what I don;t understand about this, is how could they know that this was the exploit the hacker used, what if there is something else?
The attacker left some binaries lying around, and an analysis of their contents showed up code pointing at that particular exploit. It is, of course, conceivable that the attacker might have used some other unknown mechanism, and left the binaries around to mislead them into believing that particular attack was used. But that is rather like finding your home burgled, and, seeing normal burglary tools lying around, assuming that it was, instead, black-ops NSA agents trying to make it LOOK like an ordinary burglary. Forgive me if I were to wonder, in such a case, if you were not just a little bit off your rocker... -- let name="cbbrowne" and tld="ntlug.org" in name ^ "@" ^ tld;; http://www3.sympatico.ca/cbbrowne/spreadsheets.html Rules of the Evil Overlord #96. "My door mechanisms will be designed so that blasting the control panel on the outside seals the door and blasting the control panel on the inside opens the door, not vice versa." <http://www.eviloverlord.com/> -- The Toronto Linux Users Group. Meetings: http://tlug.ss.org TLUG requests: Linux topics, No HTML, wrap text below 80 columns How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml