ProxyPass ?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Booty Bucks
    Registered User
    • Mar 2006
    • 115

    #1

    ProxyPass ?

    Looking for good software to prevent password sharing and hacking to to my site. I heard good things of ProxyPass.com. Could anyone co-sign for them or any other programs?
  • butterflybucks
    Butterfly Bucks
    • Sep 2005
    • 1422

    #2
    it's awesome
    100% Real Thai Girls - Tiniest Pornstar in the world Thainee.com & Dream Teen Tussinee.com Asian Teens, Asian EMO, Asian G/Fs THAI GIRLS WILD

    Comment

    • rickmercer
      Registered User
      • Mar 2006
      • 7

      #3
      strongbox

      bettercgi.com/strongbox/

      Comment

      • Pimpin_J
        Confirmed User
        • Jul 2006
        • 3637

        #4
        make sure you change the default admin pass when you use strongbox! Dont use default folders at all. Use generated user/pass combinations to prevent bruteforce attacks. I woudnt use one of the famous adult-cms too. To many "well-known" bugs like remote-file-inclusions in those products..
        Use a selfmade form login with a strong ocr image, course as far as i remember the strongbox ocr image is just fake or not working or what ever. If you enter a valid user/pass you can enter whatever you want in the image form.

        Sit*depth 2 => cookie trick to gain admin access
        Sit*depth 3 => remote file inclusion
        m*a2 => remote file inclusion
        m*a3=> remote file inclusion
        Last edited by Pimpin_J; 07-04-2006, 11:11 PM.

        Comment

        • gooddomains
          Too lazy to set a custom title
          • Jul 2003
          • 10127

          #5
          strongbox is the right tool

          Comment

          • Pimpin_J
            Confirmed User
            • Jul 2006
            • 3637

            #6
            Originally posted by gooddomains
            strongbox is the right tool
            Wasted money without generated user/pass combinations. If your going to use it with letting your members choose their combination its wasted money in my eyes. Its the same easy to bruteforce like a simple .htaccess with the right tools. Google for "C-Force" or "Form@" if you dont believe me.
            Just register at some passwordtrading forums and check their tutorials and look how they act to gain free access to paysites. Its good to watch your enemies and know their tricks to prevent your site from beeing hacked.

            Comment

            • Gateway69
              Confirmed User
              • Jul 2002
              • 1510

              #7
              proxypass .. good support.
              Gateway - Tech Guru
              Dreaming Computers IG

              Comment

              • gooddomains
                Too lazy to set a custom title
                • Jul 2003
                • 10127

                #8
                Originally posted by Pimpin_J
                Wasted money without generated user/pass combinations. If your going to use it with letting your members choose their combination its wasted money in my eyes. Its the same easy to bruteforce like a simple .htaccess with the right tools. Google for "C-Force" or "Form@" if you dont believe me.
                Just register at some passwordtrading forums and check their tutorials and look how they act to gain free access to paysites. Its good to watch your enemies and know their tricks to prevent your site from beeing hacked.
                Good info. Thx for the hints.

                Comment

                • Pimpin_J
                  Confirmed User
                  • Jul 2006
                  • 3637

                  #9
                  Np if you need some specific info hook me up on icq
                  Dont get me wrong, iam not trying to show off or some lame shit just here to share knowledge and to help out. so if you need help on your security let me know.

                  Comment

                  • SkeetSkeet
                    Confirmed User
                    • Oct 2005
                    • 5404

                    #10
                    strongbox !

                    ICQ 283633188

                    Comment

                    • ideaworx
                      GOW Technician
                      • Jul 2005
                      • 1132

                      #11
                      strongbox, bad thing is from what i hear they all have exploits ;(
                      Amateur Australian Porn At It's Finest: Girls Out West --> Girls Out West Affiliate Program

                      Comment

                      • raymor
                        Confirmed User
                        • Oct 2002
                        • 3745

                        #12
                        Originally posted by Pimpin_J
                        make sure you change the default admin pass when you use strongbox!
                        There is no default admin pass for Strongbox.
                        Our order form just asks you which user names should have access to the admin.
                        We don't even know your admin password, so I don't think a cracker will know it.
                        For our own testing we randomly generate a different password for each site.

                        Originally posted by Pimpin_J
                        course as far as i remember the strongbox ocr image is just fake or not working or what ever. If you enter a valid user/pass you can enter whatever you want in the image form.
                        Umm, no. You CAN set it to bluff mode, if you want to, but most people don't.
                        That's an option for webmasters who want to make it as easy as possible for users
                        who may not pay attention to what they are doing.

                        Originally posted by Pimpin_J
                        Just register at some passwordtrading forums and check their tutorials and look how they act to gain free access to paysites.
                        If you've ever seen a post on any of the forums where anyone has ever cracked Strongbox
                        I'd really love to see it. I have yet to find such a post anywhere. When I search the
                        cracker forums for "Strongbox" I normally find posts where the noob asks how to crack
                        it and they either get no response or responses saying "there is no known way".
                        On one of the largest forums (you have a good idea which one, probably, if you've
                        been surfing them), a noob asked about that and the owner of the forum replied simply
                        "How to get around Strongbox: find a different site that has the same stuff but isn't
                        using Strongbox." It would of course be of GREAT interest to me if anyone found a
                        way to brute force Strongbox, so PLEASE let me know if you see anyone claiming
                        to have done so. That's the reason for the $500 bounty of course - if there is any way
                        to do it I damn sure want to know about it. Nobody has claimed the money yet and the
                        the better crackers that I mentioned it to (using my alter ego) said they wouldn't even
                        bother hitting the test site because they had already tried on regular Strongbox sites
                        before the prize money was announced and found it pretty much impossible.

                        By the way, you've posted at least three different things about Strongbox that were
                        totally wrong. Have you ever even SEEN Strongbox?
                        For historical display only. This information is not current:
                        support@bettercgi.com ICQ 7208627
                        Strongbox - The next generation in site security
                        Throttlebox - The next generation in bandwidth control
                        Clonebox - Backup and disaster recovery on steroids

                        Comment

                        • Greg MissionD
                          Confirmed User
                          • Apr 2005
                          • 4866

                          #13
                          We use proxypass and np probs with it as yet.
                          I also hear a lot of good things about strongbox.
                          ICQ:119936

                          Comment

                          • Pimpin_J
                            Confirmed User
                            • Jul 2006
                            • 3637

                            #14
                            @raymor

                            send me an email to webmaster | at | pimpshots | com
                            and ill show you how to come along with strongbox. Youll see that i was right.. in most of my parts.. seen so many sites which used to have a admin pass like "sb1n****" , so it looked like a default pass to me!
                            Just msg me and we can have a chilled talk

                            Comment

                            • CamsLord
                              Confirmed User
                              • Jun 2006
                              • 3663

                              #15
                              i heard strongbox was good
                              sig for sale - pornpicz(at)gmail.com

                              Comment

                              • lib
                                Registered User
                                • Sep 2003
                                • 53

                                #16
                                Originally posted by Booty Bucks
                                Looking for good software to prevent password sharing and hacking to to my site. I heard good things of ProxyPass.com. Could anyone co-sign for them or any other programs?
                                Check out KillerSecurity (http://www.killersecurity.com/). Free to try too

                                Comment

                                Working...