Re: Re: [OT] - HELP PLEASE we've been hacked.

["Mark Harrison \(Yahoo!\)" <mph@xxxxxxxxxxxxxxx>]

>   I appreciated your laughter - but was looking for something a little
more
> constructive...

I think that Chris gave good advice.

>   Surely formating is not the only solution - i assume my IIS security
> patches were not upto date. - looking for suggestions to remove
without
> formatting preferably.

Alas, with the nasty hacker types out there, there is no substitute. There
WILL be back doors :-(


In my opinion, Chris only went half way. "Format and consider
installing a
different web server" would have been my recommendation.

- I do not say this out of some dislike of Microsoft - I think that they
write a lot of great software.

- I do not say this out of some geek-like desire to only use free software
-
I think that non-free (as in costs money) has its place, and that non-free
(as in Open Source) has its place.

- I do not say this because ANY web server is bug-free and exploit-free - I
can only think of one piece of code that I _trust_ to be bug-free, and
that's the core from the Inmos T8000. [bonus points to anyone who can tell
me WHY I make that claim.]

The Microsoft web product set suffers from one fundamental design flaw - I
am hard pressed to think of a single high-profile (on a global scale) site
that uses it, with the exception of sites where Microsoft has committed
significant development funding.

If your webserver is primarily static HTML, then moving away from IIS to
something like Apache would be straightforward.

If your webserver is more complex, and relies on backend databases, then
migration would, obviously, be much more complex.

>   Oh and without having to resort to paying people :)

No problem - continue to ask away here. Of course, if you do decide you
have
budget... :-)

Regards,

M.



UK Home Automation Meet 2004 - BOOK NOW!
http://www.ukha2004.com

http://www.automatedhome.co.uk

Member Offers - http://www.freeranger.co.uk/ukha