Submitted via IRC for Bytram
US president-elect Donald Trump's freshly minted cyber-tsar Rudy Giuliani runs a website with a content management system years out of date and potentially utterly hackable.
Former New York City mayor and Donald loyalist Giuliani was [...] unveiled by Trump's transition team as the future president's cybersecurity adviser – meaning Giuliani will play a crucial role in the defense of America's computer infrastructure.
Giulianisecurity.com, the website for the ex-mayor's eponymous infosec consultancy firm, is powered by a roughly five-year-old build of Joomla! that is packed with vulnerabilities. Some of those bugs can be potentially exploited by miscreants using basic SQL injection techniques to compromise the server.
This seemingly insecure system also has a surprising number of network ports open – from MySQL and anonymous LDAP to a very out-of-date OpenSSH 4.7 that was released in 2007.
[Editor's note: The website in question appears to have been taken down after this story went public.]
Source: The Register
(Score: 0) by Anonymous Coward on Saturday January 14 2017, @11:50AM
Honeypots. Heard of them?
(Score: 0) by Anonymous Coward on Saturday January 14 2017, @11:53AM
Giuliani sure hasn't.
(Score: 2) by davester666 on Saturday January 14 2017, @09:38PM
He was hoping some hot chicks would start chatting with him through the site...
(Score: 2) by BsAtHome on Saturday January 14 2017, @12:01PM
No, this is a classic one as in: Do as I say, not as I do!
It is only for appearances, there is no one taking them seriously. The decisions are made at a different level and have, in general, nothing to do with what is sane or necessary.
(Score: 2) by Bot on Saturday January 14 2017, @12:18PM
why taking it down, then?
I yet have nothing bad to say on Trump other than his eyes being empty (like Obama's eyes are evil, Berlusconi's are downright scary, while good man Putin's are better... probably because he's a lookalike).
But if Giuliani server is outdated, let the other camp have a lil' fun with it. He had all the emailgate scandal period to fix his sh*t and did not care. Now karma has bitten.
Account abandoned.
(Score: 0) by Anonymous Coward on Saturday January 14 2017, @12:41PM
HEY EVERBODY COME HACK MY SITE
IT'S A LEGIT SITE WINK WINK
NOT A HONEYPOT I PROMISE
(Score: 2) by bradley13 on Saturday January 14 2017, @12:11PM
His business was lobbying and political influence. The company was clearly a shell, to allow people to pay him, so that he would use his political influence on their behalf.
Lobbyists are slime, but the critical difference between this and the Clinton Foundation is that Giuliani sold his political influence *after* he left office, whereas Hillary sold hers *while* she was in office.
Regardless, Giuliani is a very disappointing pick. Trump's other picks have qualifications for their jobs, whereas Giuliani quite clearly does not.
Everyone is somebody else's weirdo.
(Score: 4, Insightful) by c0lo on Saturday January 14 2017, @12:27PM
Seem to me quite qualified as an influence peddler, are you absolutely sure Trump doesn't actually need expert advice in picking the "right influence" from all the incoming bids?
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 5, Insightful) by digitalaudiorock on Saturday January 14 2017, @07:50PM
With an EPA head that doesn't believe in the EPA (or science apparently), a secretary of education that doesn't believe is public education, a secretary of the interior that probably wants to frack public land, an attorney general that probably longs for Jim Crow, and others almost too painful to recall at the moment...arguably his picks are best "qualified" to dismantle the organizations they're heading. Given that that's unfortunately the goal in many cases, from his standpoint they probably are "qualified"...but I digress...
(Score: 0) by Anonymous Coward on Saturday January 14 2017, @11:49PM
All techies are feminist faggot SJWs.
Glad he didn't pick one of you techi faggot fucks.
(Score: 2) by jcross on Monday January 16 2017, @03:42PM
I'm probably too late to the party for anyone to read this, but I actually thought of why Giuliani is a decent pick. He can improve cybersecurity using the same strategy he used to clean up NYC: get rid of all the broken Windows.
(Score: 4, Interesting) by Whoever on Saturday January 14 2017, @04:16PM
You can access the website here: http://209.238.99.227/index.php/us/ [209.238.99.227]
(Score: 2) by Nerdfest on Saturday January 14 2017, @04:59PM
Yeah, it looks like they took down the main page. It's all cringe-worthy amateur stuff.
(Score: 2) by Whoever on Saturday January 14 2017, @05:34PM
bradley13 is right [soylentnews.org]. The "cybersecurity business" is merely cover for influence peddling.
(Score: 1) by RS3 on Saturday January 14 2017, @05:40PM
More info: http://toolbar.netcraft.com/site_report?url=http://209.238.99.227/index.php/us [netcraft.com]
(Score: 2) by Bot on Saturday January 14 2017, @07:39PM
no virtual hosting then, so I guess it's a server/vps and it has been probably already pwned by automated attacks and sending spam.
Account abandoned.