TOPIC:

[quote:2zw2r5ot]I'd never use defaults [/quote:2zw2r5ot]

Never thought you would Barry <!-- s:wink: --><img src="{SMILIES_PATH}/icon_wink.gif" alt="" title="Wink" /><!-- s:wink: -->

You never know. Some people do, even on live systems! <!-- s:D --><img src="{SMILIES_PATH}/icon_biggrin.gif" alt="" title="Very Happy" /><!-- s:D -->

I'm kinda worried how they would get the password now though, if it was plain FTP. At least if it's FTP they wouldn't have gotten into the DB. Not used to this hacking stuff. Just don't get the point either <!-- s:( --><img src="{SMILIES_PATH}/icon_sad.gif" alt="" title="Sad" /><!-- s:( -->

Just so they can say, hey I did that.

Stupid Iframe muppets.

They only seem to (in my case) change index.htm and index.html files. None of the others were changed.
Oh and index.php too I think.


Oh one other possible way to get the password is where they are saved in a web browser or FTP app. I do not save them any more.

Or maybe there's a mole within the oragnisation?! <!-- s:? --><img src="{SMILIES_PATH}/icon_confused.gif" alt="" title="Confused" /><!-- s:? -->

<!-- m --><a class="postlink" href="">

Hmm, I use a desktop FTP App, and do have the password saved. Wouldn't they have to get into my machine somehow to access that (encrypted) saved password? I'm fairly confident with my network security at home.

The other thing is that this could be from a security hole in Joomla itself (or a module of Joomla) or phpBB. They are both old versions, so there could easily be a hole, and the plan was to leave it as such till migrating to Beoir. If I don't find any changed pages, and changing passwords doesn't stop another hack, we'll have to migrate the site early (while keeping it ICB till July or just move to the Beoir site anyway).

Atticus, you can lead the inquisition <!-- s:D --><img src="{SMILIES_PATH}/icon_biggrin.gif" alt="" title="Very Happy" /><!-- s:D -->

Ah yes Joomla is also a possible culprit. I had to update my sites with the latest Joomla and Wordpress versions when it happened to be on the safe side.