Yea, Matt those are our sites at zone-h.org
They don't have any info on the hack just who has it. Thanks John On Tue, 04 Jan 2005 14:51:59 -0500, Matt wrote: >�http://www.zone-h.org/en/defacements/filter/filter_defacer=tugr@/ > >�Clean your computer carefully and close the holes (patch everything >�and change all passwords). > >�You should consider using Microsoft's URLScan to prevent many IIS >�exploits, move all Internet accessible data off of the C partition, >�and block access to nonessential ports with a router. �That >�combined with regular patching will prevent guys like this from >�hacking your site since they will find easier prey elsewhere and >�all they are looking for is an opportunity for defacement and not >�necessarily to deface you. > >�Matt > > >�john cesta wrote: >> >> >>�Has anyone heard of this one? >> >>�What they do is to copy: >> >>�index.php .cfm .htm .html .asp >>�default.php .cfm .htm .html .asp >> >>�to the root folder of every web site. >> >>�I can't find much on it on the web. I thought I had figured it to >>�be an old servu ftp server hack so I upgraded about 3 weeks ago >>�but today upon reboot it happened again. >> >>�I have a fully patched win2k server >> >> >>�Thanks >> >> >>�To Unsubscribe: http://www.ipswitch.com/support/mailing- >>�lists.html List Archive: http://www.mail- >>�archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: >>�http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
