steve miller wrote:
Wow....
Thanks Sheila.
This script was loaded into many directories, some of which did not
start out writeable. Could someone have changed all my permissions
> and then insert this?
I suspect the directories were writable as the user the webserver runs
as, and a vulnerability in one of your scripts was exploited to get the
file on the server.
What kind of hidden links should I look for, and what might they do?
Most likely commented-out blocks of links to dodgy places, do a view
source on your pages and look for anything that shouldn't be there.
Also, they might have created a .htaccess file which causes non-existent
URLs to be handled by passing them to a script they've uploaded.
Have a read of the discussion on the URL Sheila posted, and do some
Googling yourself for rssnews.ws, that should give you a good idea of
what to look for.
Cheers
Dave P
____ The WDVL Discussion List from WDVL.COM ____
To Join wdvltalk, Send An Email To: mailto:[EMAIL PROTECTED] or
use the web interface http://e-newsletters.internet.com/discussionlists.html/
Send Your Posts To: [email protected]
To change subscription settings, add a password or view the web interface:
http://intm-dl.sparklist.com/read/?forum=wdvltalk
________________ http://www.wdvl.com _______________________
You are currently subscribed to wdvltalk as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]
To unsubscribe via postal mail, please contact us at:
Jupitermedia Corp.
Attn: Discussion List Management
475 Park Avenue South
New York, NY 10016
Please include the email address which you have been contacted with.
