xml databases

Over the weekend, a client of mine was hacked, part of what seems to have been a broad, rootkit based attack that took out a number of sites in what appeared to be prep work for zombification of servers for spam delivery. I won't give out the details of this particular incident, as we're still trying to figure out the exact exploit, but it brought to light a few facets of emergency preparedness that should be thought about when dealing with XML databases in particular. Read more »

This article (and the accompanying comments) were originally posted on Nov 10, 2009. Because I think many of the comments are as useful as the initial article, I'm including them as addenda to the article. I hope to have more information on Xorion shortly, as it's developing rather nicely. -- Kurt Cagle Read more »