On Tue, Jul 18, 2006 at 06:19:57PM -0700, Alan Dayley wrote:
> 
> Thanks, JD.  Good advice.
> 
> I am in contact with Integrum.  The site was, in fact, cracked via the
> ext_calendar component that I thought I had patched.  Integrum caught it
> early this morning and took the site off line to thwart the attack.  We
> are now discussing the means of getting back online without re-instating
> the vulnerability.
> 
> It will probably be tomorrow before the site is back online simply
> because Integrum has been handling issues with it since very early this
> morning.  They need to leave it for a while.
> 
> I thank them for their efforts and support!
> 
> I'll be on the phone with them tomorrow morning.  I'll keep updating
> status here in the list.

FYI, is the machine in question dedicated, or a shared hosting
environment?

If it's dedicated, it might be worth chrooting Apache. If it's shared it
might be chrooted already. It can help localize the damage in situations
like this.

Thanks for your efforts, Alan! It's not an easy job, and I appreciate
all that you do.

-- 
Darrin Chandler            |  Phoenix BSD Users Group
dwchandler@stilyagin.com   |  http://bsd.phoenix.az.us/
http://www.stilyagin.com/  |
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss