Hi all,
I have win2k advanced server with IIS 5.
I recently (within the last 24 hours) had someone hack into my system. They did somthing so that whenever any one of my sites post information to the server via a form, or whatever, it stops the site, and displays a page that they designed, with the same url that was originally the target. I've gone all through the code, but it's not there, and makes sense to me that it's not since it's all my sites, whenever users log in (via database authentication).
Does anyone know how this could be done? My guess is they altered IIS files somehow, but if anyone knows what exactly may have happened, or how to cure it without totally reloading, I'd really appreciate it!!
-Ovatvvon :-Q
I have win2k advanced server with IIS 5.
I recently (within the last 24 hours) had someone hack into my system. They did somthing so that whenever any one of my sites post information to the server via a form, or whatever, it stops the site, and displays a page that they designed, with the same url that was originally the target. I've gone all through the code, but it's not there, and makes sense to me that it's not since it's all my sites, whenever users log in (via database authentication).
Does anyone know how this could be done? My guess is they altered IIS files somehow, but if anyone knows what exactly may have happened, or how to cure it without totally reloading, I'd really appreciate it!!
-Ovatvvon :-Q
)}