Well what they tried to do with me was block the site, and take it down. They didnt get very far. Im on the latest stable build of apache, php etc. So its not all that easy to get in, Im no dumb when it comes to permissions and my layout of the structure is certainly not basic, or have any obvious holes.
All I can assume happened is that they piggybacked in on some script, or expoilted some script. So for now I am removing all php from every site, and rechecking all permissions.
Basically they could of taken whats there, and to be honest thats very little. Some images, pdf files and doc files.[/quote:3856b6f21f]
ya denial of service is the most common attack.
pretty easy to do as well, just send a bunch load of requests to open connections, before the previous one has time to time out. So you end up chewing up ports, (consequently when you open a port apache stores the states of the connection requested) so you chew up memory also and no-one else can get a connection.
permission errors are often very hard to spot because of directories and sub-dir often having different props, but sounds like your confident enough there okay, so thats 1 less thing to worry about ;)
have you any asp on the site? because that thing is full of exploits. also make sure windows or whatever you use has all security patches, because a windows exploit can allow this too.