7.3 ( union hack ) +protector + hack alert

Worker Joined: Mar 11, 2004 Posts: 209

Hello

i wanna know is it possible to use all this together any comments appreciated thanks

Posted: Mon May 17, 2004 5:43 pm

7.3 ( union hack ) +protector + hack alert

7.3 comes with UnionTap3 and if using chatservs patch files a variation of the UNION Hack alert code.

The UNION TAP3 code should be updated to the UNION TAP 4x version or whatever its up to now. But really its doing the same thing as the UNION Hack prevention code Chatserv has added to the patched series. But anyway it should be updated because the UNION Tap3 code wasn't successful and was updated shortly after its release (Don't know if FB was sleeping that day or what?).

Many people here are using Protector and Hack Alert which seem to compliment each other well. The real question is do you need it?

There are things to consider before adding modifications like Protector.
1) It makes it harder to update when new patches and versions are available.
2) It will add to the strain your site puts on the server especially if its a crowded server or especially busy site.

So if your on a reasonably fast server have modest traffic and don't mind patching a couple extra files one in a while yes it will all run great under those specific circumstances.

Ravens Hack Alert script is only called up when a specific UNION attack occures or other error you've coded it to trigger on is fired off. Then it redirects the attacker and notifies you via email.

I think the "Official" recomendation here has been if you have used the current Chatserv Patched Series files your site is protected against all published exploits. Hack Alert used with the UNION Hack trap code to send you alerts and information about specific UNION Attacks (Or any other you code it to) and recently we are recomending a HTTP Basic Authentication because of the admin.php being impossable to protect using htpasswd protection. This we believe will make Admin hacks far to expensive (resource wise) to bother with.

Protector is a great tool for webmasters that adds protection against a wide variety of generic attacks and has some tracking and lookups. Along with an automated ban system.

To add fuel to the confusion there are a number of other 3rd party applications that all have some validity but due to the fact I don't use phpnuke myself anymore I haven't had the chance to try each and every one of them. Including Fortress which is about to fire up with a new release very soon. Here again givin the history of beta's I'd consider letting others to their debugging before I used it on a production site right now. The basic idea is very simular to that of HackAlert but it is being expanded as will Hack Alert the last I heard.

So to recap
Use the Chatserv Patched Series (Even on the latest 7.3 phpnuke)
Use HackAlert to help you trap evil doers.
Use extra level of Admin HTTP Basic Authentication protection.

This is as safe as it gets right now. And should be considered safe enough!

If you like and get some use out of Protector go for it! I just like to make sure people understand if they are lagging before they will crawl after installing it. Many of the members here do use it and swear by it.

All the rest out there you'll have to judge for yourself because there just ain't enough time to test them all. But keep in mind they all have some valid reason to exist its just a relatively new area for phpnuke and other then Hack Alert and Protector I haven't seen any others stand out above the rest. Time will tell and as we have seen lately technologies merge quickly in the phpnukers world.

Well good luck I'm oughta here or I'll need to publish this post as an E-Book!

Posted: Mon May 17, 2004 6:38 pm

I should add that I'm not picking on Protector here this is true of any extra tracking ect... its just that Protector does that and a little more too. Making it fair to say user be warned.

Posted: Mon May 17, 2004 7:08 pm

hello siX ty for little reply Shocked

its my bad it should be union tap instead union hack
i added chat's 2.4 patches
installed last hack alert
as i understand ( my english not well much ) these are enought for protecting but i dont understand what you mean with ''extra level of Admin HTTP Basic Authentication protection''

im tryin to use nuke for 2 months and you know what nuke is great except i cant sleep well at nites, i scare to open my site coz i think what if i hacked Sad

i was happy with my html site coz i was sleepin well at nites wasnt worriying to be hacked and wasnt have to follow forums everyday for see if any new patch is available . i would stop use nuke if i didnt see chatserv and raven they work harder and better than FB
regards and thank you again for your time for answer

Posted: Mon May 17, 2004 10:13 pm

Here is the thread where the addition of Admin HTTP Basic Authentication [ Only registered users can see links on this board! Get registered or login! ]
(A Second Layer Login For Admin) It is really the first works much like any login script but is extremely universal and very strong.

Posted: Tue May 18, 2004 4:47 am

thx six ill check it