Hi Parker, > The only answer I can come up with is, "The sysadmin isn't paying > attention," and other evidence seems to back that up. Is there something > else I'm missing?
No, you're most likely right on the money with that one. Heck, as aware about server security I am (some call it paranoid), it even happend to me once. One of my less important websites (a personal one, not business related) was running PHPnuke, which is a nightmare security wise. There are more holes in it than in my grandfather's socks. Anyhow, someone hacked the admin are of this nuke driven site and defaced the startpage. They didn't actually get into the server, but to my embarassment the defacement was up for a few days before I actually noticed. If it had been a static website, them my IDS software would have detected it as I run a checksum over each static website each night. For dynamically generated pages that doesn't make much sense, though. ;o) -- Mit freundlichen Gr��en / With best regards Michael Stauber �Stauber Multimedia Design ____ Phone: �+49-6081-946240 �Eppsteiner Weg 9 ___ �D-61267 Neu-Anspach ___ Germany �SMD.NET ___ SOLARSPEED.NET ___ FORUMWORLD.COM _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
