RE: Part of the web page being MODIFIED !

[sanjay.patel () rexwire com]

How many people complaint? If the image has not changed on your server
and the code on the web page is still the same than I would wait for it
to happen again t someone else. You are trying to troubleshoot a maybe.

As a precaution go through your web logs and all the error logs see if
you fin something unusual regarding that image or a redirect.

-Sanjay

-----Original Message-----
From: Frank Cheong [mailto:chocobofrank () hotmail com] 
Sent: Sunday, November 24, 2002 11:37 PM
To: security-basics () securityfocus com
Subject: Part of the web page being MODIFIED !




I got one serious question that is I received complains regarding one of

the image on my web site has been modified by a PORN picture ! While the

image have resumed normal during the second visit.

After receiving the complains, I have of course double checked the GIF 
image's filesize and date timestamp found that it is completely normal. 
Therefore, the image haven't been modified. So I do want to know what is

the possibilities in doing this ?
(Like HTTP session hijack, proxy poisoning, someone doing man in the 
middle etc) any other ways to do that ?

As these activities mostly happens outside my server boundry, I assume I

can't do anything with it, how about any outside parties ?

As I know going for SSL maybe one of the alternative to stop this but
this 
will add on extra processing on my website and it will make it slow. So
I 
don't want to go for it, any other way to secure against this ?