Results 1 to 9 of 9

Thread: Script to fend off hackers

  1. #1
    thesyndicate is offline Newbie Net Builder
    Join Date
    Jul 2009
    Location
    NET<>DP
    Posts
    138
    Thanks
    14
    Thanked 5 Times in 4 Posts

    Script to fend off hackers

    Is there some open source script or code in PHP a dude can use to fend of hackers. For example if they sniffing around to much you lock the IP and send them packing.

  2. #2
    TopDogger's Avatar
    TopDogger is offline Über Hund
    Join Date
    Jan 2009
    Location
    Hellfire, AZ
    Posts
    3,102
    Thanks
    349
    Thanked 918 Times in 702 Posts
    Will did an excellent post a while back regarding Bot Trap. It is a honeypot that catches scraper bots and spam bots and then automatically bans their IP.

    Block Web Content Scrapers and Downloaders

    Since installing this on my blogs I've trapped hundreds of bots. It has not snagged any legitimate bots.

    Bot Trap is free, easy to install, and is very reliable.
    "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." -- Benjamin Franklin


  3. Thanked by:

    thesyndicate (20 July, 2009)

  4. #3
    thesyndicate is offline Newbie Net Builder
    Join Date
    Jul 2009
    Location
    NET<>DP
    Posts
    138
    Thanks
    14
    Thanked 5 Times in 4 Posts
    yes looks ok i will try it. But if you have people sniffing for open ports and stuff and trying to do injects anyway you can fend them off

  5. #4
    Sundance's Avatar
    Sundance is offline Net Builder
    Join Date
    Jun 2009
    Posts
    169
    Thanks
    2
    Thanked 10 Times in 10 Posts
    There are no scripts that can protect against a true hacker. The best you'll be able to block is script kiddies that only use known exploits. if you want to stay safe here are the best ways

    1. Stay up to date on your software (apache, php, mysql, etc)
    2. Make sure your applications are up to date
    3. Move SSH to another port
    4. Use long secure passwords (%^$3fr3446gfxfvdfy^% = winner)
    5. Don't use public computers to login to your sites.
    6. Don't use flaky software that has a history of security problems.
    7. Don't share your passwords with other people, and never use the same password twice
    8. Double and Triple check your permissions
    9. Don't rely on "firewall scripts" or others for your security, the best way to secure your server is to understand it and do it yourself.
    10. Never login directly under root. Use a wheel account and super user access methods.
    Xbox 720 Next Generation Console - Video gamers check it out!

  6. Thanked by:

    thesyndicate (20 July, 2009)

  7. #5
    thesyndicate is offline Newbie Net Builder
    Join Date
    Jul 2009
    Location
    NET<>DP
    Posts
    138
    Thanks
    14
    Thanked 5 Times in 4 Posts
    right i done most of them already. But they kind of get in anyway. The last one i do not get

    Never login directly under root. Use a wheel account and super user access methods.

    My server account is a cpanel with all domains in one i guess thats not good.

  8. #6
    Will.Spencer's Avatar
    Will.Spencer is offline Retired
    Join Date
    Dec 2008
    Posts
    5,033
    Blog Entries
    1
    Thanks
    1,010
    Thanked 2,329 Times in 1,259 Posts
    Quote Originally Posted by thesyndicate View Post
    yes looks ok i will try it. But if you have people sniffing for open ports and stuff and trying to do injects anyway you can fend them off
    For dealing with port scanners, I sometimes use PortSentry from the SentryTools package.

    The project page is quite terse, but the tool is explained well in PortSentry for Attack Detection.

    You should also be blocking much of this port scanning activity with your firewall.

    Of course, firewalls and port scanners are both somewhat aging technologies in a world where almost all traffic both good and bad rides on port 80.
    Submit Your Webmaster Related Sites to the NB Directory
    I swear, by my life and my love of it, that I will never live for the sake of another man, nor ask another man to live for mine.

  9. Thanked by:

    thesyndicate (23 July, 2009)

  10. #7
    thesyndicate is offline Newbie Net Builder
    Join Date
    Jul 2009
    Location
    NET<>DP
    Posts
    138
    Thanks
    14
    Thanked 5 Times in 4 Posts
    i am on a shared server so guess that will be doing that for me or am i wrong

  11. #8
    Will.Spencer's Avatar
    Will.Spencer is offline Retired
    Join Date
    Dec 2008
    Posts
    5,033
    Blog Entries
    1
    Thanks
    1,010
    Thanked 2,329 Times in 1,259 Posts
    There's not much you can do on a shared server.

    On a shared server, security is primarily the responsibility of the hosting company.
    Submit Your Webmaster Related Sites to the NB Directory
    I swear, by my life and my love of it, that I will never live for the sake of another man, nor ask another man to live for mine.

  12. #9
    thesyndicate is offline Newbie Net Builder
    Join Date
    Jul 2009
    Location
    NET<>DP
    Posts
    138
    Thanks
    14
    Thanked 5 Times in 4 Posts
    right but i am more thinkin of my scripts. Maybe the bets way is to keep them updated and block some IP or send some IP to another site far far away.

Similar Threads

  1. Replies: 7
    Last Post: 4 June, 2010, 04:10 AM
  2. Replies: 0
    Last Post: 5 March, 2010, 11:03 AM
  3. Replies: 1
    Last Post: 14 January, 2010, 18:05 PM
  4. Hackers targeting Facebook users
    By DotComBum in forum Tech-Talk
    Replies: 0
    Last Post: 27 July, 2009, 07:44 AM
  5. Replies: 10
    Last Post: 25 January, 2009, 03:51 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •