Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
sixonetonoffun
Spouse Contemplates Divorce


Joined: Jan 02, 2003
Posts: 2496

PostPosted: Mon May 24, 2004 8:48 pm Reply with quote

Unsolicited security advisories

It has been reported throughout the community that there are multiple “Vendors” sending email messages to phpnuke webmasters offering their services to patch phpnuke websites. Some of these people may be legitimate but their sales pitch has been reported to be more like “Blackmail” by some users. This happens with more then just phpnuke its becoming a common practice of certain individuals looking to take advantage of the very real fear of compromised security.

There is no reason in my opinion to pay for security patches. Chatserv and Raven as well as others out there continue to patch all newly reported verifiable exploits. Not to mention many that never get reported publicly.

If you need help applying patches please seek out reputable help. Where can you find out what fixes should be applied? Here at Raven’s there are always announcements available regarding the latest patches and exploit prevention.
Also see Only registered users can see links on this board! Get registered or login! Only registered users can see links on this board! Get registered or login!

Where can you find professional help? Currently I know of no one source or referral service where people who need help can get it. I know Raven will do custom work and occasionally make referrals. Nor do I know of a reputable security team that works on hardening phpnuke (Sorry but most will laugh at the idea do to its long history of being a favorite target amongst script kiddies).

If paying someone to help with general setup and configuration of your site please be sure that they are applying all known fixes to your files before your site goes live!

Remember that as time goes by you are responsible for continuing to update your website. Don’t rely on phpnuke.org for patches sometimes they are released there sometimes they are not. Please don’t just give someone ca$h and expect they will apply the appropriate fixes. In fact this is one of the reasons packages like Ravens and NC-Beta distributions have been so successful.

If you need help in making a decision about who, what, why, where and when don't hesitate to ask in the forums or in private via PM.

sixonetonoffun
 
View user's profile Send private message
Muffin
Client


Joined: Apr 10, 2004
Posts: 649
Location: UK

PostPosted: Wed Jun 09, 2004 6:05 am Reply with quote

Thanks for that, some people could be taken in by the email scam.

Does this not open up the possibility of legitimate coders to form a business with the sole purpose of installing and patching phpnuke?

If such a company was formed, and it was advertised freely on all phpnuke sites that agreed to publicise it (free), then it would get widely recognised as a legitimate service and people who send scam emails would soon get tired of their malpractise.

There must be some coders who are unable to get out to go to work, who could do this, or indeed, people who already run online businesses.

Just an idea.
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Wed Jun 09, 2004 6:23 am Reply with quote

Chat and I (and I'm sure MANY others) have discussed that here. Not a company, per se, but a Service. We (and others) do this right now, as side work, but haven't actually made a "formal" Service announcement. There are so many diversities when it comes to installations that I haven't been willing (as of yet) to advertise "come one, come all" Laughing But you are correct - Opportunities abound! Maybe thatt's your next venture/adventure?
 
View user's profile Send private message
Muffin
PostPosted: Wed Jun 09, 2004 9:58 am Reply with quote

lol Raven I don't have a quarter of the skills you or any of the others here do to offer a service.

I was kinda hoping you and your 'team' might, as we all trust you and respect you here.

I get lost in Admin Control Panel, let alone trusted to be let loose on someone's server rofl
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©