I host several forums, phpbb, phpbb3 and SMF (my personal favourite being the heavily modded phpbb). The questions i have are firstly, is anyone bored depressed and lonely enough to take on an attempt to discover just what vulnerabilities are left and let me know what holes exist, so that I can go back down into the engine room and patch any holes found.
We have survived several attempts from the dark side, partly due to my keeping an eye on vulnerability sites and applying patches and partly because I am one of the most pedantic people ever born about backups (in particular database backups), but since the phpbb board is my favourite I suppose I have spent considerably more time looking out for it, then I have for the SMF or Phpbb3 boards and i would hate to lose one or more of the forums simply because of an open doorway in another forum I am hosting. (Well, I am hosting is not strictly accurate as I pay for hosting here in Australia with one of the better companies and thus far, their attitude to security seems fairly solid).
Secondly, forensics... Are there any good tools out there that allow an indepth analysis of where someone did get in, where they came in from etc?
Thanks for your thoughts in advance...
Oh and I can provide evidence of site ownership in both the certificates and identification (figured since this place is ethical, that would be a must...)