Am I the only one who noticed that you *did not* ask how to secure your site? ;) -jmz On Wed, Dec 3, 2008 at 6:17 PM, keith smith wrote: > > It is a custom site. Basically one page does it all. Depending on what > parameters/arguments are used in the URL will depend on what content is > displayed. I setup a switch to test the URL parameters against know > values. If no know value is entered to defaults to the 404 page. > > I'm thinking that is pretty secure. > > > ------------------------ > Keith Smith > > > > --- On *Wed, 12/3/08, Lisa Kachold * wrote: > > From: Lisa Kachold > Subject: RE: OT: Website Exploits > To: klsmith2020@yahoo.com, plug-discuss@lists.plug.phoenix.az.us > Date: Wednesday, December 3, 2008, 5:14 PM > > > What index.php are you using? Is this WordPress? > http://archive.cert.uni-stuttgart.de/bugtraq/2007/03/msg00030.html > There are many php exploits: > http://archive.cert.uni-stuttgart.de/bugtraq/2007/03/msg00031.html > > > www.Obnosis.com | http://en.wiktionary.org/wiki/Citations:obnosis | > http://www.urbandictionary.com/define.php?term=obnosis (503)754-4452 > ------------------------------ > Catch the January PLUG HackFest! Kristy Westphal, CSO for the Arizona > Department of Economic Security will provide a one hour presentation on > forensics. > > ------------------------------ > Date: Wed, 3 Dec 2008 14:57:35 -0800 > From: klsmith2020@yahoo.com > Subject: Re: OT: Website Exploits > To: plug-discuss@lists.plug.phoenix.az.us > > > Thank you for the heads up on mod_security. I'm not sure if that is > installed or not. > > Thanks again! > > > ------------------------ > Keith Smith > > > --- On *Wed, 12/3/08, JD Austin * wrote: > > From: JD Austin > Subject: Re: OT: Website Exploits > To: klsmith2020@yahoo.com, "Main PLUG discussion list" < > plug-discuss@lists.plug.phoenix.az.us> > Date: Wednesday, December 3, 2008, 3:48 PM > > That is a fairly common tactic. > It exploits poor input validation and register globals in PHP. > Do yourself a huge favor and install mod_security (I assume you're using > apache?) > as an extra measure of security if you haven't already. > > > On Wed, Dec 3, 2008 at 3:39 PM, keith smith wrote: > > > Hi, > > I am working on a website that gets a lot of exploit attempts. > > They mostly look like this: /index.php?display= > http://humano.ya.com/mysons/index.htm? > > Our code is set to disregard any value that is not expected. > > I'm wondering if there is a clearing house for reporting this type of > stuff. I have the IP address as reported.... if that is accurate. > > Thanks in advance! > > Keith > > > > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > > ------------------------------ > Send e-mail anywhere. No map, no compass. Get your Hotmail(R) account now. > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >