10-08-2009, 11:34 AM
Step 1
GET SOME BASIC HACKING AND WEB DEVELOPING KNOWLEDGE! This is where most developers fail. If you have information on how hackers comprimise sites, you can be one step ahead.
Step 2
Use an IP tracker and get a program to upload IP logs to your server. If your site gets comprimised and they delete your logs, have a backup somewhere. I set my site to upload all my logs to 110MB.
Step 3
Search various cracking/hacking sites (Here, Milw0rm, Metasploit, etc) for known exploits in pieces of software you might use. (Like the shoutpro shoutbox.) I use serendipity for my sites as that is fairly hackproof and comes with shoutboxes, etc that has not many known exploits.
Step 4
DO NOT PROGRAM IN .ASP! .asp is a known method of entering a sites admin via simple SQL injection. I use PHP as this is a new language and is used by more GOOD developers. As good as .ASP is, it does suck at the security aspect.
Step 5
If you do get hacked and the defacers leave their email, DO NOT TRY TO REASON WITH THEM! You will get fudged in the ass by the hackers most probably. One last final tip, don't put any material on your site that might offend anyone easily.
HTH,
-Joe
P.S. This took about five minutes and was just a quicky to help people. So, its not the best ever. It origininated from my thread in HF.
GET SOME BASIC HACKING AND WEB DEVELOPING KNOWLEDGE! This is where most developers fail. If you have information on how hackers comprimise sites, you can be one step ahead.
Step 2
Use an IP tracker and get a program to upload IP logs to your server. If your site gets comprimised and they delete your logs, have a backup somewhere. I set my site to upload all my logs to 110MB.
Step 3
Search various cracking/hacking sites (Here, Milw0rm, Metasploit, etc) for known exploits in pieces of software you might use. (Like the shoutpro shoutbox.) I use serendipity for my sites as that is fairly hackproof and comes with shoutboxes, etc that has not many known exploits.
Step 4
DO NOT PROGRAM IN .ASP! .asp is a known method of entering a sites admin via simple SQL injection. I use PHP as this is a new language and is used by more GOOD developers. As good as .ASP is, it does suck at the security aspect.
Step 5
If you do get hacked and the defacers leave their email, DO NOT TRY TO REASON WITH THEM! You will get fudged in the ass by the hackers most probably. One last final tip, don't put any material on your site that might offend anyone easily.
HTH,
-Joe
P.S. This took about five minutes and was just a quicky to help people. So, its not the best ever. It origininated from my thread in HF.
![[Image: 9lcsqd.jpg]](http://i35.tinypic.com/9lcsqd.jpg)
