mailing list archives
Re: Part of the web page being MODIFIED !
From: Lim Ghee Lam <gllim () ewarna com>
Date: 26 Nov 2002 17:02:18 +0800
Have you tried using any file integrity checking ? A better one is like
md5 checksum.Have you consider using tripwire or the like ?
Session hijack in my opinion unlikely, normally happen on telnet, rpc
connections which are in ESTABLISHED state.
To me it looks like more of arbitrary code execution in your web server.
What system and web server you are running anyway? You didn't describe
LIM GHEE LAM