[Owasp-delhi] [Owasp-Mumbai] TCS.com -- something wrong.

Muslim Koser mkoser at isightpartners.com
Mon Feb 8 09:38:01 EST 2010


If this is repeat attack, then, this seems to be serious and it seems
twitter kind of attack which happened few weeks back. 

 

Also as DNS servers are targeted, it would be interesting to know
whether the servers were owned by TCS or third party. If it was third
party then this attack might have affected other companies as well, if
its TCS then there will be serious questions of security measures from
their side, as it will affect their reputation badly

 

The repeat of this attack might mean the attack might have been planned
and targeted, guess more information will be unfolded in coming days

 

Muslim

 

From: owasp-delhi-bounces at lists.owasp.org
[mailto:owasp-delhi-bounces at lists.owasp.org] On Behalf Of
nileshkumar83 at gmail.com
Sent: 08 February 2010 14:57
To: owasp-delhi at lists.owasp.org; owasp-mumbai at lists.owasp.org
Subject: [Owasp-delhi] [Owasp-Mumbai] TCS.com -- something wrong.

 

As per Dhruv:

>> The IP address that was resolving against the domain during
>>compromised period was: 205.178.152.154 and now after restoration its:
>>216.15.200.140. So not really network/application attack but
DNS/account
>>compromise.

The site is again under attack.
The IP of TCS.com is again back to compromised one: 205.178.152.154
The tcs.com displays the following message:

"This Domain name is for sale. Please contact us:
abed_uk at hotmail.com

Looks like DNS attack only.

-- 
Thanks & Regards,
Nilesh Kumar,
Engineer-Security| Honeywell Technology Solutions
http://www.honeywell.com/
www.nileshkumar83.blogspot.com
www.linkedin.com/in/nileshkumar83
Mobile- +91-9019076487
_______________________________Honeywell 
Honeywell Technology Solutions Lab

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20100208/d44666b4/attachment.html 


More information about the Owasp-delhi mailing list