Yes, we did that and also noted the username and IP address from where the FTP upload originated.
matthew black information technology services california state university, long beach -----Original Message----- From: Michael J Wise [mailto:mjw...@kapu.net] Sent: Wednesday, June 27, 2012 12:37 AM To: nanog@nanog.org Subject: Re: DNS poisoning at Google? On Jun 27, 2012, at 12:06 AM, Matthew Black wrote: > We found the aberrant .htaccess file and have removed it. What a mess! Trusting you carefully noted the date/time stamp before removing it, as that's an important bit of forensics. Aloha, Michael. -- "Please have your Internet License and Usenet Registration handy..."
