PDA

View Full Version : Tip for server people


robyextreme
June 16th, 2004, 08:27 AM
TIPS:

Never use weak/obvious passwords. (i.e. your name, dates, password, or a variation of password. Use an alpha-numeric password with special characters as well. Such as N9j3-0.y
(Hint: you can use a phrase like 'i drink 2% milk')

Close all ports on your server that do not need to be open, ssl or ssh and such. Get a firewall to monitor the ports that are open and to monitor your ports activity. (Zone Alarm, or Black Ice, if you have XP just simply use the built-in firewall if you dont want the others)

Get an Anti-Virus program like Norton; this will help prevent any applications that are virus-infected from slipping into your machine.

If you use a database like SQL make sure youre defended against SQL injections. If you have login don't allow the user to see the password. Or get the file that the password could be in. or even encrypt the password in a file that they user should not have permission to view. Use a server side scripting language like php so the user can only see what you allow them to see in your code.

Look into the theories of Defense in Depth.... basically, setup several defense mechanisms so an attacker would have to go through many levels of defense.

Most people dont have servers but this is for the ones that do :)
such as me .

^^NICK^^ v.3.0
June 16th, 2004, 10:02 AM
I think I have Norton anti-virus thing, but I think I still have a bit of spy-ware from when I used to use Kazaa. Now I use Limewire, and it's spy-ware free!

aaaaaa
June 17th, 2004, 05:52 AM
I figure you're going to read this at one stage, as you keep rejoining and probably will until you get the message we don't want you.

Now, for my point.
Stop being so darn condecending.
You are *not* a hacker.
I knew from your first post that you weren't.
Those of us who know anything don't brag about it.
We don't use pre-packaged pr0t-scannerz to scan a websites ports.
And we don't threaten to 'hax0r' a forum full of people smarter than you, in the event we get banned.
Ya'know, I did a little research on you, and, as much as you'd like to be a hacker (registered on two hacking forums I was able to find) you're just not.
You say yourself that you're 'just starting out'.
You don't even know C++.
You're *learning* it.
You think that you can hack through MSN and AIM, when you don't even know how to read a netstat output.
One particually amusing post was about a 'good noob hacking site'.
For hacking with DOS. Heck, I bet you don't even understand how DOS, Command and CMD are different. I'd be suprised if you knew a bloody thing about the link you posted, because you're "still learning anyway here"

Ladies and Gents, Boys and Girls, Peons and Admins (And Abby XD).
What we have here is a skript kiddie a little too high on himself.
Quite definately no hacker.
But I'd hope you all already knew that.


Edit: I appologise to all involved in the maintaining and regulation of this forum if this came across a little harsh.
But it's almost midnight here, and I been dying to take this twit down a notch.


Eh, he's gone and as a1337a pointed out, he didn't know all that much. So I'm just gonna quietly close this thread, so that we don't have to be dealing with this kinda stuff again... ~Jkaizer