<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote">That is complete bollocks. Might as well say if you get your car stolen it's your fault for not securing it properly, not the thiefs. If you get mugged it's your fault for walking alone at night, not the muggers. After all he was just showing you how dangerouse it was to do that. You should thank him for doing you a favour. These are the type of spunkbubbles who would teach you road safety by running you over.<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">
Yes, I might as well say that, because thats exactly what it is. Maybe not as extreme as just being mugged, but say if you walked arround a club stark naked, you're bound to be groaped
It most certainly is lazy admins, if only you knew how absolutly clueless they have to be to allow their site to be compromised. 99.9% of these sites are compromised through seriously slack security flaws, open shells on standard users, using crap FTP servers and really poor passwords. Things which it is most certainly the webmasters job to ensure is maintained.
I'll let you in on how it works
An exploit is found in software - it is reported to the vendor.
If the vendor responds, their response and relevant patches is posted arround to the various security notice boards. If not, their loss.
Later, exploits filter in as proof of concept.
Once proof of concept code is posted arround and script kiddies catch a whiff, compile a quick script and start searching for backdoors and have a wild time.
Generaly there is a GOOD amount of time before these patches are released and concept code hits the web. There are only very rare occurances when propper crackers/hackers find these exploits and use them against sites - infact the only last time that has happend was a good 6 months ago to a debian.org shell machine and this is extremly rare - even in that case it was found that the machine exploited was done so via an old bug that had not been patched on that machine.
If webmasters and server admins vigilantly patch exploits - it is easy to ensure that their site is untouchable to a good percentage of the kiddie world.
You cant blame vendors either.
In the case of the blaster worm, and the slammer worm alike, the exploit warning was given almost 2 weeks before concept code hit the web. It was only a week after that that microsoft released the first patches (which worked, but had a DoS effect, not that serious though). When the warnings were released I ensured all the machines I maintain had the effected port filterd even before MS released the patches - problem soved and some of them to this day tick along happily and compleatly unpatched.
It was a MONTH after the initial concept code was released and MS had patched the problem that the blaster worm was unleashed - and you can clearly still see the damage it STILL causes to this day.
So you tell me who's fault it is, the vendors? The hackers? or the users.
)