Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.
Hi all, please see this major site announcement: https://www.boards.ie/discussion/2058427594/boards-ie-2026

how can i protect my site?

  • 26-01-2001 11:04PM
    #1
    damnyanks
    Registered Users, Registered Users 2 Posts: 4,276 ✭✭✭


    well i see a lot of ppl defacing sites on this board can someone tell me how they do this? through perl hacks or what? do they go for your database on the site? try to get through with telnet keep pinging your server until it crashes or what?


Comments

  • #2
    tHE vAGGABOND
    Registered Users, Registered Users 2 Posts: 6,693 ✭✭✭tHE vAGGABOND


    make sure where your site is hosted know what securtiy is for starters smile.gif


  • #3
    satchmo
    Registered Users, Registered Users 2 Posts: 1,481 ✭✭✭satchmo


    That's like asking "How do I hack a web page?", which is a bit of a broad question. However presumably you're not actually running the server yourself, so like Vaggabond said it's up to your hosting people to protect your site.

    That and a non-guessable FTP password.


  • #4
    ecksor
    Registered Users, Registered Users 2 Posts: 10,501 ✭✭✭✭ecksor


    <font face="Verdana, Arial" size="2">Originally posted by damnyanks:
    well i see a lot of ppl defacing sites on this board can someone tell me how they do this? through perl hacks or what? do they go for your database on the site? try to get through with telnet keep pinging your server until it crashes or what?</font>

    That's a bit like asking how a burglar gets into your house. It really depends on what you left open, or what he/she was able to break to get in. Sometimes machines run servers with flaws in their implementation that can be exploited, and often these exploits are made freely available to whoever wants them. Sometimes administrators make simple mistakes when configuring these services which attackers can take advantage of and do stuff that the administrator did not intend. Often on a website, the programmer coding the pages did not code in a safe manner which can give attackers an opportunity to write to files or execute commands on the server. Perhaps someone was careless with taking care of their username/password and this was grabbed and used. The list goes on and on and on ...


  • #5
    topgold
    Registered Users, Registered Users 2 Posts: 179 ✭✭topgold


    Ensure your web server has the latest patches. Most Irish defacements happen to sites known to have security holes because they're running about a year behind the manufacturer's recommended patch schedule.

    Subject your site to a security audit. Either let a script kiddie punch around your domain without threatening to bust him, or pay for the privilege of a seasoned hacker to sniff your ports.

    http://www.topgold.com/ubb/security/


Advertisement
Advertisement