Oh, yea, I agree - most hackers go for much low level stuff - but in this case it _was_ a web application error. I figure the network admin should handle his/her part - and I (as the web developer) should handle my part as well. I've got a funny story about a spammer's web site that I'll tell you one day... but not publicly. ;)
======================================================================= Raymond Camden, ColdFusion Jedi Master for Hire Email : [EMAIL PROTECTED] Yahoo IM : morpheus "My ally is the Force, and a powerful ally it is." - Yoda > -----Original Message----- > From: Jochem van Dieten [mailto:[EMAIL PROTECTED]] > Sent: Saturday, September 21, 2002 11:41 AM > To: CF-Community > Subject: Re: Do you want to know how RIAA.org was hacked? > > > Raymond Camden wrote: > > One of the things I teach in my security class is to NOT use such > > obvious folders as admin. > > > > For fun - visit a few sites and add /admin to the end of > the URL. Take a > > wild guess how many admin modules you will find. Even if they are > > protected, I would recommend using a different name - > anything to slow > > down the hackers. > > How many people hack websites, i.e. the scripts on a server? I think > most people hack servers. (With the possible exception of > some packages > with known bugs such as PHP Nuke, the IIS admin etc.) > > Jochem > > ______________________________________________________________________ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
