I manage a small website. I went over the logs this morning and found a number of pages or page references on the site that should not have been there. Most were of the format
"/_vti_bin/". I did a search for the term and learned about the Front Page debacle.
I couldn't get a good idea of how these files got there or what damage they could do. What little I did understand was that a visitor to my site had an infected machine that tried to upload or access Front Page directories. Apparently, FP has MANY weaknesses that allow hackers to take over sites that were made using that software. Most of the info I read said that if FP was not used to write and upload the site files, and if the site is NOT on a Windows server (mine is on a Linux server.) then there was little to worry about.
Can anyone add to or correct this information? What are the risks regarding these VTI files? Despite the fact that they are listed in the logs of visited pages, I can't find them in the site's directories to delete them. This is very new to me and I need help with it. Thanks in advance.
BTW: I should add that I noticed these files only in the past 7 - 10 days.
