about website security

Spider* · 09/17/2012, 14:47

hello guys, i'm here to talk about websites security you know there is kids have a small hack program can close / open the website and really i got bored from this, but i dun know how to security the website well so i just requesting from any pro coder or anyone who can help me in this and sorry for this strange thread thank you.

鳳凰城 · 09/17/2012, 15:58

IIS

Spoiler

PortalDark · 09/17/2012, 16:42

Quote:

Originally Posted by Spider*

hello guys, i'm here to talk about websites security you know there is kids have a small hack program can close / open the website and really i got bored from this, but i dun know how to security the website well so i just requesting from any pro coder or anyone who can help me in this and sorry for this strange thread thank you.

cherno's exploit pack(look on release section) f*** up if IIS is open(ports)
as for a website, is just matter of injections

LastThief* · 09/17/2012, 16:45

@Portal

Who have told you those things ?

Overlimit is hosted on iis port 80 and no one can harm it the only thing could get you ****** is opening billing port

PortalDark · 09/17/2012, 16:54

Quote:

Originally Posted by LastThief*

@Portal

Who have told you those things ?

Overlimit is hosted on iis port 80 and no one can harm it the only thing could get you ****** is opening billing port

i meant without any kind of security
if you get the default IIS files and not protecting it(75% of noob servers)
but is an example as he asked about a website security
since all websites are made on php, i can only think on injections(maybe some engine flaws but not sure about his one)

LastThief* · 09/17/2012, 16:59

Quote:

Originally Posted by PortalDark

i meant without any kind of security
if you get the default IIS files and not protecting it(75% of noob servers)
but is an example as he asked about a website security
since all websites are made on php, i can only think on injections(maybe some engine flaws but not sure about his one)

There are scripts which can crash appserv in less than second not only injections

鳳凰城 · 09/17/2012, 17:01

Quote:

Originally Posted by PortalDark

cherno's exploit pack(look on release section) f*** up if IIS is open(ports)
as for a website, is just matter of injections

Portal , You're my friend but , check your words before saying. SPRUT could make the job done.

Quote:

Originally Posted by LastThief*

There are scripts which can crash appserv in less than second not only injections

PortalDark · 09/17/2012, 17:06

im not that "skilled" on any kind of hacking ways(only windows password hack XD) so i dont really know much on how the IIS exploit works

鳳凰城 · 09/17/2012, 17:10

Quote:

Originally Posted by PortalDark

im not that "skilled" on any kind of hacking ways(only windows password hack XD) so i dont really know much on how the IIS exploit works

Let me explain it to you

You run your website (HTML-PHP-****)
Appserver host it after you set the settings as should be
OMQ YOUR WEBSITE IS WORKING W-O PROBLEM
I(Hacker) Wanna down your website ,
I get your website IP by using ping yourwebsitedomain.com -t
I run the script , Write your IP
1 missing part , check your website port.
Portchecker ftw
I now get your port which you've hosted the website on.
I write the port and running the threads (200~5m thread)
Start it
less than min. your website is down

You:Omg what should I do
You:Let me run appserver again
You:You run , get instant crash =))
Even you have firewall , not all firewalls are good.
The script crashes appserver due the too-much load on it

Solution: IIS. (Wont explain because idiots will fix their websites)

Any missing part you didnt got it?

PortalDark · 09/20/2012, 21:01

#cleaned
if you are gonna give suggestions, do it, this is not a "I'm better than you" threads

Mykha* · 09/20/2012, 21:32

Quote:

Originally Posted by Spider*

hello guys, i'm here to talk about websites security you know there is kids have a small hack program can close / open the website and really i got bored from this, but i dun know how to security the website well so i just requesting from any pro coder or anyone who can help me in this and sorry for this strange thread thank you.

Your post doesn't specify any specific problem but in general.
Specify whether you want to protect your sites against flood attacks and such...
Either against vulnerabilities/SQLi and all other attacks that could lead to several things ranging from stealing users data and such to injecting shells.

So that i could help you further.