|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
08-10-2002, 05:43 AM
|
#1 |
|
Confirmed User
Join Date: Apr 2002
Posts: 157
|
Build an (almost) unhackable page
Encrypted users database with a hidden key, so even if a fucking hacker gets access to the server he can't get their info...
What to do to protect the server 99%? Is it possible? How? BTW: I have asked before on the fucking Q&A but it seems no body checks there...  |
|
|
|
08-10-2002, 05:51 AM
|
#2 |
|
Confirmed User
Join Date: Mar 2002
Location: South Florida
Posts: 6,580
|
Anything is possible sherlock.....
|
|
|
|
|
08-10-2002, 06:35 AM
|
#3 |
|
Confirmed User
Industry Role:
Join Date: Apr 2001
Posts: 1,738
|
The only secure server is one that is not hooked up to the net !!! There really is no such thing as a secure solution
 Tim  |
|
|
|
|
08-10-2002, 06:53 AM
|
#4 | |
|
Confirmed User
Join Date: Apr 2002
Posts: 157
|
Quote:
|
|
|
|
|
|
08-10-2002, 09:02 AM
|
#5 |
|
Confirmed User
Join Date: May 2002
Posts: 110
|
Hack Proof?
No such thing. There is "one" of you protecting your data. And there are literally "thousands/millions" who possibly want your files and will try/invent methods to get it. Check your log files for unusual requests and ban the IP/useragent. But if you have a high unique visit daily, you have to be doing this in real time to prevent brute force attacks. Good luck. |
|
|
|
|
08-10-2002, 09:57 AM
|
#6 |
|
Too lazy to set a custom title
Industry Role:
Join Date: Jul 2001
Location: Currently Incognito
Posts: 13,827
|
firewall on the network, firewall on the server, ftp and shell access turned off all services off. Root password 300 characters long with all kinds of fucked up shit in it. Then hire a guy to sit and watch the box 24/7. After that you need a strong team of people that keep up with every exploit that gets found for the software you are using. That is pretty much hack proof then.
__________________
   ~TheDoc - ICQ7765825It's all disambiguation  |
|
|
|
|
08-10-2002, 10:16 AM
|
#7 |
|
Confirmed User
Join Date: Jan 2002
Posts: 162
|
encrypt your passwords with md5. if a hacker gets hold of the encrypted passwords it would be worhtless to him.
 _
__________________
FREE TRAFFIC TRADING on any host. Also try our 200% traffic back program.Click here We host the scripts for you so you trade on our bandwidth. |
|
|
|
|
08-10-2002, 02:14 PM
|
#8 |
|
Confirmed User
Join Date: Apr 2002
Posts: 157
|
Thanks to: TheDoc and Dodo - although I know all this stuff, I was hoping to get some idea about database I mean if I use md5 I use it with a key, now if someone hacks into the server and gets the key, he gets the database... But again thanks for your reply!
Now BlackRain - Did I say Hack Proof??? No I didn't I only asked for "Almost unhackable"... More replies about database are welcomed! Thanks |
|
|
|
|
08-10-2002, 03:01 PM
|
#9 |
|
Confirmed User
Join Date: May 2002
Posts: 110
|
Database for what?
Is it for username/password combos, images, movies? What are using the database for? Will it be open to the public i.e. internet or private VPN/network? If you give us a little more information about your intent it would be helpful! |
|
|
|
|
08-10-2002, 03:08 PM
|
#10 |
|
Too lazy to set a custom title
Industry Role:
Join Date: Jul 2001
Location: Currently Incognito
Posts: 13,827
|
Could do like multi network cards with 2 servers infront of your database machine making the db machine the only one allowed to get commands from the 2 servers over encrypted network packets. Moreless makes it 2 or 3 stages deep from direct internet access. Other than that..I can't think of a way to really make it secure but then again i'm not a network person.
That possible? Not by me but I know it can be done
__________________
~TheDoc - ICQ7765825It's all disambiguation |
|
|
|
|
08-10-2002, 03:33 PM
|
#11 |
|
Confirmed User
Join Date: Apr 2002
Posts: 157
|
Thank you doc you are great
BlackRain - It's gonna be a regular database of users for non adult web site, in the data will be fields of user name/password and details about the users (text only) MAYBE credit card numbers, I am gonna need this data base to let them into parts of the site, basically it's like an adult web site access but since I might store their credit cards as well and whenever they access the server with their user name they can make changes to their data and inside the web site I need it to be super secured - as much as possible, they will also have the option to upload files, but that's not related... Thanks |
|
|
|
|
08-10-2002, 04:24 PM
|
#12 | |
|
Will code for food...
Join Date: Apr 2001
Location: Buckeye, AZ
Posts: 8,496
|
Quote:
__________________
|
|
|
|
|
|
08-10-2002, 04:29 PM
|
#13 |
|
Too lazy to set a custom title
Industry Role:
Join Date: Jul 2001
Location: Currently Incognito
Posts: 13,827
|
Mabey I should start a consulting company
Simple fix on brute force attacks is use an image key and get off of apache auth. That will be $2000 please.
__________________
~TheDoc - ICQ7765825It's all disambiguation |
|
|
|
|
08-10-2002, 04:35 PM
|
#14 |
|
Registered User
Join Date: Jul 2002
Posts: 44
|
Best fix of all...
Shut off your computer and hold on to your hardrive after you've unpluged it.!
__________________
The war has just begun or has it passed us all by? |
|
|
|
|
08-10-2002, 05:43 PM
|
#15 |
|
Confirmed User
Join Date: Nov 2001
Posts: 1,601
|
i hear if you format c: your computer cant be hacked
|
|
|
|
|
08-10-2002, 05:48 PM
|
#16 |
|
Confirmed User
Join Date: May 2002
Location: CT
Posts: 5,246
|
Use md5 encryption
|
|
|
|
|
08-10-2002, 05:55 PM
|
#17 |
|
Confirmed User
Join Date: Mar 2002
Location: Illinois
Posts: 196
|
Pix firewall...upper end one..not the 506...configure the IOS correctly and install Cisco HIP software on your server....I haven't seen too many hackers defeat this system...about the third ping and HIP blocks the IP.
Check it out on Cisco's site....I have probably fifty similiar installations and not had a successful hack. Cisco claims it can't be hacked...of course, they also claim they hung the moon, too. In all seriousness, it is a difficiult system to defeat. Have seen many try and move on to easier prey....something that says NT on it usually. I use it at home and then stick zone alarm on just for internal stuff, pretty tough combination. Forget all the proxy server bullshit out there, they are easy prey for a real hacker...the kiddies get stumped on them cause they can't find a port open but the good ones breeze right through em.
__________________
The object of war is not to die for your country but to make the other bastard die for his. -George Patton |
|
|
|
|
08-11-2002, 07:25 AM
|
#18 | |
|
Confirmed User
Join Date: Apr 2002
Posts: 157
|
[
Quote:
I'll check it up |
|
|
|
|
