Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

To block or not to block?
 View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.5.x
Poll
Does a NukeSentinel(tm) Block deter hacking?
No - since I've added the block I've seen more hack attempts.
0%
 0%  [ 0 ]
Yes - since adding the block I've fewer hack attempts.
0%
 0%  [ 0 ]
Yes & No - I've seen fewer hack attempts, but they're more sophisticated.
0%
 0%  [ 0 ]
Not sure - I haven't noticed either way.
100%
 100%  [ 3 ]
Total Votes : 3


Author Message
webservant
Worker
Worker



Joined: Feb 26, 2006
Posts: 206
Location: Springfield, MA
PostPosted: Wed Nov 15, 2006 6:10 am Reply with quote
I've been pondering whether or not to put a NukeSentinel(tm) block on my site for some time, and admit being at an impass. Does having a block deter someone from hacking (or attempting to hack) my site? Or does it just challenge / encourage them?

I'm curious to hear your opinions, and war stories...

_________________
Awaiting His Shout
Webservant - GraciousCall.org
Romans 8:28-39 
View user's profile Send private message Visit poster's website AIM Address
hitwalker
Sells PC To Pay For Divorce



Joined:
Posts: 5661
PostPosted: Wed Nov 15, 2006 6:27 am Reply with quote
thats just personal.....
it can go both ways.....or they get scared,or they go for the challenge..
many dont use the block,and some do....
 
View user's profile Send private message
Susann
Moderator



Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support
PostPosted: Wed Nov 15, 2006 10:26 am Reply with quote
I personally believe its greenly to believe that you can deter someone from hacking by using a public NukeSentinel block or a footer message like " protected by NukeSentinel" but who knows...
 
View user's profile Send private message
Tao_Man
Involved
Involved



Joined: Jul 15, 2004
Posts: 252
Location: OKC, OK
PostPosted: Wed Nov 15, 2006 11:17 am Reply with quote
I dont think in the long run it makes any diffrence, I think 99.9999999% of hackers never even look at or search your site, they just try and hack. I get hack attempts all the time for software that I never have had installed like Mambo or Coppermine. If they had checked out my site they would know I didn't have those.

_________________
------------------------------------------
To strive, to seek, to find, but not to yield!
I don't know Kara-te but I do know cra-zy, and I WILL use it! 
View user's profile Send private message Visit poster's website
jakec
Site Admin



Joined: Feb 06, 2006
Posts: 3048
Location: United Kingdom
PostPosted: Wed Nov 15, 2006 1:19 pm Reply with quote
From a hackers perspective you could argue that it tells them whether your site is up to date with the current Sentinel installation and help them work out what Hack to use.
 
View user's profile Send private message
hitwalker
PostPosted: Wed Nov 15, 2006 1:40 pm Reply with quote
nice one.....jakec ,

but why should it be their concern...
most hackers are in it for the fun...showing off what they did...
kinda like macho's do......hey look i have a bigger .........ehm..car.
 
webservant
PostPosted: Wed Nov 15, 2006 3:07 pm Reply with quote
Quote:
From a hackers perspective you could argue that it tells them whether your site is up to date with the current Sentinel installation and help them work out what Hack to use.


This is exactly my line of reasoning that argues against the block. Why should I tell them what I'm running to make it easier.
 
jakec
PostPosted: Wed Nov 15, 2006 4:00 pm Reply with quote
Quote:
nice one.....jakec


Sorry Hitwalker, not quite sure how to take that, was that sarcasm? Confused

Anyway, all the hacker has to do is search for 'sentinel 2.4.2' in google and you will find a load of sites which are still using version 2.4.2 and therefore vulnerable to certain attacks.

Perhaps we should consider removing the version number from the Sentinel blocks?
 
hitwalker
PostPosted: Wed Nov 15, 2006 4:24 pm Reply with quote
non of that... Wink
i did realy mean ......."nice one jakec"
but i was just saying that any of it shouldnt concern the hackers....
 
jakec
PostPosted: Thu Nov 16, 2006 1:28 am Reply with quote
OK cool Very Happy
but do you not think having the version number on the block is advertising your site to hackers, especially if the version is out of date?
 
montego
Site Admin



Joined: Aug 29, 2004
Posts: 9457
Location: Arizona
PostPosted: Thu Nov 16, 2006 5:52 am Reply with quote
Personally, I agree. We should never show version numbers.

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
webservant
PostPosted: Thu Nov 16, 2006 5:55 am Reply with quote
I agree. Security by obscurity is not good security, but is does add to good security. Smile
 
hitwalker
PostPosted: Thu Nov 16, 2006 6:28 am Reply with quote
why help hackers...
a simple footer text like ....protected by sentinel... seems sufficiant enough..
in that way all they can wonder is,.....is it or is it not updated....
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.5.x


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©