Tuesday 16 March

Login

SecurityImages 5.1.2 for Joomla! 1.5
com_securityimages 4.3.3
OpenComment 3.0.21
JoomlaPatches for Joomla 1.0.15 for SecurityImages 4.x only
Joomla_1.5.14-Stable-Full_PackageForSecurityImages5.1.x_v01.01.00.zip
component Hashcash 1.2.2
JoomlaPatches for Joomla 1.0.13 for securityimages 4.x only
Joomla_1.5.9-Stable-Full_PackageForSecurityImages5.1.0.zip
JoomlaCloud 1.0.2
opencomment 3.0.30
AkoCommentPlus1.1.7 new install
Joomla 1.0.12 patches for SecurityImages 4.x
AkocommentPlus 1.1.7 fresh install
akocommentbot 2.0.2
Patch or Joomla 1.0.11 v1.0.2 for securityimages 3.x
Joomla_1.5.15-Stable-Full_PackageForSecurityImages5.1.x_v01.02.00.zip
module joomlacloud 1.0.1
Joomla_1.5.10-Stable-Full_PackageForSecurityImages5.1.1.zip
Joomla_1.5.8-Stable-Full_PackageForSecurityImages5.1.0.zip
com_akobookplus 5.1.3
Akobookplus 2.0.4 for securityimages < 4.X
Minify4Joomla
Thunder Tiger Raptor 50 v2
Related Articles content plugin
JoomlaPatches for Joomla 1.0.11 for securityimages 4.1.0 only

Latest comments

Google Buzz

cedric.walter

Re: White screen when edit plugin settings - I got the same problem. In my contact screen I see the reload buttn and the label but no images. Everything is green in the check your system screen. When I save edit general settings i noticed that some values are empty $securityImagesUseInLogin = "";...

6 hours ago,

comment

Interview with Dan Lopez About Linux.com #joomla bit.ly/dyk5dt... (via @joomla)

22 hours ago,

comment

Re: Login Form - Menu Link - First, thank you. I've installed this and everything works fine... except the captcha display for the login module displayed under my main menu. If I click 'login' and the module comes up on the main screen, the captcha is there. Is there a way to g...

9:18 PM Mar 15, 2010,

comment

Re: Problem with SecurityImages 5.1.1 and Joomla 1.5.9 - I have Joomla! 1.5.9 and I've installed SecurityImage 5.1.2. I use security image "Calculator" and see an image in contact, login, register,module login. I It tested . It's work! But I get a registration of spammers.Why? Where is problem?

2:19 PM Mar 15, 2010,

comment

Re: No related articles are displayed - Sire url: www.minutka.si/novice.html... Version RelatedArticles: 2.0.3 (plugin) PHP: 5.2.4 Joomla: 1.5.14

2:12 PM Mar 15, 2010,

comment

items tagged with security

FaF File Anomaly Finder
Written By: Administrator
Section: Internet www
Category: security
2007-07-21 20:10:55
FaF (File Anomaly Finder) is a wrapper for the *nix 'find' utility. It generates audit reports for data matching specific characteristics; such data as setgid/setuid, unowned, and more. The objectives are simply to create a simple anomaly finder that identifies common flawed permissions or otherwise suspicious file system characteristics.

The main features of FaF are:

simplistic and to the point audit reports
easy setup and configuration
audits emailed to customizable address or user
ideal for web servers or general purpose workstations
audits of setgid/setuid, hidden, unowned, & world writable data
very portable

http://www.r-fx.org/faf.php
Read More About FaF File Anomaly Finder...

1 week of mod_evasive some nasty bots get blacklisted
Written By: Administrator
Section: Internet www
Category: security
2006-08-30 23:19:26
This are my mod_evasive settings:

LoadModule evasive20_module /usr/lib/apache2/mod_evasive20.so
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 100
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 600
DOSEmailNotify This e-mail address is being protected from spambots. You need JavaScript enabled to view it
</IfModule>

And this is a small documentation I've forget to add in the previous article:

DOSHashTableSize: is the size of the table of URL and IP combined. The greater this setting, the more memory is required for the look up table, but also the faster the look ups are processed. This option will automatically round up to the nearest prime number.
DOSPageCount: is the number of same page requests from the same IP during an interval that will cause that IP to be added to the block list.
DOSSiteCount: is the number of pages requested of a site by the same IP during an interval which will cause the IP to be added to the block list.
DOSPageInterval: Interval for the 'DOSPageCount' threshold in second intervals.
DOSSiteInterval:Interval for the 'DOSSiteCount' threshold in second intervals.
DOSBlockingPeriod: is the time the IP is blacked (in seconds
DOSEmailNotify: can be used to notify by sending an email everytime an IP is blocked
DOSSystemCommand: is the command used to execute a command when an IP is blocked. It can be used to add a block the user from a firewall or router.
DOSWhiteList: can be used to whitelist IPs such as 127.0.0.1

Adding mod_security to better protect your webserver
Written By: Administrator
Section: Internet www
Category: security
2006-08-21 19:32:50

ModSecurity^TM is an open source intrusion detection and prevention engine for web applications (or a web application firewall). Operating as an Apache Web server module or standalone, the purpose of ModSecurity is to increase web application security, protecting web applications from known and unknown attacks. from http://www.modsecurity.org/

Installing mod_security as DSO is easier, and the procedure is the same for both Apache branches. First unpack the distribution somewhere (anywhere will do, I copy the .c files in my home),

# cd
# wget http://www.modsecurity.org/download/mod_security-1.9.4.tar.gz
# tar -zxfv mod_security-1.9.4.tar.gz
# cd mod_security-1.9.4/apache2

and compile the module with:

apache1	apache2
/usr/local/psa/admin/bin/apxs -cia ~/mod_security.c	/usr/sbin/apxs2 -cia ~/mod_security.c

Auditing Joomla security
Written By: Administrator
Section: Mambo
Category: News
2005-11-17 23:37:38

I will start the auditing of a copy of my website running locally in order to find design and security flaws in Joomla. I have found a quite impressive list of tools to achieve that goal:

In May of 2003, I conducted a survey of Nmap users from the nmap-hackers mailing list to determine their favorite security tools. Each respondent could list up to 8. This was a followup to the highly successful June 2000 Top 50 list. An astounding 1854 people responded in '03, and their recommendations were so impressive that I have expanded the list to 75 tools! Anyone in the security field would be well advised to go over the list and investigate tools they are unfamiliar with. I discovered several powerful new tools this way.
I also plan to point newbies to this page whenever they write me saying "I do not know where to start". Respondents were allowed to list open source or commercial tools on any platform. Commercial tools are noted as such in the list below. Many of the descriptions were taken from the application home page or the Debian or Freshmeat package descriptions. I removed marketing fluff like "revolutionary" and "next generation". No votes for the Nmap Security Scanner were counted because the survey was taken on an Nmap mailing list. This audience also means that the list is slightly biased toward "attack" tools rather than defensive ones. from insecure.org

And that only because I've seing too much hacker trying to penetrate my homepage...eh guy I am also looking at You (logs)I hope You're smart enought to use windows zombie od hiding Your real internet adress! Moreover my finding will help the joomla community....

Web Site Test Tools and Site Management Tools: More than 290 tools listed in 12 categories

Avoid Hotlinking or so called bandwidth stealing
Written By: Administrator
Section: Internet www
Category: Apache
2009-01-01 13:28:57

From WikiPedia

Inline linking (also known as hotlinking, leeching, piggy-backing, direct linking, offsite image grabs and bandwidth theft) is the use of a linked object, often an image, from one site into a web page belonging to a second site. The second site is said to have an inline link to the site where the object is located.

This is not just Bandwidth Stealing, as

It cost CPU and bandwidth which means less performance for your visitors,
It cost a lot of money as you still pay the server cost, and loose ad revenues,
It drive people away from your reputable homepage since they will find your picture or files on any mirrors,
It may be a security threat at least for distributable software, anybody may alter (backdoor,ads, privacy information stealing) any of my open source component without my consent.

The mod_rewrite module is able to intercept incoming URLs and modify them according to a set of rules that you specify. The basic idea is use the mod_rewrite module to inspect the incoming HTTP header. The field we're looking for is the Referer field - or basically the URL that the current request originated from.

Referer

This optional header field allows the client to specify, for the server's benefit, the address ( URI ) of the document (or element within the document) from which the URI in the request was obtained.
This allows a server to generate lists of back-links to documents, for interest, logging, etc. It allows bad links to be traced for maintenance.

So create a file .htaccess at the root of your site with the following content:

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?waltercedric.com(/)?.*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?wiki.waltercedric.com(/)?.*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?forums.waltercedric.com(/)?.*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?bugs.waltercedric.com(/)?.*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?demo.waltercedric.com(/)?.*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?demo2.waltercedric.com(/)?.*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mirror.waltercedric.com(/)?.*$     [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?images.google.com(/)?.*$     [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp|zip|css)$ http://www.waltercedric.com/bandwidthStealing.html [R,NC]

Notes:

I want to allow cross linking between all my Subdomains wiki,demo, bugs, forums ... so I have a bigger list of allowed Referer than usual to enter...
I do not allow hotlinking of the following resources for obvious reasons: jpg|jpeg|gif|png|bmp|zip|css
I redirect any bad people to a fix files on disk http://www.waltercedric.com/bandwidthStealing.html
You are allowed to copy the templates http://www.waltercedric.com/bandwidthStealing.html as long as you keep the bottom link.
Note the latest RewriteCond: I always allow Google to references my images

There is a useful online generator with a lot more explanation online at the bottom of this page http://www.htmlbasix.com/disablehotlinking.shtml . This is active on my server since 2 weeks, and I've see a performance in response time.

More tips

To have an insight on resources stealing in nearly real time, simply put a statistics marker with for example Google Analytics to see how many people are landing on that page per week or months!
To generate money (better than nothing), dot forget also to put advertisements publicity on your redirect hot linking page

There are 62 items tagged with security. You can view all our tags in the Tag Cloud

<< Start < Previous 1 2 3 4 5 6 7 8 9 10 Next > End >>
Page 1 Of 13

Top 200 Tags

View all tags

Donation

Thank You for supporting my work

Login

Whos Online

Joomla

Forums

Popular

Tags

Pop. Tags

Forums

Skype me

Follow me

Gallery

Latest Downloads

Twitter

Most Downloaded

Latest comments

Google Buzz

items tagged with security

Referer

Top 200 Tags

Donation