On Sun, Jan 13, 2008 at 02:14:04PM -0500, Mark Weaver wrote: > those patches didn't do much for keeping one of my systems from being > breached via php. from the looks of the web server logs as well as the > messages log file that's where they got in. > > being the anul sort I am I first thought they'd breached the system > through ssh, but that wasn't the case. I'd be willing to bet it was an application-specific hole that was utilized to breach your system. Ray