Typically, what happens is you own or rent an off-site server that you upload your files to with FTP. The web server (usually Apache) then runs the forum scripts which try to edit the files you uploaded. The FTP program has one username, and the webserver has another. Unless the file you uploaded (which has an owner of your username, typically) is set to 777, the web server can't make the needed changes. Most servers, Apache uses the username and group "apache". If you have command line access (such as telnet) to the server, you can change the owner of the file using the chown command. After you upload the bbs files, chown them all so they are owned by the web server. That way the server can edit them as needed. HOWEVER, before you change the owner, use chmod and make sure read is set to all (7). Otherwise, after you change the owner, your FTP user will not be able to download the file. Also bear in mind, this change is final, you will not be able to delete or edit the file directly. You would actually have to create a script and upload it, and have the server delete the file.

As far as identifying the attack, this depends on the server and the method of the attack. What type of file was altered - a configuration file, a log, or a file containing bulletin board text? Also, do you have a shared or dedicated server, or is this a server you own?

__________________
The best way to learn anything, is to question everything.