The recent cracks of the DOJ, CIA and Dole web sites have caused me to think about just what is going on here. Do you suppose that these entries were made via the httpd route, maybe via cgi-bin, or just a straight telnet-type entry to the server? I don't know what operating systems were involved with these three systems, or even if it was the same in all cases. I expect that there have been other such break-ins that we have not heard about. The speed with which the attacks are made, and the completeness of the hack seems to indicate that someone knows something. As a long-time Unix Sys Admin, I am aware that most security holes are due to piss-poor administration, with a few system holes that may be exploited by the reasonably sophisticated, but I am not aware of any glaring holes in the httpd code. I suppose it's stupid of me to think this, but I would have though that these three sites in particular, would have cleaned-up their act in this respect. I suppose that it is possible that there is a route back, through the browser, but this doesn't seem very likely, even with a thoroughly hacked, custom browser. Does anyone have any ideas about these attacks, how and where the entry was made, which operating systems were involved, etc? Cheers, -paul