> You were hacked through the SSL exploits before te patch came out?
The day before.
> How did you trace it back to a particular exploit? If you didn't
> discover it for a while, they had quite a while to cover their
> tracks.
It was a few days later, one of our customers had complained about SSL
not working right, so I did some testing and uncovered some strange
text being displayed via SSL but not port 80. I tracked it down on the
server and realized pretty quickly what had happened. A co-worker
found the specific exploit via a search, and within a short while the
server was patched accordingly.
--
Damien McKenna - Web Developer - [EMAIL PROTECTED]
The Limu Company - http://www.thelimucompany.com/ - 407-804-1014
"Nothing endures but change." - Heraclitus
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
