"Jay_Reborn" <Jay_Reborn@discussions.microsoft.com> wrote in message
news:3D127817-8127-40CB-A6CC-33793B31D137@microsoft.com...
> There has been a sudden increase from hackers changing the the root files
> on
> the webserver...
>
> They are exploiting something... but can someone help here???
>
> the message people get is "Fatal Error ownz YOU"
> a number of groups on irc.brasnet.org are hitting thousands of websites...
> it will soon become a epidemic... unless the security is not addresses...
>
> so i am stating this thread so people can discuss it... can anybody help
> here... as I know poieple who have already been hit by this...
>

<Jay_Reborn@discussions.microsoft.com> wrote:

>There has been a sudden increase from hackers changing the the root files on
>the webserver...

>They are exploiting something... but can someone help here???

>the message people get is "Fatal Error ownz YOU"
>a number of groups on irc.brasnet.org are hitting thousands of websites...
>it will soon become a epidemic... unless the security is not addresses...

>so i am stating this thread so people can discuss it... can anybody help
>here... as I know poieple who have already been hit by this...

"Jeff Cochran" <jeff.nospam@zina.com> wrote in message
news:4134374f.579407063@msnews.microsoft.com...
> On Sun, 29 Aug 2004 16:25:01 -0700, "Jay_Reborn"
> <Jay_Reborn@discussions.microsoft.com> wrote:
>
> >There has been a sudden increase from hackers changing the the root files
on
> >the webserver...
>
> There may need to be a sudden increase in the skill level or knowledge
> of the webmaster... :)
>
> >They are exploiting something... but can someone help here???
>
> Not without a lot more detail.
>
> >the message people get is "Fatal Error ownz YOU"
> >a number of groups on irc.brasnet.org are hitting thousands of
websites...
> >it will soon become a epidemic... unless the security is not addresses...
>
> So address it. It's an administrator issue, not a security issue.
>
> >so i am stating this thread so people can discuss it... can anybody help
> >here... as I know poieple who have already been hit by this...
>
> First, get that system unplugged from the internet. Now. Next,
> flatten it. Reformat and reinstall from scratch, applying all the
> service packs and hardening the box before you reconnect it to the
> internet. Then stop using the server for browsing the internet,
> answering email, hitting the IRC channels or any other *client*
> application.
>
> See the Microsoft site for security checklists. And next time you
> have a problem, post details that would help. Like the operating
> system you use for example. Event logs, IIS log entries, security
> audit logs, firewall logs and so on.
>
> Jeff

"Miha Pihler" <mihap-news@atlantis.si> wrote in message
news:uoHdr4pjEHA.3896@TK2MSFTNGP15.phx.gbl...
> One thing that you can do is burn a content of webpage to a CD and run it
> from there. I would like to see the hacker that changes that index.asp (or
> any other) file :-)
>
> Mike
>
> "Jeff Cochran" <jeff.nospam@zina.com> wrote in message
> news:4134374f.579407063@msnews.microsoft.com...
>> On Sun, 29 Aug 2004 16:25:01 -0700, "Jay_Reborn"
>> <Jay_Reborn@discussions.microsoft.com> wrote:
>>
>> >There has been a sudden increase from hackers changing the the root
>> >files
> on
>> >the webserver...
>>
>> There may need to be a sudden increase in the skill level or knowledge
>> of the webmaster... :)
>>
>> >They are exploiting something... but can someone help here???
>>
>> Not without a lot more detail.
>>
>> >the message people get is "Fatal Error ownz YOU"
>> >a number of groups on irc.brasnet.org are hitting thousands of
> websites...
>> >it will soon become a epidemic... unless the security is not
>> >addresses...
>>
>> So address it. It's an administrator issue, not a security issue.
>>
>> >so i am stating this thread so people can discuss it... can anybody help
>> >here... as I know poieple who have already been hit by this...
>>
>> First, get that system unplugged from the internet. Now. Next,
>> flatten it. Reformat and reinstall from scratch, applying all the
>> service packs and hardening the box before you reconnect it to the
>> internet. Then stop using the server for browsing the internet,
>> answering email, hitting the IRC channels or any other *client*
>> application.
>>
>> See the Microsoft site for security checklists. And next time you
>> have a problem, post details that would help. Like the operating
>> system you use for example. Event logs, IIS log entries, security
>> audit logs, firewall logs and so on.
>>
>> Jeff
>
>