanker..... Here nobody cares about the infection spills from leaking boats and tankers on the WWW
According to this service - public indicator some of our networks have very infected - or remotely controlled servers or users - that are attacking in such a way other networks that belgium is being indicated as a dangerous network. Only the problem on skynet.be network seem to worsen as now 3 botnet servers are active.
Hey guys at skynet, waken up - take it down - before it spreads and takes you down
by the way TELENET network is hosting 6 phishing sites
http://atlas.arbor.net/cc/BE you can both become member to have the detailed information to take them down.