| Author |
Message |
death_dream
Hangin' Around
Joined: Aug 10, 2006
Posts: 38
|
 Posted:
Fri Feb 02, 2007 4:15 am |
|
Well my site hoster changed from Cpanel to VHCS controlling thing. Well I haven't been getting any emails saying people have tried to attack my site and been blocked. Maybe this means they stopped attacking but some how I doubt that.
I'm using NukeSentinel 2.5.00 and would like if someone could do some kind of penetration test on my site and tell me what I could do. My site is http://ddream.hostingposts.com/
Besides that I have a couple questions.
Is there a way to block certain mail accounts? I got this one guy that keeps making BS accounts posting spam in my new's comments. I keep deleting him and he just makes more. Might be a bot but I don't know. He keeps using the @mail.ru extension.
And what is this HTTPAuth or CGIAuth I am told to enable it but I don't want to end up locking my self out of my own site.
Thanks in advance,
Death Dream |
| |
|
 
|
|
hitwalker
Sells PC To Pay For Divorce
Joined:
Posts: 5661
|
| Posted:
Fri Feb 02, 2007 6:16 am |
|
is the site constant on a subdomain ?
You dont have own domain ?
anyway, i checked your security and sentinel obviously works.
i got a 404 page saying it could not find abuse/abuse.html
so it works.
i could visit the site so that means hackers are stopped but not banned... |
| |
|
|
|
|
jakec
Site Admin
Joined: Feb 06, 2006
Posts: 3048
Location: United Kingdom
|
| Posted:
Fri Feb 02, 2007 7:07 am |
|
You can block certain domains by using the string blocker in Sentinel. If you do a search in these forums you should find a post discussing this. |
| |
|
|
|
|
death_dream
|
| Posted:
Sat Mar 24, 2007 2:21 am |
|
| hitwalker wrote: | is the site constant on a subdomain ?
You dont have own domain ?
anyway, i checked your security and sentinel obviously works.
i got a 404 page saying it could not find abuse/abuse.html
so it works.
i could visit the site so that means hackers are stopped but not banned... |
Sorry for the long delay in my reply I have been pretty busy.
Thanks hitwalker for checking my site out. My site is constantly on a sub domain because I am cheap lol.
As for the 404 error turns out I missed the one file out of everything else and it has been uploaded. So can you test it again for me?
Thank you,
Death Dream |
| |
|
|
|
|
hitwalker
|
| Posted:
Sat Mar 24, 2007 5:34 am |
|
It works,but adding some suprises isnt realy effective.
i simply close my browser by windows tasks and gone you are.
i do suggest you dont use it. |
| |
|
|
|
|
death_dream
|
| Posted:
Sat Mar 24, 2007 7:32 am |
|
I'm not really worried about the surprise thing I was really wondering if the user would be able to come back after one tried to abuse something.
Oh ya ... were you the guy that did the intel thing when you tested it?
~Death Dream~ |
| |
|
|
|
|
hitwalker
|
| Posted:
Sat Mar 24, 2007 7:57 am |
|
| Quote: | | were you the guy that did the intel thing when you tested it |
Huh ?
What you mean ? |
| |
|
|
|
|
death_dream
|
| Posted:
Sat Mar 24, 2007 8:13 am |
|
Code:Date & Time: 2007-03-24 13:48:13 CET GMT +0100
Blocked IP: 1.1 178.27.232
User ID: Guest (1)
Reason: Abuse-Filter
--------------------
User Agent: Opera/8.52 (Windows NT 5.1; U; en)
Query String:
ddream.hostingposts.com/modules.php?name=http://www.intel.com?&d_op=viewdownloaddetails&lid=171&ttitle=Quake_4_Fortress
Get String:
ddream.hostingposts.com/modules.php?name=http://www.intel.com?&d_op=viewdownloaddetails&lid=171&ttitle=Quake_4_Fortress
Post String: ddream.hostingposts.com/modules.php
Forwarded For: none
Client IP: 1.1 178.27.232.72.static.reverse.layeredtech.com:50178
(squid/2.6.STABLE12)
Remote Address: 72.232.27.178
Remote Port: 34086
Request Method: GET
|
Some guy did that 3 times in less then a couple secs of each other. Was thinking that might of been you testing the site to see if it blocked the user or something. >.>
~Death Dream~ |
| |
|
|
|
|
hitwalker
|
| Posted:
Sat Mar 24, 2007 8:16 am |
|
no that wasnt me...
and i was curious so i looked again,im not banned.. |
| |
|
|
|
|
evaders99
Former Moderator in Good Standing
Joined: Apr 30, 2004
Posts: 3221
|
| Posted:
Sat Mar 24, 2007 2:30 pm |
|
I've seen that attempt too. My guess is someone trying to look for vulnerabilities... if its vulnerable, then he'll hack with his real script |
_________________
- Only registered users can see links on this board! Get registered or login! -
Need help? Only registered users can see links on this board! Get registered or login! |
|
|
|
|
death_dream
|
| Posted:
Sat Mar 24, 2007 2:59 pm |
|
| hitwalker wrote: | no that wasnt me...
and i was curious so i looked again,im not banned.. |
Where is this setting at to fix it so when someone tries they get banned?
~Death Dream~ |
| |
|
|
|
|
hitwalker
|
| Posted:
Sat Mar 24, 2007 3:04 pm |
|
go into the Blocker Configuration,and with every one :
ADMIN Blocker Settings
AUTHOR Blocker Settings
CLIKE Blocker Settings
UNION Blocker Settings
Filters Blocker Settings
Flood Blocker Settings
Harvester Blocker Settings
Referer Blocker Settings
Scripting Blocker Settings
Request Method Blocker Settings
String Blocker Settings
click them and on activate,choose whatever you like in the dropdown. |
| |
|
|
|
|
death_dream
|
| Posted:
Sat Mar 24, 2007 3:07 pm |
|
Ya I did that to one of them and I ended up blocking the google spiders and that I didn't want to do again.
~Death Dream~ |
| |
|
|
|
|
hitwalker
|
| Posted:
Sat Mar 24, 2007 3:10 pm |
|
thats because you didnt put google into the protected area,or even excluded it...
search on that in the forum...its all out there.. |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
