> > The person doing this seems to be relatively new to the scene, > > only defacing websites with common vulnerabilities that you can find > > anywhere on the Internet (http://astalavista.box.sk/ for example). > > Check out Zone-H (http://www.zone-h.net/) to see if your domains are > > on there, and to see if you can build a pattern from his/her past > > exploits. That should help you in determining how he/she is doing it. > > > > You're on the right track in guessing that it was CMS-related. > > Remember how many sites and servers were compromised when phpBB > > exploits were announced and left unpatched? These jackass skript > > kiddies just Google for known versions and deface whatever they can. > > It's not like the old days where you picked a target and found a way > > in.... now it's just that you pick your way in and find a target. > > > > *yawn!* No challenge anymore.... these kids are too lazy.... Are you using joomla cms ? Several google hits were about that one. My $0.02. I'll defer to the security practitioner. _________________________________________________________________ Peek-a-boo FREE Tricks & Treats for You! http://www.reallivemoms.com?ocid=TXT_TAGHM&loc=us
