Great Reviews!Need help setting up your website, installing Apache, PHP, MySQL, or RavenNuke(tm)?Need help customizing or designing scripts?Please contact us via the Contact Us option for further details and pricing.
Looking for Great PHP Web Hosting at reasonable prices? Need some assistance setting up your own RavenNuke(tm) CMS driven site? Need help moving your existing site? Do you need customization to your RavenNuke(tm) site? How about FREE osCommerce applications? FREE Chat applications? FREE nightly backups? The latest cPanel Front end. MySQL, phpMyAdmin, Fantastico, and much more? Most of all, the security of knowing that your Host Administrator is one of the most knowledgeable RavenNuke(tm) and standard nuke support persons in the Community? If you want/need reliable Web Hosting and great PHP support, then Raven Web Hosting, a division of Raven Web Services LLC, is for you! Note that PHP scripts and applications will run better with
PHP
hosting because the servers are configured and optimized for the PHP environment. Click the following banner to visit the Web Hosting Site.
:: :: ::
RavenNuke(tm) v2.40.00 Released!
RavenNuke(tm) v2.40.00
On behalf of the RavenNuke(tm) Team I am excited and proud to announce the release of Raven CMS version 2.40.00. There are way too many enhancements and changes to list them here. Please read the Change Log for specifics.
One very important announcement, however, is the release of our new Wiki! While it does contain most all of the data that was formally contained in the HowToInstall section, it is very much a work in process. For the time being we are limiting editing to the RN Team and/or by invitation only. Once we stabilize a bit more it will be opened up :). Please bear with us during this transition time :). Access the Wiki at Raven CMS Wiki
We have added some new themes and converted some old ones. We are still working on some of them.
In any event, please have fun, read the Wiki documentation, and try to find solutions before posting issues :).
PCI 101: Getting Started on the Path to Compliance
The Payment Card Industry Data Security Standard (PCI DSS) was developed by the major credit card companies to help prevent credit card fraud and security vulnerabilities and threats. Companies that process, store or transmit payment card data must be PCI DSS compliant, and must validate compliance periodically.
During this event, a Trustwave expert will describe in detail the 12 requirements and how to meet the terms of the PCI DSS. Level 4 merchants and those who are just beginning the compliance cycle will find this webinar useful.
Posted by Raven on Thursday, February 04, 2010 @ 18:48:55 EST (19 reads) ( | Score: 0)
Meet the latest open source software developer: Facebook?
kguske writes "
That's right. Facebook is a technology company, serving billions and billions of pages each week (actually, over 100 billion per week, but I couldn't resist a nod to Carl Sagan and McDonald's). And doing so efficiently. So it should come as no surprise that the company has developed some unique software. On Feb. 2, the company released HipHop for PHP.
What is HipHop for PHP? Facebook describes it as:
...a source code transformer. HipHop programmatically transforms your PHP source code into highly optimized C++ and then uses g++ to compile it. HipHop executes the source code in a semantically equivalent manner and sacrifices some rarely used features — such as eval() — in exchange for improved performance. HipHop includes a code transformer, a reimplementation of PHP's runtime system, and a rewrite of many common PHP Extensions to take advantage of these performance optimizations.
This is a fascinating look behind the scenes of arguably one of the most successful websites ever (and certainly, one of the most successful PHP-based websites). But do so quickly before Google, Oracle or someone with higher revenues and / or stock valuation decides to snatch Facebook up...
"
Posted by Raven on Thursday, February 04, 2010 @ 00:12:14 EST (15 reads) ( | Score: 0)
InfoWorld compares 8 PHP IDEs
kguske writes "
InfoWorld reviews 8 PHP integrated development environments (IDEs): ActiveState's Komodo IDE, CodeLobster PHP Edition, Eclipse PHP Development Tools (PDT), MPSoftware's phpDesigner, NetBeans IDE for PHP, NuSphere's PhpED, WaterProof's PHPEdit, and Zend Studio. Comparison factors include ease-of-use, tools, web & SQL support, documentation, installation and value.
And the winner is...
"
Posted by Raven on Wednesday, February 03, 2010 @ 20:48:20 EST (54 reads) (Read More... | 868 bytes more | Score: 0)
RavenNuke (tm) v2.40.01 Scheduled for release the week of February 7th!
The RavenNuke(tm) Team are excited to announce that RavenNuke(tm) v2.40.01 is slated to be released the week of February 7th! This release culminates months of debugging and a few enhancements. Also to be included with this release will be a minor upgrade to NukeSentinel(tm), including a complete IP2C table refresh!
Just a note as to the planned future for RavenNuke(tm). Keep in mind that nothing is ground in stone. How fast we move and how much we can incorporate in any given amount of time is solely dependent on the amount of time the RN Team (voluntary army) can devote to the project. After factoring in their family obligations, job obligations, sanity obligations (R&R), vacations, etc., they can then devote the time left to RN. Oh yes, I forgot a few other small details: eating, sleeping, and waste removal :wink:.
How can YOU help, you ask? The biggest help would be to get someone or a group of people or a company or a group of companies that use(s) RN to sponsor the future development! If there was a set/minimum amount of money allocated each month or for a set of months to be dispersed amongst the development then I'm sure that would be the incentive to work a little harder and to cut into all their extra time that they devote to other things. This would be the best and fastest way to help develop the next major release which is going to be leaps and bounds above what we have done so far.
Any takers? How about it? Anyone work for a company that uses RN? If so, please talk with your management and contact me personally at sponsorship@ravennuke.com. For an open discussion concerning Sponsorship, please use this forum:
Note:We had to move the release date out 1 week - sorry :)
Posted by Raven on Monday, February 01, 2010 @ 23:39:21 EST (21 reads) ( | Score: 0)
Malicious Google Job Application Response
Websense Security Labs(tm) ThreatSeeker(tm) Network has discovered a new malicious spam campaign that spoofs Google job application responses. The messages look very well written and are so believable that they are probably scrapes from actual Google job application responses. Typically, spam has grammatical errors or spelling mistakes that make the messages obviously unofficial and act as red flags. The text of these messages, however, has no such mistakes, making them much more believable--especially if the target really has applied for a job with Google.
The From: address is even spoofed to fool victims into believing the message was sent by Google. The messages have an attached file called CV-20100120-112.zip that contains a malicious payload. This is where the message gets suspicious, because the contents of the .zip file have a double extension ending with .exe. The attackers attempt to hide the .exe extension by preceding it with .html or .pdf, followed by a number of spaces and then the .exe extension. The .exe file (SHA1:80366cde71b84606ce8ecf62b5bd2e459c54942e) has little AV coverage at the moment.
Posted by Raven on Monday, February 01, 2010 @ 15:53:53 EST (24 reads) ( | Score: 0)
Firefox-based attack wreaks havoc on IRC users
Southern writes "World's first inter-protocol exploit, but not the last
Underscoring a little-known web vulnerability, hackers are exploiting a weakness in the Mozilla Firefox browser to wreak havoc on Freenode and other networks that cater to users of internet relay chat.
Using a piece of javascript embedded into a web link, the hackers force users of the open-source browser to join IRC networks and flood channels with diatribes that include the same internet address. As IRC users with Firefox follow the link, their browsers are also forced to spam the channels, giving the attack a viral quality that has has caused major disruptions for almost a month.
"Huge numbers of users of the Freenode network ended up getting banned themselves because they would click the link and then they would join the network and flood the network," one of the hackers, who goes by the moniker Weev, told The Register. "We get this huge rollover effect."
Posted by Raven on Monday, February 01, 2010 @ 03:32:25 EST (25 reads) ( | Score: 0)
Google to drop support for IE6, RN next?
kguske writes "Google announced today that it will "phase out support for Microsoft Internet Explorer 6.0 as well as other older browsers that are not supported by their own manufacturers."
Posted by Raven on Saturday, January 30, 2010 @ 00:27:36 EST (95 reads) (Read More... | 1574 bytes more | Score: 0)
Oklahoma Tax Commission Site Compromised
Websense Security Labs(TM) ThreatSeeker(TM) Network has discovered that the home page of the Oklahoma Tax Commission Web site has been compromised with malicious script code. The heavily obfuscated code has been injected at the bottom of the page.
The injected script code goes through a series of deobfuscation techniques that ultimately take the victim computer to an attack Web site without the victim's consent or knowledge.
At the time of this posting, the attack Web site is down, but it could come back up at anytime to carry out attacks against visitors to the Oklahoma Tax Commission home page.
Websense Messaging and Websense Web Security customers are protected against this attack.
Posted by Raven on Saturday, January 30, 2010 @ 00:21:26 EST (33 reads) ( | Score: 0)
IE vulnerability offers your files to hackers
Southern writes "Jorge Luis Alvarez Medina, a security consultant working for Core Security, has discovered a string of vulnerabilities in Internet Explorer that make it possible for an attacker to gain access to your C drive - complete with files, authentication and HTTP cookies, session management data, etc.
Exploitation of the vulnerability relies solely on the ability for a would-be attacker to provide malicious HTML content from a website and to predict the full path name for the file that will be used to cache it locally on the victim's system," says the advisory Core Security published. "If the entire path name can be predicted, the attacker can cause a redirection to the locally stored file using an URI specified in UNC form and force the local content to be rendered as an HTML document, which will permit to run scripting commands and instantiate certain ActiveX controls."
Posted by Raven on Thursday, January 28, 2010 @ 16:02:33 EST (34 reads) ( | Score: 0)
PHP SEC INFO
nb1 writes "PhpSecInfo provides an equivalent to the phpinfo() function that reports security information about the PHP environment, and offers suggestions for improvement. It is not a replacement for secure development techniques, and does not do any kind of code or app auditing, but can be a useful tool in a multilayered security approach
![[Valid RSS]](http://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
