Hi, I have a really weird problem..... He hosted ( via hack ) his domain on one of our cpanel servers .. the place where he hosted his site was /usr/local/apache/.../ . I removed him from the server and he went and hosted it in one of my different servers...( actually, he tried it on many servers with that ip series.... ). Now, after removing him several times, he has switched to another hosts... I have been watching this site, and it's switching servers very easily.... the website in question is http://hothackers.com I really don't understand, how he edits the httpd.conf ( permission 644, owned by root ) file and add entries which he like... The kernel on our server is 2.4.29-ow1 ( The open wall kernel is meant to be a secure one )... And the kernels are statically compiled( monolithic kermnel ) to avoid module level hacking. He has hacked both the Redhat9 and CentOS servers..... cpanel is updated to the latest stable version... Any idea how he's hacking , and how it can be prevented? At the meantime, he doesn;t have any problem hosting his site for free on anywhere he wants... Luckily, he is not with me anymore... he seems to be on a server hosted by theplanet.... And all his files are under the ownership of bin.... Anyone had any such experiences before? Any ideas would be greatly appreciated.... Regards, Amal.