On 26 Aug 2009 at 10:59, David W. McSpadden wrote: > If someone has access to your ssl website with valid username and password > you assume that > either 1 of 2 things have happened: > A someone has a keylogger and their computer is compromised. > B someone just out and out gave the information away. > > Is that a correct assessment?
Might not be the person's computre, it might be that somebody accessed the website from a corporate LAN where am SSL proxy has been set up, and the corporate LAN is compromised (or the corporate admin is crooked, which amounts to almost the same thing). > If you have the IP from the 'hacker' that accessed your website who do you > report it too??? > Most likely it is a bot and nothing can be done but who do you report it too > none the less??? -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +-----------------------------------+ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
