hello despite having ipfilter blocking all ports except 80 21 and 22, tripwire, and scoring 999999 in nmap, my website got defaced. the box is currently unplugged. i wanted to know what is the best way to find out who did it and how they got in, and what to do from here. tripwire shows a lot of files changed, most of which could be attributed to cvsup'ing recently. any other security precautions to take disaster recovery guides? i've already changed p/w's on my other boxes. thanks -- ______________________________________________ Check out the latest SMS services @ http://www.linuxmail.org This allows you to send and receive SMS through your mailbox.
Powered by Outblaze _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"