Skip to content
{ 2007 03 07 }

pWn3d!

While looking to grab some podcasts for my commute to DC this morning, I went to check out the website for WYPR.  The following image is currently their homepage:

wypr-owned.jpg

I do not know if it will be there by the time you read this, but I find it pretty entertaining.   Of course, website defacement these days is trivial, but someone forgot to patch something or shutdown an unneeded service.  ;-)

Posted by JJT on Wednesday, March 7, 2007, at 6:34 am EST. Filed under Uncategorized. Tagged , , . Follow any responses to this post with its comments RSS feed. You can post a comment or trackback from your blog.

{ 4 } Comments

  1. Paul | March 7, 2007 at 10:47 am EST | Permalink

    My guess would be they got in via FTP:

    ftp 207.114.6.197
    Connected to http://www.wypr.org.
    220 vwww3 Microsoft FTP Service (Version 5.0).

    and excuse me but why, why do they have FTP open to the world?!?!?!

  2. Jason J. Thomas | March 7, 2007 at 11:27 am EST | Permalink

    Heh. And it looks like the anonymous account is enabled on IIS 5. Someone is going to get in a shitstorm of trouble about this.

    And, really, why would you have FTP open? Close it. If you need it, put it on a separate box.

  3. Psychophil | March 8, 2007 at 6:10 pm EST | Permalink

    Thats whats happens when somebody brings in their nephew who ‘knows all about computers’ to set up the web site.

  4. Jason J. Thomas | March 10, 2007 at 11:30 am EST | Permalink

    psychophil: So true. “I know how to setup a server. How hard is it? It looks just like Windows 95.”

Post a Comment

Your email is never published nor shared. Required fields are marked *