Home     Forum     401k     401k Rollovers
    Register   Login   Members   Search   FAQs     Recent Posts    




Internet Security

Reply to topic
Money Talk > Admin Desk

Author Thread
Andrew
Admin


Cash: $ 464.90

Posts: 1708
Joined: 02 Nov 2003
Location: Texas
Internet Security  Reply with quote  

Dear Money Talk members and readers,

Internet security should always be practiced and taken seriously, but especially at this time when there have been so many worms and hacking exploits occuring.

Recent vulnerabilities in older versions of PHP, the language that runs most bulletin boards and other software on the web, exposed thousands of server machines to manipulation by unauthorized parties. Unfortunately hundreds of forums and websites were vandalized, defaced or even completely wiped-out. There are probably many websites on servers that are either still vulnerable because they haven't been updated or still have malicious downloads hidden on them, so this continues to be a serious matter.

We have completed the necessary updates here at Money Talk and on our server, however even our board was affected to some degree for a short period of time.

I recommend that you make sure that you have antivirus software that is active and up-to-date. ZoneAlarm is a good free program that can help secure your home or work computer. AdAware is a great program for removing spyware, adware or malware. SpyBot Search and Destroy is another. If you are a bit technical, HijackThis is another program which can search your PC for the common areas that can be contaminated.

So, please take a moment to scan and secure your computer for your own protection. Thanks.

ZoneAlarm
http://www.zonelabs.com/store/content/home.jsp

AdAware
http://www.lavasoftusa.com/software/adaware/

Spybot Search & Destroy
http://www.safer-networking.org/en/download/index.html

HijackThis
http://www.spychecker.com/program/hijackthis.html


Last edited by Andrew on Tue Sep 27, 2005 6:00 pm; edited 1 time in total
Post Fri Jan 21, 2005 12:52 am
 View user's profile Send private message
SnapThat
Senior Member


Cash: $ 26.48

Posts: 235
Joined: 07 Nov 2004
Location: Illinois
 Reply with quote  

Thanks, Andrew. I already have the second and third, but I'll look into the others.

JavaHive - Get Paid to Post! | Inbox Dollars
Post Fri Jan 21, 2005 2:39 am
 View user's profile Send private message Visit poster's website
clasione
New Member


Cash: $ 1.45

Posts: 7
Joined: 27 Jan 2005
Location: New York
 Reply with quote  

Yea - I'm right there with you Andrew. Server security as been a job all itself lately. I've had to do many upgrades in php software programs and bulletin boards this last couple of weeks.

It's really getting a bit out of hand. I hope the current updates being released are more full proof.

Vbulletin, a huge php software developer by Jelsoft has actually emailed all their customers an appolgy for all the security issues lately.

But what can you do. You have no choice but to continue monitering every development as they happen.
Post Fri Jan 28, 2005 12:30 am
 View user's profile Send private message Send e-mail Visit poster's website
Andrew
Admin


Cash: $ 464.90

Posts: 1708
Joined: 02 Nov 2003
Location: Texas
 Reply with quote  

clasione, you can say that again.

I also recommend that webmasters who've updated their software and PHP, make a real effort to search thru all of their directories for unauthorized files that could be backdoors into their system, even with the proper security now applied.
Post Fri Jan 28, 2005 12:38 am
 View user's profile Send private message
clasione
New Member


Cash: $ 1.45

Posts: 7
Joined: 27 Jan 2005
Location: New York
 Reply with quote  

dambit - your probably right....

geez, more work to do....

When do I get to play? Surprised
Post Fri Jan 28, 2005 1:02 am
 View user's profile Send private message Send e-mail Visit poster's website
Andrew
Admin


Cash: $ 464.90

Posts: 1708
Joined: 02 Nov 2003
Location: Texas
 Reply with quote  

If on UNIX check *all* of your tmp directories very carefully for hidden files or directories with crud, plus if you run phpBB, check your avatar and upload directories for more junk. I've also seen reports of both phpBB source and template files modified with injected code, as well as files that are closely named to real files with mal stuff.
Post Fri Jan 28, 2005 4:56 am
 View user's profile Send private message

Reply to topic
Forum Jump:
Jump to:  
  Display posts from previous:      





Money Talk © 2003-2016