Author Topic: pahelp nmn poh regarding sa security for a site? (Read 2541 times)

-=Kurabo=- · « **on:** April 26, 2007, 05:03:36 am »

may alam poh b kau n software or ibng praan pra hndi mahack ung site??.. kc may problem kmi s

site ng skul nmin plague n lng hinahack ng mga tga ibang bansa, ang sbi naku2ha daw kc ung ip

address kya napa2sok.. kya hndi nmin naga2mit.. ung last time n ng hack is c dj kahil.. pano poh

b maprevent ung ganun??.. kc kung gnun pwede rin tong espiya mahack?

Uncle_bob · « **Reply #1 on:** April 26, 2007, 05:52:50 am »

Naku mabigat bigat yan... hm... try mong tanong c SD kung anong security gamit nya.. hindi kasi ako masyadon magaling sa security...

jrkabayo · « **Reply #2 on:** April 26, 2007, 06:05:46 am »

firewall lang

yonipspy · « **Reply #3 on:** April 26, 2007, 06:22:59 am »

baka naka off ang firewall mo? try use kav bro... d best

coated_pill · « **Reply #4 on:** April 26, 2007, 06:27:07 am »

May gamit ako dati magaling den.. PRO PORT pangalan ng software.. pero wala na ako copy eh.. try mo na lang google ^_^

Telesforo · « **Reply #5 on:** April 26, 2007, 06:33:34 am »

Quote from: kurabo on April 26, 2007, 05:03:36 am

may alam poh b kau n software or ibng praan pra hndi mahack ung site??.. kc may problem kmi s

site ng skul nmin plague n lng hinahack ng mga tga ibang bansa, ang sbi naku2ha daw kc ung ip

address kya napa2sok.. kya hndi nmin naga2mit.. ung last time n ng hack is c dj kahil.. pano poh

b maprevent ung ganun??.. kc kung gnun pwede rin tong espiya mahack?

Konting katanungan lang po.

1. Kayo po ba mismo sa school nyo ang nagho-host ng website/webspace nyo?
2. Anong OS po ng server nyo? MS Windows or Linux?
3. Anong Webserver engine nyo? IIS or Apache or

4. Paano ang network setup nyo? Meron po ba kayong firewall (hardware)?
5. Paanong hack ang ginawa? pinapalitan ba yung web pages nyo or dina-down lang yung webserver nyo (attack mode)?

Base sa mga tanong ko pwede nating malaman ang exact problem nyo. Hindi lang po basta application ang nakaka solve ng problem nyo.

djlove · « **Reply #6 on:** April 26, 2007, 07:44:16 am »

anong site ba yan school information or may money transaction prang online enrollment system

please try to elaborate your problem para madali masgot

-=Kurabo=- · « **Reply #7 on:** April 27, 2007, 01:49:35 am »

Quote from: Telesforo on April 26, 2007, 06:33:34 am

Quote from: kurabo on April 26, 2007, 05:03:36 am
may alam poh b kau n software or ibng praan pra hndi mahack ung site??.. kc may problem kmi s

site ng skul nmin plague n lng hinahack ng mga tga ibang bansa, ang sbi naku2ha daw kc ung ip

address kya napa2sok.. kya hndi nmin naga2mit.. ung last time n ng hack is c dj kahil.. pano poh

b maprevent ung ganun??.. kc kung gnun pwede rin tong espiya mahack?

Konting katanungan lang po.

1. Kayo po ba mismo sa school nyo ang nagho-host ng website/webspace nyo?
2. Anong OS po ng server nyo? MS Windows or Linux?
3. Anong Webserver engine nyo? IIS or Apache or
4. Paano ang network setup nyo? Meron po ba kayong firewall (hardware)?
5. Paanong hack ang ginawa? pinapalitan ba yung web pages nyo or dina-down lang yung webserver nyo (attack mode)?

Base sa mga tanong ko pwede nating malaman ang exact problem nyo. Hindi lang po basta application ang nakaka solve ng problem nyo.

answer:
1.yes kmi poh mismo nagho2st ng server nmin
2. Linux
3.Apache
4. La poh akong idea eh.. bsta pngatlong beses n toh gnwa n lhat ng modifications pero aun
5.pinpalitan webpages nmin.. minsan nmn as in totally n nwa2la

tnx rin poh pla s mga 2long ng iba

-=Kurabo=- · « **Reply #8 on:** April 27, 2007, 01:50:44 am »

Quote from: djlove on April 26, 2007, 07:44:16 am

anong site ba yan school information or may money transaction prang online enrollment system

please try to elaborate your problem para madali masgot

school information.. d2 rin kmi nagd2ownload ng lecture nmin

Synapse · « **Reply #9 on:** April 27, 2007, 04:50:51 am »

Either Windows or *nix Systems ang OS mo depende na sa security yan but i would suggest using Fedora Core or FreeBSD nad pde ring OpenBSD. Set some firewall rules, accesss control list and kung maari eh mag lagay ka ng DMZ. Now, if you're using PHP, see to it na tama ang mga codes mo. Dapat walang flaws sa mga scripts. Ayusin mo rin ang structure ng back-end databse mo baka prone ka sa SQL Injection. There are a lot of ways to hijack a site. Sql Injection, XSS, or just by simply exploiting you un-updated box.

Try to hack your site first para malaman mo kung ano ang weakness ng systems mo.

This will help you..

www.google.com
www.insecure.org
forum.hackinthebox.org
www.fedoraforum.org

magtanong ka lang and be gentle...

Telesforo · « **Reply #10 on:** April 27, 2007, 05:06:53 am »

Quote from: kurabo on April 27, 2007, 01:49:35 am

answer:
1.yes kmi poh mismo nagho2st ng server nmin
2. Linux
3.Apache
4. La poh akong idea eh.. bsta pngatlong beses n toh gnwa n lhat ng modifications pero aun
5.pinpalitan webpages nmin.. minsan nmn as in totally n nwa2la

tnx rin poh pla s mga 2long ng iba

Quote from: Synapse on April 27, 2007, 04:50:51 am

Either Windows or *nix Systems ang OS mo depende na sa security yan but i would suggest using Fedora Core or FreeBSD nad pde ring OpenBSD. Set some firewall rules, accesss control list and kung maari eh mag lagay ka ng DMZ. Now, if you're using PHP, see to it na tama ang mga codes mo. Dapat walang flaws sa mga scripts. Ayusin mo rin ang structure ng back-end databse mo baka prone ka sa SQL Injection. There are a lot of ways to hijack a site. Sql Injection, XSS, or just by simply exploiting you un-updated box.

Try to hack your site first para malaman mo kung ano ang weakness ng systems mo.

This will help you..

www.google.com
www.insecure.org
forum.hackinthebox.org
www.fedoraforum.org

magtanong ka lang and be gentle...

Tama po si Synapse baka masyadong lax ang firewall rules and ACL. Kalimitan na inaatak sa linux based ay ang Sendmail at mySQL nya. So kung hindi mo naman ginagamit ang mga yun pwede mo na rin i-disable to run as service. Try Fedora Core 6 as a test environment. Then give us your IP para ma test namin ang credibility ng Firewall mo.

DMZ is a good idea also.

Inalis ko muna sa Inet yung Linux box ko pahiram ko muna sayo para sa test config.

check mo na lang baka ibalik ko sya this week. So far ngayon naka point ako sa IIS http://telesforo.myftp.org your welcome to hack my simple router.

Need Help? Contact the Espiya Helpdesk. CLICK HERE

News:

Author Topic: pahelp nmn poh regarding sa security for a site? (Read 2541 times)

-=Kurabo=-

pahelp nmn poh regarding sa security for a site?

Uncle_bob

Re: pahelp nmn poh regarding sa security for a site?

jrkabayo

Re: pahelp nmn poh regarding sa security for a site?

yonipspy

Re: pahelp nmn poh regarding sa security for a site?

coated_pill

Re: pahelp nmn poh regarding sa security for a site?

Telesforo

Re: pahelp nmn poh regarding sa security for a site?

djlove

Re: pahelp nmn poh regarding sa security for a site?

-=Kurabo=-

Re: pahelp nmn poh regarding sa security for a site?

-=Kurabo=-

Re: pahelp nmn poh regarding sa security for a site?

Synapse

Re: pahelp nmn poh regarding sa security for a site?

Telesforo

Re: pahelp nmn poh regarding sa security for a site?