It has been reported throughout the community that there are multiple “Vendors” sending email messages to phpnuke webmasters offering their services to patch phpnuke websites. Some of these people may be legitimate but their sales pitch has been reported to be more like “Blackmail” by some users. This happens with more then just phpnuke its becoming a common practice of certain individuals looking to take advantage of the very real fear of compromised security.
There is no reason in my opinion to pay for security patches. Chatserv and Raven as well as others out there continue to patch all newly reported verifiable exploits. Not to mention many that never get reported publicly.
If you need help applying patches please seek out reputable help. Where can you find out what fixes should be applied? Here at Raven’s there are always announcements available regarding the latest patches and exploit prevention.
Also see
Only registered users can see links on this board! Get registered or login to the forums!
Only registered users can see links on this board! Get registered or login to the forums!
Where can you find professional help? Currently I know of no one source or referral service where people who need help can get it. I know Raven will do custom work and occasionally make referrals. Nor do I know of a reputable security team that works on hardening phpnuke (Sorry but most will laugh at the idea do to its long history of being a favorite target amongst script kiddies).
If paying someone to help with general setup and configuration of your site please be sure that they are applying all known fixes to your files before your site goes live!
Remember that as time goes by you are responsible for continuing to update your website. Don’t rely on phpnuke.org for patches sometimes they are released there sometimes they are not. Please don’t just give someone ca$h and expect they will apply the appropriate fixes. In fact this is one of the reasons packages like Ravens and NC-Beta distributions have been so successful.
If you need help in making a decision about who, what, why, where and when don't hesitate to ask in the forums or in private via PM.
Thanks for that, some people could be taken in by the email scam.
Does this not open up the possibility of legitimate coders to form a business with the sole purpose of installing and patching phpnuke?
If such a company was formed, and it was advertised freely on all phpnuke sites that agreed to publicise it (free), then it would get widely recognised as a legitimate service and people who send scam emails would soon get tired of their malpractise.
There must be some coders who are unable to get out to go to work, who could do this, or indeed, people who already run online businesses.
Joined: Aug 27, 2002 Posts: 15199 Location: Kansas
Posted:
Wed Jun 09, 2004 6:23 am
Chat and I (and I'm sure MANY others) have discussed that here. Not a company, per se, but a Service. We (and others) do this right now, as side work, but haven't actually made a "formal" Service announcement. There are so many diversities when it comes to installations that I haven't been willing (as of yet) to advertise "come one, come all" But you are correct - Opportunities abound! Maybe thatt's your next venture/adventure?
View next topic View previous topic
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
![[Valid RSS]](http://ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
But you are correct - Opportunities abound! Maybe thatt's your next venture/adventure?
