14 Sep 2011

Brute Forcing scripts, IDS, and open phpinfo() page...

phpinfo(). Trying to brute force servers is dumb… especially while leaving your phpinfo() online. Wouldn’t have gotten into these systems using those defaults but I still sleep safer at night with an active response IDS. /wave @ probably compromised box.