[kictanet] Has Kenya Police Website been Hacked?

John Kieti jkieti at gmail.com
Thu Jan 6 09:31:57 EAT 2011 

Really there should not be much doubt as to whether the Police website was
hacked or not. Some insights here
http://www.theonlinekenyan.com/2011/01/kenya-police-website-hacked.html for
those who did not follow. The police website hacking even became quite the
buzz and humor with Kenyans on twitter in the last 48 hours (search the hash
tag #KenyaPolicePassword).

More seriously though, it should have been common sense for the police to
simply bring down the site as they figured out a way out of the security
breach (Delink DNS pointer in worst case scenario). For about 48 hours the
site remained an embarrassing exhibit  -international embarrassment to the
police (and Kenya government).

Regarding the name servers, why go so much beyond the primary one -
hazina.treasury.go.ke ?

Regards
Kieti

On Wed, Jan 5, 2011 at 11:35 PM, Wainaina Mungai
<wainaina.mungai at gmail.com>wrote:

> Joe and Wash have answered the query on puck.nether.net......but i would
> like to hear more on DeathStar.org ;-)
>
>
>
> On Wed, Jan 5, 2011 at 10:53 PM, Muchiri Nyaggah <muchiri at semacraft.com>wrote:
>
>> What about puck.nether.net's registrar, DeathStar.org! [shiver]
>>
>> Kind regards,
>>
>>
>>
>> *Muchiri* Nyaggah
>>
>> Director
>>
>> @muchiri
>>
>> +254 722 506400
>>
>> Semacraft.com
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> On Wed, Jan 5, 2011 at 9:52 PM, Wainaina Mungai <
>> wainaina.mungai at gmail.com> wrote:
>>
>>> A kenic search gives the info below about kenyapolice.go.ke. What seems
>>> sinister is the name servers - *puck.nether.net*
>>>
>>> WM
>>>
>>>
>>>
>>>
>>> Domain Information Query: kenyapolice.go.keStatus: ActiveCreated: 18 Jun
>>> 2004Modified: 27 Dec 2009Expires: 18 Jun 2013Name Servers:
>>> hazina.treasury.go.ke
>>> puck.nether.net
>>>   Registrar Information Registrar Name: Government Information
>>> Technology Services  Registrant: International Name: Kenya Police
>>> HeadquartersInternational Address: Vigilance House
>>> P.O. Box 30083
>>> NAIROBI 00100
>>> KE
>>> Phone Number: +254 20 335142  Admin Contact:International Name:Government Information TechnologyInternational
>>> Organisation: Ministry of FinanceInternational Address: Treasury
>>> Building
>>> Harambee Avenue
>>> P.O. Box 30007
>>> NAIROBI 00100
>>> KE
>>> Email Address: gits at TREASURY.GO.KE Phone Number:+254-20-2252299   Technical Contact:International
>>> Name: Government Information TechnologyInternational Organisation:Ministry of FinanceInternational
>>> Address: Treasury Building
>>> Harambee Avenue
>>> P.O. Box 30007
>>> NAIROBI 00100
>>> KE
>>> Email Address: gits at TREASURY.GO.KE Phone Number:+254-20-2252299   Billing Contact:International
>>> Name: Commissioner of PoliceInternational Address: Vigilance House,
>>> Harambee Avenue
>>> P.O. Box 30083
>>> NAIROBI 00100
>>> KE
>>> Email Address: kenyapolice at TREASURY.GO.KEPhone Number: +254 20 333641
>>> On Wed, Jan 5, 2011 at 7:51 PM, Josiah Mugambi <jmugambi at gmail.com>wrote:
>>>
>>>>  It's been hacked and defaced again
>>>> --
>>>> Josiah Mugambi
>>>>
>>>>
>>>>
>>>> 2011/1/5 Josiah Mugambi <jmugambi at gmail.com>
>>>>
>>>> Not 100% sure of the facts but the original site was apparently running
>>>>> on a windows based web server, it got defaced. Possibly the fedora apache
>>>>> test page is a sign that some background web development work on a new site
>>>>> is ongoing.
>>>>>
>>>>> --
>>>>> Josiah Mugambi
>>>>>
>>>>>
>>>>>
>>>>> 2011/1/5 Preston Odera <podera_2002 at yahoo.com>
>>>>>
>>>>>>  Dear All
>>>>>>
>>>>>> Has Kenya Police Website been Hacked? When you go to the website you
>>>>>> get
>>>>>> "Fedora Test Page"
>>>>>>
>>>>>> More hacking could be going on we need professionals to get more
>>>>>> trainings on latest trends on hacking in order to secure our websites.
>>>>>>
>>>>>> I organize courses in the region to help manage the manage the manace.
>>>>>>
>>>>>> Appropriate courses coming up are detailed below:-.
>>>>>>
>>>>>>
>>>>>> *                      K-Ninety East Africa Ltd.*
>>>>>>
>>>>>>                Courses January 2011 to September 2011
>>>>>>
>>>>>>
>>>>>>          (The courses can also be organized in-house . Contact us for
>>>>>> more details)
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> JANUARY 2011
>>>>>> 24th – 26th Nairobi                    PRINCE2 FOUNDATION + EXAMS
>>>>>>
>>>>>> 27th – 28th Nairobi                    PRINCE2 PRACTITIONER + EXAMS
>>>>>>
>>>>>>
>>>>>>
>>>>>> FEBRUARY 2011
>>>>>>
>>>>>> 31st  Jan – 4th Feb  Nairobi      COMPUTER HACKING FORENSIC
>>>>>> INVESTIGATOR + Exam (EC-Council)
>>>>>>
>>>>>> 7th  – 11th Nairobi                     CERTIFIED ETHICAL HACKER +
>>>>>> EXAM (EC-Council)
>>>>>>
>>>>>> 7th – 11th Nairobi                      INFORMATION SECURITY
>>>>>> GOVERNANCE & IS AUDIT
>>>>>>
>>>>>> 14th – 16th Nairobi                    ITIL V3 FOUNDATION COURSE +
>>>>>> EXAMS
>>>>>>
>>>>>> 14th – 15th Nairobi                    ENTERPRISE WIDE RISK
>>>>>> MANAGEMENT
>>>>>>
>>>>>> 21st – 25th Nairobi                    SANS SEC401-SECURITY
>>>>>> ESSENTIALS BOOTCAMP STYLE
>>>>>>
>>>>>> 28th – 5th Nairobi                      SANS SEC408 - COMPUTER  FORENSICS
>>>>>>  ESSENTIALS
>>>>>>
>>>>>>
>>>>>>
>>>>>> MARCH 2011
>>>>>>
>>>>>> 28th – 31st Mombasa                PROJECT MANAGEMENT PROFESSIONAL (PMI
>>>>>> accredited)
>>>>>>
>>>>>>
>>>>>>
>>>>>> APRIL 2011
>>>>>>
>>>>>> 11th  – 12th  Nairobi                  VIRTUALIZATION COURSE + EXAM
>>>>>>
>>>>>> 13th  – 14th Nairobi                   CLOUD COMPUTING COURSE + EXAM
>>>>>>
>>>>>> 25th – 29th   Nairobi                  ISO 27001 LEAD AUDITOR + EXAMS
>>>>>> (RABQSA or IRCA)
>>>>>>
>>>>>>
>>>>>>
>>>>>> MAY 2011
>>>>>>
>>>>>>   9th – 12th Nairobi                    IS AUDIT RISK & SECURITY
>>>>>> COURSE
>>>>>>
>>>>>> 16th  – 18th Nairobi                   ACTION CENTERED INTERNAL AUDIT
>>>>>> MANAGEMENT
>>>>>>
>>>>>> 16th –20th  Nairobi                    CISSP CBK COURSE (ISC)
>>>>>>
>>>>>>          28th   Nairobi                   CISSP EXAMINATION (ISC)2 *
>>>>>>   *
>>>>>>
>>>>>>
>>>>>>
>>>>>> JUNE 2011
>>>>>>
>>>>>> 6th – 10th Nairobi                      CERTIFIED BUSINESS CONTINUITY
>>>>>> MANAGER (BCI Accredited)
>>>>>>
>>>>>> 13th  - 17th Nairobi                   COMPUTER HACKING FORENSIC
>>>>>> INVESTIGATOR + Exam (EC-Council)
>>>>>>
>>>>>> 20th  – 24th Nairobi                   CERTIFIED ETHICAL HACKER +
>>>>>> EXAM (EC-Council)
>>>>>>
>>>>>> * *
>>>>>>
>>>>>> JULY 2011
>>>>>>
>>>>>> 25th – 27th Kisumu                    INFORMATION SECURITY MANAGEMENT
>>>>>> BASED ON ISO/IEC 27002 + EXAMS
>>>>>>
>>>>>>
>>>>>>
>>>>>> AUGUST 2011
>>>>>>
>>>>>> 1st – 3rd Nairobi                        PRINCE2 FOUNDATION + EXAMS
>>>>>>
>>>>>> 4th – 5th Nairobi                        PRINCE2 PRACTITIONER + EXAMS
>>>>>>
>>>>>> 22nd – 27th Nairobi                    INFORMATION SECURITY BOOTCAMP
>>>>>>
>>>>>>
>>>>>>
>>>>>> SEPTEMBER 2011
>>>>>>
>>>>>> 21st – 23th Nairobi                    ITIL V3 FOUNDATION COURSE +
>>>>>> EXAMS
>>>>>>
>>>>>> 26th – 29th Nairobi                    PROJECT MANAGEMENT
>>>>>> PROFESSIONAL (PMI accredited)
>>>>>>
>>>>>> * *
>>>>>>
>>>>>> * For more details contact:*
>>>>>>
>>>>>> *
>>>>>> *
>>>>>>
>>>>>> *
>>>>>> Preston
>>>>>> *
>>>>>>
>>>>>> K-Ninety East Africa Ltd.
>>>>>>
>>>>>> P.O. Box 3894-00100 Nairobi Tel: +254  20 6008316 or +254 20 3544352
>>>>>> Cell  +254 722 77 14 78
>>>>>>
>>>>>> Email* podera at k90ea.com <training at k-90ea.com>***
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> kictanet mailing list
>>>>>> kictanet at lists.kictanet.or.ke
>>>>>> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>>>>>
>>>>>> This message was sent to: jmugambi at gmail.com
>>>>>> Unsubscribe or change your options at
>>>>>> http://lists.kictanet.or.ke/mailman/options/kictanet/jmugambi%40gmail.com
>>>>>>
>>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> kictanet mailing list
>>>> kictanet at lists.kictanet.or.ke
>>>> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>>>
>>>> This message was sent to: wainaina.mungai at gmail.com
>>>> Unsubscribe or change your options at
>>>> http://lists.kictanet.or.ke/mailman/options/kictanet/wainaina.mungai%40gmail.com
>>>>
>>>>
>>>
>>> _______________________________________________
>>> kictanet mailing list
>>> kictanet at lists.kictanet.or.ke
>>> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>>
>>> This message was sent to: muchiri at semacraft.com
>>> Unsubscribe or change your options at
>>> http://lists.kictanet.or.ke/mailman/options/kictanet/muchiri%40semacraft.com
>>>
>>>
>>
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> This message was sent to: jkieti at gmail.com
> Unsubscribe or change your options at
> http://lists.kictanet.or.ke/mailman/options/kictanet/jkieti%40gmail.com
>
>


-- 
My Blog - www.gmeltdown.com
'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
Keep on doing what you know is right ...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20110106/4bbddd1c/attachment.htm>

More information about the KICTANet mailing list