Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
death_dream
Hangin' Around


Joined: Aug 10, 2006
Posts: 38

PostPosted: Fri Feb 02, 2007 4:15 am Reply with quote

Well my site hoster changed from Cpanel to VHCS controlling thing. Well I haven't been getting any emails saying people have tried to attack my site and been blocked. Maybe this means they stopped attacking but some how I doubt that.

I'm using NukeSentinel 2.5.00 and would like if someone could do some kind of penetration test on my site and tell me what I could do. My site is Only registered users can see links on this board! Get registered or login!

Besides that I have a couple questions.

Is there a way to block certain mail accounts? I got this one guy that keeps making BS accounts posting spam in my new's comments. I keep deleting him and he just makes more. Might be a bot but I don't know. He keeps using the @mail.ru extension.

And what is this HTTPAuth or CGIAuth I am told to enable it but I don't want to end up locking my self out of my own site.

Thanks in advance,
Death Dream
 
View user's profile Send private message Visit poster's website
hitwalker
Sells PC To Pay For Divorce


Joined:
Posts: 5661

PostPosted: Fri Feb 02, 2007 6:16 am Reply with quote

is the site constant on a subdomain ?
You dont have own domain ?

anyway, i checked your security and sentinel obviously works.
i got a 404 page saying it could not find abuse/abuse.html

so it works.
i could visit the site so that means hackers are stopped but not banned...
 
View user's profile Send private message
jakec
Site Admin


Joined: Feb 06, 2006
Posts: 3048
Location: United Kingdom

PostPosted: Fri Feb 02, 2007 7:07 am Reply with quote

You can block certain domains by using the string blocker in Sentinel. If you do a search in these forums you should find a post discussing this.
 
View user's profile Send private message
death_dream
PostPosted: Sat Mar 24, 2007 2:21 am Reply with quote

hitwalker wrote:
is the site constant on a subdomain ?
You dont have own domain ?

anyway, i checked your security and sentinel obviously works.
i got a 404 page saying it could not find abuse/abuse.html

so it works.
i could visit the site so that means hackers are stopped but not banned...


Sorry for the long delay in my reply I have been pretty busy.

Thanks hitwalker for checking my site out. My site is constantly on a sub domain because I am cheap lol.

As for the 404 error turns out I missed the one file out of everything else and it has been uploaded. So can you test it again for me?

Thank you,
Death Dream
 
hitwalker
PostPosted: Sat Mar 24, 2007 5:34 am Reply with quote

It works,but adding some suprises isnt realy effective.
i simply close my browser by windows tasks and gone you are.
i do suggest you dont use it.
 
death_dream
PostPosted: Sat Mar 24, 2007 7:32 am Reply with quote

I'm not really worried about the surprise thing I was really wondering if the user would be able to come back after one tried to abuse something.

Oh ya ... were you the guy that did the intel thing when you tested it?

~Death Dream~
 
hitwalker
PostPosted: Sat Mar 24, 2007 7:57 am Reply with quote

Quote:
were you the guy that did the intel thing when you tested it


Huh ?
What you mean ?
 
death_dream
PostPosted: Sat Mar 24, 2007 8:13 am Reply with quote

Code:
Date & Time: 2007-03-24 13:48:13 CET GMT +0100

Blocked IP: 1.1 178.27.232
User ID: Guest (1)
Reason: Abuse-Filter
--------------------
User Agent: Opera/8.52 (Windows NT 5.1; U; en)
Query String:
ddream.hostingposts.com/modules.php?name=http://www.intel.com?&d_op=viewdownloaddetails&lid=171&ttitle=Quake_4_Fortress
Get String:
ddream.hostingposts.com/modules.php?name=http://www.intel.com?&d_op=viewdownloaddetails&lid=171&ttitle=Quake_4_Fortress
Post String: ddream.hostingposts.com/modules.php
Forwarded For: none
Client IP: 1.1 178.27.232.72.static.reverse.layeredtech.com:50178
(squid/2.6.STABLE12)
Remote Address: 72.232.27.178
Remote Port: 34086
Request Method: GET


Some guy did that 3 times in less then a couple secs of each other. Was thinking that might of been you testing the site to see if it blocked the user or something. >.>

~Death Dream~
 
hitwalker
PostPosted: Sat Mar 24, 2007 8:16 am Reply with quote

no that wasnt me...
and i was curious so i looked again,im not banned..
 
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Sat Mar 24, 2007 2:30 pm Reply with quote

I've seen that attempt too. My guess is someone trying to look for vulnerabilities... if its vulnerable, then he'll hack with his real script

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
death_dream
PostPosted: Sat Mar 24, 2007 2:59 pm Reply with quote

hitwalker wrote:
no that wasnt me...
and i was curious so i looked again,im not banned..


Where is this setting at to fix it so when someone tries they get banned?

~Death Dream~
 
hitwalker
PostPosted: Sat Mar 24, 2007 3:04 pm Reply with quote

go into the Blocker Configuration,and with every one :

ADMIN Blocker Settings
AUTHOR Blocker Settings
CLIKE Blocker Settings
UNION Blocker Settings
Filters Blocker Settings
Flood Blocker Settings
Harvester Blocker Settings
Referer Blocker Settings
Scripting Blocker Settings
Request Method Blocker Settings
String Blocker Settings

click them and on activate,choose whatever you like in the dropdown.
 
death_dream
PostPosted: Sat Mar 24, 2007 3:07 pm Reply with quote

Ya I did that to one of them and I ended up blocking the google spiders and that I didn't want to do again.

~Death Dream~
 
hitwalker
PostPosted: Sat Mar 24, 2007 3:10 pm Reply with quote

thats because you didnt put google into the protected area,or even excluded it...
search on that in the forum...its all out there..
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©