Date: Mon, 20 Apr 2009 10:52:57 -0700 From: Paul Ferguson <fergdawgster@gmail.com>
On Mon, Apr 20, 2009 at 10:40 AM, Nick Chapman <nicknetworks@gmail.com> wrote:
On Mon, Apr 20, 2009 at 12:47 PM, Neil <kngspook@gmail.com> wrote:
But if you figure out how they got write access to a static website, I'd love to hear it.
Compromised FTP credentials would be my guess. They can be obtained by brute force attacks or credential stealing trojans.
Yeah, it could have been any number of ways -- there has also been a huge increase of SSH brute-force attacks in the past few weeks:
And, from several reports (including my own), they (brute force ssh attacks) seem to have stopped at about 22:30 UTC on the 19th. (Not that this is really relevant to the thread.) -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751