Noticed a hack attempt today from ip “18.104.22.168”. They got in from a php exploit in the photo gallery. I’m working on upgrading the photo galleries right now. Should fix the problem. They used a rootkit called bindshell, which binds a shell to a specified port, problem is that the Apache user doesn't have any permissions outside of the Apache directory. Well, I'm keeping my eyes out now.. kind of a wake up call.