Defacement of another government site
see http://www.nationaldisaster.go.ke/: With the planned Cyber Emergency Response Team (CERT)<http://www.cio.co.ke/Main-Stories/connected-kenya-citizens-to-enjoy-better-service-delivery.html>should help the government deal with such repeat violators of our cyber space. eGovernment and ICT Board should also help government and its agencies come up with platforms that are secure and regularly updated. As we digitize our systems, we do not want other countries snooping on our data without our knowledge. -- with Regards: <https://twitter.com/#%21/denniskioko> <http://blog.denniskioko.com> www.denniskioko.com
On Thu, Apr 28, 2011 at 13:39, Dennis Kioko <dmbuvi@gmail.com> wrote:
see http://www.nationaldisaster.go.ke/: With the planned Cyber Emergency Response Team (CERT)<http://www.cio.co.ke/Main-Stories/connected-kenya-citizens-to-enjoy-better-service-delivery.html>should help the government deal with such repeat violators of our cyber space. eGovernment and ICT Board should also help government and its agencies come up with platforms that are secure and regularly updated. As we digitize our systems, we do not want other countries snooping on our data without our knowledge.
At this rate, it would appear that contracts to develop and host websitess are awarded with complete disregard for security in the whole process. Anyway, it's fine to have disaster at nationaldisaster.go.ke - even the domain name doesn't make sense! -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email.
Even right now its still defaced. Someone send me a list of all go.ke sites to jgichuki at inbox dot com. I will do a free health check for the sites as soon as i am free. Also i may need names of the guys incharge of these boxes. ./Chucks On 4/28/11, Odhiambo Washington <odhiambo@gmail.com> wrote:
On Thu, Apr 28, 2011 at 13:39, Dennis Kioko <dmbuvi@gmail.com> wrote:
see http://www.nationaldisaster.go.ke/: With the planned Cyber Emergency Response Team (CERT)<http://www.cio.co.ke/Main-Stories/connected-kenya-citizens-to-enjoy-better-service-delivery.html>should help the government deal with such repeat violators of our cyber space. eGovernment and ICT Board should also help government and its agencies come up with platforms that are secure and regularly updated. As we digitize our systems, we do not want other countries snooping on our data without our knowledge.
At this rate, it would appear that contracts to develop and host websitess are awarded with complete disregard for security in the whole process. Anyway, it's fine to have disaster at nationaldisaster.go.ke - even the domain name doesn't make sense!
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email.
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester jgichuki at inbox d0t com {FORUM}http://lists.my.co.ke/pipermail/security/ http://chuksjonia.blogspot.com/
On Thu, Apr 28, 2011 at 14:44, Gichuki John Chuksjonia <chuksjonia@gmail.com
wrote:
Even right now its still defaced.
Someone send me a list of all go.ke sites to jgichuki at inbox dot com. I will do a free health check for the sites as soon as i am free.
Also i may need names of the guys incharge of these boxes.
You will first need to find out whether these activities (webdev & hosting) are coordinated from a central place, which I doubt. Then you are likely to face the bureaucracy associated with the govt. If I were you, I wouldn't waste my time. If you need proof, ask Collins Areba if he ever got any feedback on the suggestion and work he did voluntarily towards some govt website. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email.
I think the ICT board would be in a position to assist you to come up with a list of .go.ke sites, plus Kenic, who are also on this list. The ICT board will also know who contact persons are.
Is this within the mandate of the ICT Board or will they be doing someone a favor? There must be someone responsible - govt Directorate of ICT (or whatever it is called) but I'd be surprised they keep tabs on such projects as nationaldisaster - you know how it works in the govt, don't you? On Thu, Apr 28, 2011 at 15:02, Dennis Kioko <dmbuvi@gmail.com> wrote:
I think the ICT board would be in a position to assist you to come up with a list of .go.ke sites, plus Kenic, who are also on this list. The ICT board will also know who contact persons are. _______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/odhiambo%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email.
Dennis, We already done the exercise and the results were very bad. We are trying to do something as we migrate all of them to the Government Data Center (GDC). There is no need for you to repeat the exercise. Ndemo.
I think the ICT board would be in a position to assist you to come up with a list of .go.ke sites, plus Kenic, who are also on this list. The ICT board will also know who contact persons are.
---------------------------------------------- This message has been scanned for viruses and dangerous content by Jambo MailScanner, and is believed to be clean. --------------------------------------------- "easy access to the world"
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/bitange%40jambo.co.ke
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
---------------------------------------------- This message has been scanned for viruses and dangerous content by Jambo MailScanner, and is believed to be clean. --------------------------------------------- "easy access to the world"
That's great news from our PS. We are really seeing change in our country. I happened to attend the launch of Google's gfunze education program today morning, and Mugo Kibati was on point as he presented the plans for a second Kenya corridor from Lamu to Juba and Addis Ababa. At the moment the country is centred around Mombasa- Nairobi- Kismu- Kampala corridor. So the second corridor has the potential to open up North Eastern and double the countries productivity. At the same time, the Min of ICT and the ICT board have really worked hard to change the status quo. I cant wait to relocate to Malili where there will be no traffic jams.
If it proofs difficult i will just do opensource work, eg http://chuksjonia.blogspot.com/2011/03/kenya-police-website-obvious.html and everyone will know the vulnerabilities associated, hopefully they will fix faster after that. ./Chucks On 4/28/11, Odhiambo Washington <odhiambo@gmail.com> wrote:
On Thu, Apr 28, 2011 at 14:44, Gichuki John Chuksjonia <chuksjonia@gmail.com
wrote:
Even right now its still defaced.
Someone send me a list of all go.ke sites to jgichuki at inbox dot com. I will do a free health check for the sites as soon as i am free.
Also i may need names of the guys incharge of these boxes.
You will first need to find out whether these activities (webdev & hosting) are coordinated from a central place, which I doubt. Then you are likely to face the bureaucracy associated with the govt. If I were you, I wouldn't waste my time. If you need proof, ask Collins Areba if he ever got any feedback on the suggestion and work he did voluntarily towards some govt website.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email.
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester jgichuki at inbox d0t com {FORUM}http://lists.my.co.ke/pipermail/security/ http://chuksjonia.blogspot.com/
On Thu, Apr 28, 2011 at 15:08, Gichuki John Chuksjonia <chuksjonia@gmail.com
wrote:
If it proofs difficult i will just do opensource work, eg http://chuksjonia.blogspot.com/2011/03/kenya-police-website-obvious.html and everyone will know the vulnerabilities associated, hopefully they will fix faster after that.
It's like scratching the back of a croc, hoping it would feel the pinch! -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email.
This is horrible...security chaps lets volunteer and save our beloved govt face... am ready for free consulting on securing these sites On Thu, Apr 28, 2011 at 2:44 PM, Gichuki John Chuksjonia < chuksjonia@gmail.com> wrote:
Even right now its still defaced.
Someone send me a list of all go.ke sites to jgichuki at inbox dot com. I will do a free health check for the sites as soon as i am free.
Also i may need names of the guys incharge of these boxes.
./Chucks
On 4/28/11, Odhiambo Washington <odhiambo@gmail.com> wrote:
On Thu, Apr 28, 2011 at 13:39, Dennis Kioko <dmbuvi@gmail.com> wrote:
see http://www.nationaldisaster.go.ke/: With the planned Cyber Emergency Response Team (CERT)< http://www.cio.co.ke/Main-Stories/connected-kenya-citizens-to-enjoy-better-s... should help the government deal with such repeat violators of our cyber space. eGovernment and ICT Board should also help government and its agencies come up with platforms that are secure and regularly updated. As we digitize our systems, we do not want other countries snooping on our data without our knowledge.
At this rate, it would appear that contracts to develop and host websitess are awarded with complete disregard for security in the whole process. Anyway, it's fine to have disaster at nationaldisaster.go.ke - even the domain name doesn't make sense!
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email.
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester jgichuki at inbox d0t com
{FORUM}http://lists.my.co.ke/pipermail/security/ http://chuksjonia.blogspot.com/
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/roykoikai%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- "Change is slow and gradual. It requires hardwork, a bit of luck, a fair amount of self-sacrifice and a lot of patience." Roy.
Odhiambo, I second you. That domain name scares visitors to the site. On 28/04/2011, Odhiambo Washington <odhiambo@gmail.com> wrote:
On Thu, Apr 28, 2011 at 13:39, Dennis Kioko <dmbuvi@gmail.com> wrote:
see http://www.nationaldisaster.go.ke/: With the planned Cyber Emergency Response Team (CERT)<http://www.cio.co.ke/Main-Stories/connected-kenya-citizens-to-enjoy-better-service-delivery.html>should help the government deal with such repeat violators of our cyber space. eGovernment and ICT Board should also help government and its agencies come up with platforms that are secure and regularly updated. As we digitize our systems, we do not want other countries snooping on our data without our knowledge.
At this rate, it would appear that contracts to develop and host websitess are awarded with complete disregard for security in the whole process. Anyway, it's fine to have disaster at nationaldisaster.go.ke - even the domain name doesn't make sense!
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email.
Right now the deface has been pulled off but the box tells everyone what version of Apache its running, PHP, am sure from here u can guess the version of Fedora and the kernel. LOL people will never learn even after how much information is drilled to them. Not Found The requested URL / was not found on this server. Apache/2.2.17 (Fedora) Server at www.nationaldisaster.go.ke Port 80 On 4/28/11, Solomon Mburu Kamau <solo.mburu@gmail.com> wrote:
Odhiambo,
I second you.
That domain name scares visitors to the site.
On 28/04/2011, Odhiambo Washington <odhiambo@gmail.com> wrote:
On Thu, Apr 28, 2011 at 13:39, Dennis Kioko <dmbuvi@gmail.com> wrote:
see http://www.nationaldisaster.go.ke/: With the planned Cyber Emergency Response Team (CERT)<http://www.cio.co.ke/Main-Stories/connected-kenya-citizens-to-enjoy-better-service-delivery.html>should help the government deal with such repeat violators of our cyber space. eGovernment and ICT Board should also help government and its agencies come up with platforms that are secure and regularly updated. As we digitize our systems, we do not want other countries snooping on our data without our knowledge.
At this rate, it would appear that contracts to develop and host websitess are awarded with complete disregard for security in the whole process. Anyway, it's fine to have disaster at nationaldisaster.go.ke - even the domain name doesn't make sense!
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email.
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke http://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/chuksjonia%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester jgichuki at inbox d0t com {FORUM}http://lists.my.co.ke/pipermail/security/ http://chuksjonia.blogspot.com/
On Thu, Apr 28, 2011 at 15:29, Gichuki John Chuksjonia <chuksjonia@gmail.com
wrote:
Right now the deface has been pulled off but the box tells everyone what version of Apache its running, PHP, am sure from here u can guess the version of Fedora and the kernel. LOL people will never learn even after how much information is drilled to them.
Not Found
The requested URL / was not found on this server. Apache/2.2.17 (Fedora) Server at www.nationaldisaster.go.ke Port 80
Sure, but that is not the main contributing factor for the website's insecurity. I personally don't agree obscurity is a major factor in security, though it contributes a little - by wasting a few minutes for the black hat to figure out the software versions. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email.
Actually, thats not obscurity, its Server Hardening. Changing configurations in httpd.conf and php.ini to avoid such reconnaissance is something any admin should be able to do, unless he learned Server administration outside the class sitting on a window, or just guessed the whole process . Obscurity is like the way banks do it in Kenya. They protect the machines in the front but internally, everything is not hardened or protected, so it becomes easier to break in through browsers, adobe software etc by doing APT against them etc. ./Chucks On 4/28/11, Odhiambo Washington <odhiambo@gmail.com> wrote:
On Thu, Apr 28, 2011 at 15:29, Gichuki John Chuksjonia <chuksjonia@gmail.com
wrote:
Right now the deface has been pulled off but the box tells everyone what version of Apache its running, PHP, am sure from here u can guess the version of Fedora and the kernel. LOL people will never learn even after how much information is drilled to them.
Not Found
The requested URL / was not found on this server. Apache/2.2.17 (Fedora) Server at www.nationaldisaster.go.ke Port 80
Sure, but that is not the main contributing factor for the website's insecurity. I personally don't agree obscurity is a major factor in security, though it contributes a little - by wasting a few minutes for the black hat to figure out the software versions.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler. Please consider the environment before printing this email.
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester jgichuki at inbox d0t com {FORUM}http://lists.my.co.ke/pipermail/security/ http://chuksjonia.blogspot.com/
participants (6)
-
bitange@jambo.co.ke -
Dennis Kioko -
Gichuki John Chuksjonia -
Odhiambo Washington -
Paul Roy -
Solomon Mburu Kamau