You go to Yahoo! to search for an apple crisp recipe, but the site does not appear as you expected. It's covered with anti-war messages or pro-Islamic defacement in Arabic. Defending against this type of currently popular digital grafitti is a serious job for security firms. No major commercial sites have been hit as of yet, but thousands of smaller sites have been defaced. Watch "Tech Live" tonight for details.

Neither the Department of Defense, FBI, nor CIA websites have been hit. Instead, the targets are rather surprising -- sites such as cabbagesoupdiet.com. Dieters looking for a quick weight-loss plan are met instead with a message claiming President Bush is drunk and Americans are following him like mindless sheep.

The sleepy coastal California town of Pacifica's website was also defaced by an anti-war protester. Some government sites that aren't securely configured have been rewritten and a remote site for the US National Center for Agricultural Utilization Research was hit. In addition, a Web-based email logon for a US Navy site was defaced.

Many attacked sites belong to American and British businesses or obscure branches of US federal agencies. One group of "hacktivists" (hackers with a message) claims it defaced the whitehouse.gov site, but no third-party groups could corroborate the defacement. Jimmy Orr, White House website administrator, flatly denies the site was defaced. "My guys went through the logs and we have no record of any successful defacement activity," he said.

According to security firm F-Secure, one of the groups at the foregront of defacing websites is the Unix Security Guards (USG). This pro-Islamic hacking group has taken down hundreds of sites in a fell swoop, inflicting mass defacements on poorly protected websites.

Richard Christian teaches mixology at the ABC Bartending school in San Leandro, California. The school's site, abcbartending.com, was defaced with a message in Arabic posted by the USG group. Christian was surprised the site had been hacked, but says "if they wanted to learn how to mix the perfect Singapore Sling, all they had to do was ask."

F-Secure says mass defacements occur when hacktivists select a block of IP addresses to scan. They look for vulnerabilities through which they can take control of a Web server. If the administrator of a website is paying someone else to host a site, it's usually the host's security that allows a hacker to rewrite a webpage.

But let's face it: Defacing such unlikely sites as resolveincontinence.com, schoolgearuniforms.com, or wallysupholstery.com probably won't achieve an anti-war hacker's desired result.