Go Back   TechArena Community > Software > Software Development
Become a Member!
Forgot your username/password?
Tags Active Topics RSS Search Mark Forums Read

Reply
 
Thread Tools Search this Thread
  #1  
Old 25-10-2008
Member
 
Join Date: Oct 2008
Posts: 1
hacking to my one of D FOLDER

i am running a voice chat SERVER IN D:/BIN FOLDER
BIN FOLDER INCLUDE XML , EXE FILE .
SOMONE IS ABLE TO EDIT MY XML FILES IS THERE SOLUTION TO STOP HACKERS TO RENAME XML FILES INSIDE D FOLDER
I TRACKED THE LOGS OF HACKERS TRUE WINDOWS EVENT
HERE IS THE SCREEN SHOT
YOUR HELP WILLL BE APPRECIATE IT
Reply With Quote
  #2  
Old 27-10-2008
Member
 
Join Date: Dec 2007
Posts: 2,273
Re: hacking to my one of D FOLDER

See this guide: How to Trace a hacker
Reply With Quote
  #3  
Old 27-10-2008
Member
 
Join Date: Dec 2007
Posts: 1,728
Re: hacking to my one of D FOLDER

Hackers are finding new systems vulnerabilities and developing new means of attack all the time. What methods do they favour and how secure is your network? This article identifies some common vulnerabilities and offers 10 useful and easy-to-apply tips on how to make your network more secure.

1. Perform discover-and-scan tests

The purpose of these tests is to highlight all entry points from the internet to the internal network. Make sure you know all entry points into your network rather than assume where these points are.

Most large organisations, organisations that have merged or been taken over, and organisations that have in any way gained systems from sources not under their direct control cannot confidently say they are aware of all entry points to their network.

A firewall is merely a door to the network; there may be many holes and entry points that an organisation is unaware of. These supposedly ‘unknown’ points are targets for hackers, as they normally have the weakest security controls in place.

The first step in securing these weak entry points is to identify them. This is not an easy task and requires skilled attack-and-penetration experts to perform the discovery successfully.

2. Perform attack-and-penetration tests

The aim of these tests is to quickly highlight vulnerable points and aspects of the network: ones that are accessible from both an external and internal user’s perspective. By assessing the extent to which you are able to thwart attacks from external sources through the tests, you are able to patch and correct the holes that could allow intruders to hack into your network.

As surveys have consistently shown, hacking is as great a concern from an internal user’s perspective as from an external unknown source. Thus, these penetration tests should be performed from the inside (internal user) as well as from an external (unknown) perspective for the true vulnerabilities to be detected.

3. Launch user-awareness campaigns

Users should be made aware of the pitfalls of security and how to minimise these risks by applying good security practices in day-to-day operations.

Social-engineering tests are an effective means of determining the current levels of user awareness. Such tests are also a good way to highlight to users the potential pitfalls resulting from a lack of awareness and application of security in everyday operations.

User awareness is that element of security that is often ignored and it can lead to the most vulnerability. All the security technologies in the world cannot protect against a user giving away company secrets or security information, such as passwords, of critical systems.

4. Configure firewalls appropriately and have them reviewed independently

An incorrectly configured firewall is an open door for any intruder. It is imperative to allow only the traffic that is critical to the business through the firewall. Even ports 443 (SSL) and 80 (http) sometimes present more risk than the business warrants.

An open port is an open door. As a start, close all ports and then open only those that are more critical than the risk they present. Each firewall – and, indeed, each organisation – is different, requiring different firewall rule-set configurations. However, there are general guidelines that can be applied, namely: never open all ports to any source or destination and make sure the stealth rule is in the correct place in the rule set.

A firewall is not merely a router; it has logging and monitoring capabilities that are often more important than the routing functions. Traffic to a valid destination through a valid port is often an attack that can be detected only through analysing the composition and nature of the traffic itself.

By performing penetration tests, organisations are able to determine the vulnerabilities that a certain firewall configuration presents. Also, by performing independent assessments of the rule sets, their vulnerabilities can be determined.

5. Implement strong password policies

Most organisations still make use of usernames and passwords as their primary, if not their only, authentication mechanism. Unfortunately, as surveys and analyses have revealed, passwords are a weak form of authentication. So-called “strong” passwords (not easily guessable) tend to be written down or forgotten, while passwords that can be remembered, and hence not written down, tend to be “weak” (easily guessable). This is the situation most organisations find themselves in.

So what can be done? Two-factor authentication seems to be the solution, where an additional authentication mechanism is used, such as a physical thing (take, for example, your ATM card, which requires both the card and the personal identification number for you to be authenticated).

Other two-factor authentication mechanisms include storing biometric details on a smartcard, but two-factor authentication is costly as well as time-consuming to implement. So a temporary measure of strong password policies is important.
These policies should require a balance between strong and easily remembered passwords. Leading practice is to have passwords of seven characters (the most secure length for a Windows NT password, yet still relatively easy to remember).

Also, leading practice indicates that these passwords be changed every 60 days so as to reach a balance between changing passwords too frequently – thereby changing them in a repetitive or predictable manner (for example, by adding a digit to the end of a password) – and having a password remain the same – thereby increasing the chances of it being known to unauthorised persons. The password should also be made up of both alpha and numeric characters to increase the number of possible password combinations.

For more information see here: http://www.security-forums.com/viewtopic.php?t=2027
Reply With Quote
Reply

  TechArena Community > Software > Software Development
Tags:



Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads for: "hacking to my one of D FOLDER"
Thread Thread Starter Forum Replies Last Post
What is Ethical Hacking? Alejandro80 Education Career and Job Discussions 11 10-03-2010 12:29 PM
Protection from IP hacking Level8 Networking & Security 4 18-02-2010 09:37 PM
FTP Hacking BoanHed Small Business Server 2 05-02-2010 11:26 AM
Is Somebody Hacking My Wireless?? Krupa Networking & Security 2 05-02-2009 05:21 PM
Hacking Books Billyjoel Ebooks 9 12-04-2005 06:21 PM


All times are GMT +5.5. The time now is 07:06 PM.