Quote:
Originally posted by the_fifth_horseman@May 4 2006, 09:51 AM
I mean, some time back the hackers used to just leave a small notice that they succeeded in hacking the site and did not vandalize the existing content.
...
And none of the actual site content vandalized.
|
Maybe so, but most of these attacks are automated and the vandal's "note" is usually accomplished by vandalizing preexisting content. It's a real pain in the behind to have to go back through backups for all the vhosts on a machine and replace the index.* files from backups. I've been seeing a lot of attacks recently on some of my machines attempting to brute-force default Red Hat accounts (admin, etc) via SSH and while it isn't really a terribly serious issue (any sort of direct root login -- remote or local -- is prevented), it is a pain having to deal with such a tremendously large number of failed attempts. There are a few nice tools now, though, which will automatically block zombies being used for these purposes.