Pakistan develops firewall to prevent Website hacking!

[somebozo]

guess what when was this news from? check for the websites which your guys claim. ... first know little hacking world.

Lol if you know abc about hacking then you will not be laughing if CBI website went down if it was hacked and then it got down. that itself means your hack was broken...

As a certified professional may be only know "A" and "B" of hacking but seriously i have difficulty in making sense of what you are saying. I will give you an excuse because common sense and logic are two widely missing commodities in south! You are only arguing for an argument, typical of Indians..competing word for word even if it makes no sense or logic!

As of now the CBI website is not only down but completely offline..please refute me with an evidence of live CBI homepage..!May be they got to scared that all the external traffic is blocked at the router..soo much for such an important agency...i doubt if any such important agency had a website down for soo long in any other country!

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Administrator>nslookup
Default Server: google-public-dns-a.google.com
Address: 8.8.8.8

> cbi.gov.in
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Non-authoritative answer:
Name: cbi.gov.in
Address: 164.100.52.37

>
C:\Documents and Settings\Administrator>ping google.com

Pinging google.com [74.125.230.80] with 32 bytes of data:

Reply from 74.125.230.80: bytes=32 time=192ms TTL=48

Ping statistics for 74.125.230.80:
Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 192ms, Maximum = 192ms, Average = 192ms
Control-C
^C
C:\Documents and Settings\Administrator>ping 164.100.52.37

Pinging 164.100.52.37 with 32 bytes of data:

Request timed out.

Ping statistics for 164.100.52.37:
Packets: Sent = 1, Received = 0, Lost = 1 (100% loss),
Control-C
^C
C:\Documents and Settings\Administrator>ping cbi.gov.in

Pinging cbi.gov.in [164.100.52.37] with 32 bytes of data:

Reply from 115.113.254.222: Destination host unreachable.
Request timed out.
Reply from 115.113.254.222: Destination host unreachable.

Ping statistics for 164.100.52.37:
Packets: Sent = 3, Received = 2, Lost = 1 (33% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Control-C
^C
C:\Documents and Settings\Administrator>

For those wondering, 115.113.254.222 is the VSNL gateway

 

[divya]

As a certified professional may be only know "A" and "B" of hacking but seriously i have difficulty in making sense of what you are saying. I will give you an excuse because common sense and logic are two widely missing commodities in south!

As of now the CBI website is not only down but completely offline..please refute me with an evidence of live CBI homepage..!May be they got to scared that all the external traffic is blocked at the router..soo much for such an important agency...i doubt if any such important agency had a website down for soo long in any other country!



For those wondering, 115.113.254.222 is the BSNL gateway

Boss that has gone offline because the whole site is being revamped. there were too many vulnerabilities in that. Within the first 24 hours it went down because your guys were not able to actually root it but were able to upload. it was not even defacing. Once down it went offline because of the major bugs and security issues which were reported. So they are completely redesigning the internal functioning.

 

[AZADPAKISTAN2009]

any ways , when whole country uses Windows , who needs hackers -

There is a reason why China insists on its own security

And ps these kiddie firewalls are all open source now a days

 

[somebozo]

Boss that has gone offline because the whole site is being revamped. there were too many vulnerabilities in that. Within the first 24 hours it went down because your guys were not able to actually root it but were able to upload. it was not even defacing. Once down it went offline because of the major bugs and security issues which were reported. So they are completely redesigning the internal functioning.

And that is the reason that the whole route of offline? they could have been bothered to put an under construction page...so it took them a second lesson to realize the vulnerabilities...some competency that is..so the IT powerhouse India cannot design secure websites for its top crime fighting agencies..some logic that is!

And what the hell is this unable to root it but were able to upload..it was a web server hacking to being able to upload is more than enough to deface a website. Root access could be had by executing a malicious script through this upload if desired. Which often is not the motive of script kiddies so prefer to claim large number of credits over having any useful knowledge of hacking..end of the day..CBI website was defaced and whole world watch and laughed!

 

[divya]

And that is the reason that the whole route of offline? they could have been bothered to put an under construction page...so it took them a second lesson to realize the vulnerabilities...some competency that is..so the IT powerhouse India cannot design secure websites for its top crime fighting agencies..some logic that is!

And what the hell is this unable to root it but were able to upload..it was a web server hacking to being able to upload is more than enough to deface a website. Root access could be had by executing a malicious script through this upload if desired. Which often is not the motive of script kiddies so prefer to claim large number of credits over having any useful knowledge of hacking..end of the day..CBI website was defaced and whole world watch and laughed!

oh well CBI website was not being maintained by any of the bigges and was maintained by small company. they are changing everything for the website including the servers as far as i know.

well uploading the data do not require privelages of root if not explicitly defined in the security parameters. Lol of course you can get root access from outside with scripts. but what i am talking here is your guys. they were not able to root because all other pages were working fine. it was just they uploaded a new page for home thats it. is it hard to get. its not rocket science i belive. at least not for us.

what about your guys who did that they themselves got hacked.

 

[mughaljee]

another good news, after blackbarry software.

 

[somebozo]

what about your guys who did that they themselves got hacked.

One of the worst thing i hate in my life is arguing with less than intelligent people. Apparently you have not learned the difference between PakBugz and PakCyberArmy neither the obsolete software cracked open but are here to teach me hacking..some good arguing but zero productive skills that is!

and CBI website was not being maintained by a big company! I am surprised a crime fighting division does not have its own IT wing>???

Lets sum the event once again..
CBI website being largely static was hacked by breaking into the web-server software, manipulating the permission and establising FTP access to uploaded a new homepage. One you have upload access anything and everything can be done. The hackers not showing any desire to get root access does not mean it was outside their domain. They were very well capable of doing so if they wished.. The funny part here is that CBI was running unpatched / insecure software.

PakCyberArmy forums was hacked by running an exploitative query specific to that obsolete version of GPL forums software. More precisely an SQL injection query!
Conclusion:
CBI hacking was more high tech than PakCyberArmy obsolete version of GPL forum!


The fact is there is some ultra chilli up that indian pride and you are resorting to cheap trolling rather than accepting defeat!

As of now the CBI site along with its server is totally down / offline which counts a lot..owing to that same hacker attack..

 

[divya]

One of the worst thing i hate in my life is arguing with less than intelligent people.

then please dont try ever to argue with yourself....

Apparently you have not learned the difference between PakBugz and PakCyberArmy neither the obsolete software cracked open but are here to teach me hacking..some good arguing but zero productive skills that is!

hope you also end up getting owned.

and CBI website was not being maintained by a big company! I am surprised a crime fighting division does not have its own IT wing>???

Ever heard of principals of MIS. Even AT & T dont take care of their website on their own. Neither does biggies like Nationwide... do you know the reason, i guess not....

 

[Crypto]

any ways , when whole country uses Windows , who needs hackers -

There is a reason why China insists on its own security

And ps these kiddie firewalls are all open source now a days

Open source mean anyone can find out the vulnerabilities rather easily. There is a reason corporates prefer tailored solutions rather than open source, who wants to spend millions of dollars on software??

These open source small firewalls are good for SME perhaps not even them; but for 0-10 employee business or home use.

 

[somebozo]

Ever heard of principals of MIS. Even AT & T dont take care of their website on their own. Neither does biggies like Nationwide... do you know the reason, i guess not....

Indian teaching me principles of MIS is the last thing on earth I could wish for..so now CBI equals AT&T but atleast AT&T is hiring someone 10000 times more professional! How come you are comparing a government authority with private enterprise??

 

[divya]

Indian teaching me principles of MIS is the last thing on earth I could wish for..so now CBI equals AT&T but atleast AT&T is hiring someone 10000 times more professional! How come you are comparing a government authority with private enterprise??

Guess what AT & T has it outsourced to India with their ODC in Bangalore, HYD and Gurgaon

The concepts of IT do not change for IT for either a gov biz or non gov body. Even the major gov projects are taken care by private firms only.

As i said do you understand the concept why it is given to other companies when the companies still have enough resources to do them themselves. i still guess you dont.... ok now do googling and tell me the answer....

 

[somebozo]

We are not talking about AT&T but CBI...Lets stick to the subject..I have little consideration for Indian argumentative tactics of changing subject when at losing out!

So far I see all your posts are some damn ridiculous nonsense argument to keep that india pride waving high..without facts to back it up! NASA and CIA website had been hacked and they were not so stuck up about it..simple stated the facts and were up and running in no time...if the CBI guys were even a tad bit professional, they wouldn't take the web site completely down like they did!

 

[divya]

We are not talking about AT&T but CBI...Lets stick to the subject..I have little consideration for Indian argumentative tactics of changing subject when at losing out!

So far I see all your posts are some damn ridiculous nonsense argument to keep that india pride waving high..without facts to back it up! NASA and CIA website had been hacked and they were not so stuck up about it..simple stated the facts and were up and running in no time...if the CBI guys were even a tad bit professional, they wouldn't take the web site completely down like they did!

i again repeat that its not rocket science to know that the entire website and servers are being changed..... Or should i try harder to make you understand that.

 

[Stumper]

and CBI website was not being maintained by a big company! I am surprised a crime fighting division does not have its own IT wing>???

Yes, many goverment agencies are maintained by NIC .. Not all. Not sure who was maintaining this one.. need to check.

One you have upload access anything and everything can be done. The hackers not showing any desire to get root access does not mean it was outside their domain. They were very well capable of doing so if they wished.. The funny part here is that CBI was running unpatched / insecure software.

Not entirely correct. I work with a security company. Defacing is not that difficult for professionals. The professionals, however prefer to root and steal data. In this case, considering that it was a static site, i would assume it made more sense to deface. Since its not known what vulnerability the hackers exploited, it cant be confirmed if the hackers really had a opportunity to jail break.

PakCyberArmy forums was hacked by running an exploitative query specific to that obsolete version of GPL forums software. More precisely an SQL injection query!
Conclusion:
CBI hacking was more high tech than PakCyberArmy obsolete version of GPL forum!

Vulnerability Exploiting for defacement ONLY, is not really "High Tech" by my standard. It's more embarrassment for the agencies and playing to the popular media.

As of now the CBI site along with its server is totally down / offline which counts a lot..owing to that same hacker attack..

Maybe you are not aware. Whenever such a hacking incident occurs, the concerned agencies have to lodge a formal police case. The servers actually get shut down and taken into custody for forensics (Dont flame me please. I know what im saying here). Yes, the server is down after that attack. The security is being outsourced now to a bigger player. Hence that delay. I dont think, it will be functional for next one month or more.

 

[H2O3C4Nitrogen]

i wonder if they could make a firewall against **** websites....!