Victim 0 Report post Posted July 12, 2007 Apparently I do not have any open ports. I do actually have like 10 ports opened for programs, so I don't understand why it told me that I had nothing open.Also, I found this test...http://bcheck.scanit.be/bcheck/I think this tests the security of your browser. I am running the test now. It does 40 different tests on Firefox. Share this post Link to post Share on other sites
yordan 10 Report post Posted July 13, 2007 Apparently I do not have any open ports. I do actually have like 10 ports opened for programs, so I don't understand why it told me that I had nothing open.I guess that it tests some well-known security holes based on some open-ports which allowed some hacking programs to intrude your computer. This tests means that, although you had open ports for your own usage, the intruding programs were not able to take control of your computer. Share this post Link to post Share on other sites
lefioda 0 Report post Posted July 14, 2007 I think no...Dont need, please dont do it. Share this post Link to post Share on other sites
yordan 10 Report post Posted July 14, 2007 I think no...Dont need, please dont do it.Don't worry. Read the first lines at the beginning of this topic. Only XIII wanted somebody to test his security. first of all, nobody wanted to do this for free. Secondly, he kept secret the URL to be tested, only available through PM. So, keep cool, nobody will do anything. Share this post Link to post Share on other sites
Chesso 0 Report post Posted July 14, 2007 Well I use something called Accuenitx (or something very similar to that name) Vulnerability web scanner.Now while I wouldn't really recommend it for testing out on a large website already published, if you have happened to, or decide in the future to build your web sites/applications locally, you could run a full on test and it won't take forever (as it will be 100 times or more quicker on local disk, than accessing and thrashing both yours and the server bandwidth). Share this post Link to post Share on other sites
lefioda 0 Report post Posted July 14, 2007 Okay now remove me a doubt...My friend says to me if u insert a hack comand like:010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110010101001110If you inster this lines on a program like apache, this can crash the server...Its true? Share this post Link to post Share on other sites
Chesso 0 Report post Posted July 15, 2007 Pure Binary Code, somehow I doubt that, unless it's length involved lol. Share this post Link to post Share on other sites
yordan 10 Report post Posted July 17, 2007 Okay now remove me a doubt...My friend says to me if u insert a hack comand like:010101001110010101001110010101001110010101001110010101001110010101001110010101If you inster this lines on a program like apache, this can crash the server...Its true? OK, let's explain something.What you show here is a liste of alphanimerical lettes, zero's and one's.this is not a binary file.A binary file is a compiled file, using a compiler. You cannot compile on a server like Xisto.By the way, even if you were able to submit a binary file, it would not crash the Apache server, it would crash your Microsoft Internet Explorer client. Which is not the only way to crash Internet Explorer, but that's another story.And, of course, an Apache server works with correctl html files. If you put garbage things in your html page, you will have garbage displayed on your screen. But this cannot crash the Apache server, except in case of severe bugs in the Apache version your server is using. Share this post Link to post Share on other sites
docduke 0 Report post Posted June 17, 2008 Two suggestions, both of which require some work.1. Do you have Knoppix? At least as of 5.1.1, Knoppix included Nessus. Do Kicker | KNOPPIX | Utilities, and see if "Nessus Security Scanner" is an option. Caveats: there is a learning curve for using it, and if you uncheck "Safe checks" on the "Scan Options" tab, you'd better have a complete system backup, because it will try destructive penetrations! More information on Nessus is here. There is also a Wikipedia page for it.2. Shields-Up is a helpful, free way of testing port security. There's a lot there, so it is worth taking some time to explore it.There are complete custom Linux distributions devoted to analyzing vulnerabilities, but that requires you to dedicate one of your computers to hosting it. (Don't try this in a virtual machine!) They are almost certainly not worth the time it would take you to learn the details of how to use them, unless you plan on making a profession of computer security. Share this post Link to post Share on other sites
iGuest 3 Report post Posted June 7, 2010 Fight Backdoor Injection AttacksPlease Hack My SiteThere are so many ways to attack a website, it's just not possible to cater for them all on a constant basis if you're a small company, so the next best thing is to try and cover the most commonly found holes like the ones described in this article, and hope that puts off the intended attacker.We use an automated file system scanner called Eyefile. It's good for detecting any kind of backdoor injection and works for any kind of website.It can be found here:Website-security-tools.Com/Hope this helps.-reply by Steve Share this post Link to post Share on other sites
