> Yeah, that is my concern. While nothing seems to be done to the server > except the "defacing" I want to make sure whoever got in this time can't get > back in. The server had a couple of win2k security updates waiting to be > applied that were applied after the fact. Yeah im figuring its IIS as well. > It's weird, lots of examples of it when googled, lot's of forum posts about > it but no one seems to have anything posted about what is being exploited to > gain access.
It may be a new defacement, but I suspect it's an old hack. It could be this, though - I haven't followed the latest WebDAV problems too much, because I don't manage Sharepoint: http://unixwiz.net/techtips/ms971492-webdav-vuln.html Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more informati ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:322836 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
