update2 the portal of wallonie on the internet has some serious securityleaks (defaced page)

You can say that if you can add an image 

you can add code (malware) or a snoopingware or a redirect or popup 

this is not enormous but it is a signal that there is something wrong 

and what is more 

it wasn't even noticed so this is even more alarming because it means that you can do these things without being noticed 

it wasn't even noticed by CERT or any securityservice (undermanned and underpaid) 

oh and it isn't the first time that parts of the wallonie.be portal have been defaced which shows that there are too many parts to be managed and too few people and resources to do this securily

click on the link for more information http://www.zone-h.org/mirror/id/23337578

oh and just a reminder zone-h.org has a free alerting service for your domain and it is about 600 euro for such a service for all the .be domains but never found the money for that (they prefer giving thousands of euro's for papers and studies)

 

wallonie.PNG

we have found the reason why 

it is an old server and nobody looks at it

but they have made a very stupid mistake

if the site doesn't exist

you make a redirect in your dns server 

and you take down everything that is old and no longer maintained on that server

so you don't get defacements and other attacks 

because even if this subdomain is old, I am not sure if it isn't connected to the new servers because it is in the same masterdomain wallonie.be 

spw wallonie.PNG

but that domain isn't that old 

spw.wallonie.be itself has hundreds of other subdomains like  xyzw.spw.wallonie.be  with logins and etc...

site:http://spw.wallonie.be/

so this is a very strange page to destroy 

and the hack become important again because it was in the main page that there was the upload, so the main page of hundreds of subdomains of the subdomain spw of wallonie.be 

it looks like the chain got broken somewhere and somebody will have to fix it - FAST

one question for example is why one needs to have so many different login systems as they are all made in the wallonie.be domain ? I have the impression that this is begining to look like an impressionistic painting but in which you see you figures 

The comments are closed.