Toshiba gets hacked down under

Internet vandals targeting IT sites have a pop at Linux servers

Toshiba Australian Web site has become the latest high profile victim of Internet vandals.

The site, toshiba.com.au, was defaced by a cracker called BL4F who replaced its content with a series of greetings and profane abuse at various members of the digital underground.

In part the message, which can be seen in full on defacement site Alldas here, said: "Toshiba Australia / New Zealand got owned, okai, over and out, this is BL4F."

Unusually in these cases the site is running Apache 1.3.9 on Red Hat Linux, not a preferred target for crackers, particularly those who target IT industry sites. However an inspection of the site reveals that its protection is inadequate.

Paul Rogers, a network security analyst at MIS Corporate Defence, said the site either has "a misconfigured firewall or there isn't one", a conclusion he was able to draw because a number of ports were open that should be closed if proper security procedures were in place.

"Toshiba's web servers have a weak security level and there are several avenues that could have been exploited," said Rogers.

"On a publicly facing server who can't just run the installation CD and expect it to be secure when you put it on the Internet. Whether you're using NT or Unix, you need to make modifications and go through a hardening procedure to make sure your system is secure as possible."

Toshiba admitted the attack to The Melbourne Age and told the paper it was "taking further steps to prevent this occurrence in the future." ®

Related stories

Intel hacker talks to The Reg
New York Times Web site sm0ked
Hacker defaces Intel's Web site
Microsoft hacked again
Microsoft hacker fired
Gateway web server flaws exposed
Mass hack takes out govt sites

Sponsored: Designing and building an open ITOA architecture