How humiliating! My website is running php, which I discovered, much to my chagrin, installs by default with its directive "allow_url_fopen" set to "On". From the description in the php.ini file, this directive determines "Wheter to allow trating URLs like http:... or ftp:... like files". The script kiddy who got me apparantly used this security chasm (not just a hole) to execute arbitrary commands on my system, with apache's privileges, the end result of which was the replacement of my index.php file with his own. (http://www.mainusch.net/defaced.html).
Why on earth would PHP ship with all of its security doors completely open?!?!? Arrrghhhh! It appears this was all this particular kiddy was able to do, which was easy enough to fix. I tightened up security in general after this, but now I have that "oh no, I don't want to have to reinstall the whole system just to be on the safe-side" feeling again. -- Joseph E. Mainusch 43A East Ridge Road Merrimack, NH 03054 +1 (603) 560 6317 ***************************************************************** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *****************************************************************
