Vishal - 8:27 am on May 30, 2009 (gmt 0)
Noticed the JS injection on one of our site. After looking into details and asking around, found that it would be good idea to use SFTP instead of regular one.
Even though the JS injection was mainly on the content page, I thought it would be best to restore the site from clean backup and it seemed to have solved the problem.
What's the best way to monitor your sites for these sorts of attacks? Manually checking the source isn't a good way to be safe.
This injection was inserting a code from a #*$!x.cn website and I found it while working on the site (firefox + firebug addon) Not sure if it would be recommended to check all the pages manually - it can take ages.