Results 1 to 3 of 3

Thread: hacking to my one of D FOLDER

  1. 25-10-2008 #1
    kajkool007
    kajkool007 is offline Member
    Join Date
    Oct 2008
    Posts
    1

    hacking to my one of D FOLDER

    i am running a voice chat SERVER IN D:/BIN FOLDER
    BIN FOLDER INCLUDE XML , EXE FILE .
    SOMONE IS ABLE TO EDIT MY XML FILES IS THERE SOLUTION TO STOP HACKERS TO RENAME XML FILES INSIDE D FOLDER
    I TRACKED THE LOGS OF HACKERS TRUE WINDOWS EVENT
    HERE IS THE SCREEN SHOT
    YOUR HELP WILLL BE APPRECIATE IT
    Reply With Quote Reply With Quote
  2. 27-10-2008 #2
    EINSTEIN_007
    EINSTEIN_007 is offline Member
    Join Date
    Dec 2007
    Posts
    2,291

    Re: hacking to my one of D FOLDER

    See this guide: How to Trace a hacker
    Reply With Quote Reply With Quote
  3. 27-10-2008 #3
    JAMES_911
    JAMES_911 is offline Member
    Join Date
    Dec 2007
    Posts
    1,736

    Re: hacking to my one of D FOLDER

    Hackers are finding new systems vulnerabilities and developing new means of attack all the time. What methods do they favour and how secure is your network? This article identifies some common vulnerabilities and offers 10 useful and easy-to-apply tips on how to make your network more secure.

    1. Perform discover-and-scan tests

    The purpose of these tests is to highlight all entry points from the internet to the internal network. Make sure you know all entry points into your network rather than assume where these points are.

    Most large organisations, organisations that have merged or been taken over, and organisations that have in any way gained systems from sources not under their direct control cannot confidently say they are aware of all entry points to their network.

    A firewall is merely a door to the network; there may be many holes and entry points that an organisation is unaware of. These supposedly ‘unknown’ points are targets for hackers, as they normally have the weakest security controls in place.

    The first step in securing these weak entry points is to identify them. This is not an easy task and requires skilled attack-and-penetration experts to perform the discovery successfully.

    2. Perform attack-and-penetration tests

    The aim of these tests is to quickly highlight vulnerable points and aspects of the network: ones that are accessible from both an external and internal user’s perspective. By assessing the extent to which you are able to thwart attacks from external sources through the tests, you are able to patch and correct the holes that could allow intruders to hack into your network.

    As surveys have consistently shown, hacking is as great a concern from an internal user’s perspective as from an external unknown source. Thus, these penetration tests should be performed from the inside (internal user) as well as from an external (unknown) perspective for the true vulnerabilities to be detected.

    3. Launch user-awareness campaigns

    Users should be made aware of the pitfalls of security and how to minimise these risks by applying good security practices in day-to-day operations.

    Social-engineering tests are an effective means of determining the current levels of user awareness. Such tests are also a good way to highlight to users the potential pitfalls resulting from a lack of awareness and application of security in everyday operations.

    User awareness is that element of security that is often ignored and it can lead to the most vulnerability. All the security technologies in the world cannot protect against a user giving away company secrets or security information, such as passwords, of critical systems.

    4. Configure firewalls appropriately and have them reviewed independently

    An incorrectly configured firewall is an open door for any intruder. It is imperative to allow only the traffic that is critical to the business through the firewall. Even ports 443 (SSL) and 80 (http) sometimes present more risk than the business warrants.

    An open port is an open door. As a start, close all ports and then open only those that are more critical than the risk they present. Each firewall – and, indeed, each organisation – is different, requiring different firewall rule-set configurations. However, there are general guidelines that can be applied, namely: never open all ports to any source or destination and make sure the stealth rule is in the correct place in the rule set.

    A firewall is not merely a router; it has logging and monitoring capabilities that are often more important than the routing functions. Traffic to a valid destination through a valid port is often an attack that can be detected only through analysing the composition and nature of the traffic itself.

    By performing penetration tests, organisations are able to determine the vulnerabilities that a certain firewall configuration presents. Also, by performing independent assessments of the rule sets, their vulnerabilities can be determined.

    5. Implement strong password policies

    Most organisations still make use of usernames and passwords as their primary, if not their only, authentication mechanism. Unfortunately, as surveys and analyses have revealed, passwords are a weak form of authentication. So-called “strong” passwords (not easily guessable) tend to be written down or forgotten, while passwords that can be remembered, and hence not written down, tend to be “weak” (easily guessable). This is the situation most organisations find themselves in.

    So what can be done? Two-factor authentication seems to be the solution, where an additional authentication mechanism is used, such as a physical thing (take, for example, your ATM card, which requires both the card and the personal identification number for you to be authenticated).

    Other two-factor authentication mechanisms include storing biometric details on a smartcard, but two-factor authentication is costly as well as time-consuming to implement. So a temporary measure of strong password policies is important.
    These policies should require a balance between strong and easily remembered passwords. Leading practice is to have passwords of seven characters (the most secure length for a Windows NT password, yet still relatively easy to remember).

    Also, leading practice indicates that these passwords be changed every 60 days so as to reach a balance between changing passwords too frequently – thereby changing them in a repetitive or predictable manner (for example, by adding a digit to the end of a password) – and having a password remain the same – thereby increasing the chances of it being known to unauthorised persons. The password should also be made up of both alpha and numeric characters to increase the number of possible password combinations.

    For more information see here: http://www.security-forums.com/viewtopic.php?t=2027
    Reply With Quote Reply With Quote
« Image map and SEO query | SQL - bp insert special characters with UPPER »

Similar Threads

  1. What is Ethical Hacking?
    By Alejandro80 in forum Education Career and Job Discussions
    Replies: 11
    Last Post: 10-03-2010, 12:29 PM
  2. Protection from IP hacking
    By Level8 in forum Networking & Security
    Replies: 4
    Last Post: 18-02-2010, 09:37 PM
  3. FTP Hacking
    By BoanHed in forum Small Business Server
    Replies: 2
    Last Post: 05-02-2010, 11:26 AM
  4. Is Somebody Hacking My Wireless??
    By Krupa in forum Networking & Security
    Replies: 2
    Last Post: 05-02-2009, 05:21 PM
  5. Hacking Books
    By Billyjoel in forum Ebooks
    Replies: 9
    Last Post: 12-04-2005, 06:21 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

Page generated in 1,714,045,015.78407 seconds with 16 queries