[pmwiki-users] Need some help with a wiki.d security breach
dausha at gmail.com
Mon Nov 6 09:54:20 CST 2006
On 11/4/06, Patrick R. Michaud <pmichaud at pobox.com> wrote:
> I'm guessing that the webserver is configured to ignore .htaccess
> files in directories. Ouch.
If this is the case, then I would consider moving ISPs. Then again,
the cracker could have reconfigured the webserver. However, having
been the victim of an attack (exploiting a kernel defect that was
remedied by upgrading to Gentoo's secure kernel), I know that once
they can crack a server, the cracker can run a cronned script against
it. So assume that until the real cause of the intrusion is detected,
that server has been dialed in.
More information about the pmwiki-users