hax0rs are the suck
aha, i think i’ve finally figured out how i got hacked. the stats software i’ve been using for the last couple years, awstats, seems to be vulnerable to buffer overflows, and this resulted in some backdoor software getting installed – dc.pl and r0nin. evil stuff. i think i’m clean for now, and i’ll have to investigate whether there’s a newer and less vulnerable version of awstats. my apologies for the downtime. not that anyone really noticed.
update: yup. awstats 6.2 and below are vulnerable. guess who was running 6?