What do you think of my site?
Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: What do you think of my site?

  1. #1
    Senior Member wiskic10_4's Avatar
    Join Date
    Jan 2004
    Location
    Corpus Christi, TX
    Posts
    254

    What do you think of my site?

    Hey AO!

    So I've had this site up since February. Its general purpose is to serve as my blog and as a personal Internet file server. However, now I'm thinking I would like to use it to generate more computer repair work for myself.

    I recently added a comment script at the bottom of the page. I don't know PHP, and I found this one for free. It implements CAPTCHA security, but I'm sure that it could be subverted easily. I tried to paste some redirect code in it, and it didn't redirect my site... so that's a good thing...

    Anyway, I guess what I want to know is:

    - Could someone use the comment box to deface/redirect my site?
    - I'd like to add a page where people could fill out and submit work-orders to me for computer work - thoughts?
    - Is there an easy way to get my site at the top of the list when someone Googles "computer repair Corpus Christi"?
    - Is there any way to get my favicon to work again? GoDaddy says "no" - since I am using the domain name I purchased from them to redirect to my server's IP and I wish to mask that IP w/ the domain name - they just put a frame around my site... kind of shoddy if you ask me, but what do I know...

    The site: http://www.jeremydeanonline.com

    Your thoughts are appreciated! Thanks!
    - Jeremy
    My Corner of the Intarwebz: Jeremy Dean Online

  2. #2
    HYBR|D
    Guest
    You really absolutely positive you want us to have "Play Time" on it?

    can i just ddos the server until it goes off-line?

    is your ISP ok with you doing this sort of thing?

    wouldn't want you to get in trouble if they get all pissey over sudden large amounts of traffic clogging there interwebz.

    i'll have a play latter on, got a few other things on atm.

  3. #3
    Senior Member wiskic10_4's Avatar
    Join Date
    Jan 2004
    Location
    Corpus Christi, TX
    Posts
    254
    Well, it wasn't an open invitation for a DDOS attack, but I guess simply having a domain is an invitation for anyone who stumbles across your site and has waaay too much time on their hands.

    I was more concerned about the comments script I just added and whether or not it could be used to deface or redirect the site, as well as the other questions I asked in the OP.

    Certainly, my ISP isn't "ok" with me requesting DDOS attacks, but I would assume they would just unlease my modem if it was obvious that it was being DDOSed.

    And I and my family would be stuck w/out Internet until I was leased a new IP...
    My Corner of the Intarwebz: Jeremy Dean Online

  4. #4
    HYBR|D
    Guest
    Quote Originally Posted by wiskic10_4 View Post
    Well, it wasn't an open invitation for a DDOS attack, but I guess simply having a domain is an invitation for anyone who stumbles across your site and has waaay too much time on their hands.

    I was more concerned about the comments script I just added and whether or not it could be used to deface or redirect the site, as well as the other questions I asked in the OP.

    Certainly, my ISP isn't "ok" with me requesting DDOS attacks, but I would assume they would just unlease my modem if it was obvious that it was being DDOSed.

    And I and my family would be stuck w/out Internet until I was leased a new IP...
    It's more of a case that your running the site from your home, so 1 would assume it would be a weak connection, therefore if someone happened to flood the server thus causing it to lock up needing a reboot it would reviel all sorts of nifty info.

    the ISP question was more if your running the site from your home sever and if people/s started trying to mess with your site they would notice the "increase" of activity on your line and i was curious if they would re-act in a bad way.

    Not from just a Ddos but mainly what if someone pwns your site and uses it to inject malware to innocent visitors?

    I would assume your ISP would shut your connection down until it was fixed, causing yourself grief. & advertising here off all places "Hey everyone i'm runnig a website from my homeserver, come and see if you can pwn it so i can better lock it down" isn't the wisest thing to do.

    I was/am tempted to flood your line simply because it's something a skiddie would do, and that is what will happen posting a open request in a publicly viewable medium.

    Personally i would of either started a thread in Addicts or PM a view choice members.

  5. #5
    Senior Member wiskic10_4's Avatar
    Join Date
    Jan 2004
    Location
    Corpus Christi, TX
    Posts
    254
    Quote Originally Posted by HYBR|D
    It's more of a case that your running the site from your home, so 1 would assume it would be a weak connection, therefore if someone happened to flood the server thus causing it to lock up needing a reboot it would reviel all sorts of nifty info.
    I'm interested to know if someone could DDOS it into rebooting/locking up? I wouldn't think so - more likely it would just overload the router, causing a "back-up" - and put me offline... I'm sure there is a limit on how much traffic I can have incoming?

    Quote Originally Posted by HYBR|D
    the ISP question was more if your running the site from your home sever and if people/s started trying to mess with your site they would notice the "increase" of activity on your line and i was curious if they would re-act in a bad way.

    Not from just a Ddos but mainly what if someone pwns your site and uses it to inject malware to innocent visitors?
    I don't think there are any rules against running an apache/ssh server from your personal line? Nor any rules on "keeping it a secret"

    If someone compromised my site/server, I think I would figure it out and take it offline pretty quick. I don't get much traffic anyway - this is just my little hobby site.

    Quote Originally Posted by HYBR|D
    I would assume your ISP would shut your connection down until it was fixed, causing yourself grief. & advertising here off all places "Hey everyone i'm runnig a website from my homeserver, come and see if you can pwn it so i can better lock it down" isn't the wisest thing to do.
    Again, if it gets "pwnt" I'll take it offline. If I unplug the modem for 10mins, then request a new IP, my SOHO will have Internet access again, and I'll keep the server offline until I can better lock it down. If my ISP shuts me down, I'll call them and explain what has happened, and won't let it happen again.

    Quote Originally Posted by HYBR|D
    I was/am tempted to flood your line simply because it's something a skiddie would do, and that is what will happen posting a open request in a publicly viewable medium.

    Personally i would of either started a thread in Addicts or PM a view choice members.
    Well, if you don't have anything better to do...

    I guess maybe I don't fully understand the risk - it seems to me, if I get DDOSed, and it puts me offline, I could just grab a new IP address, and all of the bots that are attacking the old IP will just "time out" or whatever. I'm sure it wouldn't be the first time a skiddie had gotten someone's IP address and DDOSed them? I'm sure my ISP has seen it many times, and may even have preventive measures in place?

    I'm just trying to see what I can learn about hosting a site from home!
    My Corner of the Intarwebz: Jeremy Dean Online

  6. #6
    Junior Member mostafaxx's Avatar
    Join Date
    Jul 2010
    Location
    Egypt-damanhour
    Posts
    15
    nice site better than mine lol
    http://mostafa-soft.co.cc
    the script is doing mush of a good filtering for the input tried Cross-Site Script and sql injection

    but you would better find some kind of free hosting after all you use php which is free and open source so you would find mush free hosting out there supporting php and my_sql

    make sure you change the path to the script folder the admin page is right there
    http://24.155.56.128/comment_script_...dmin/index.php
    Decode the following to 8-Bit ASCII : 01001001 01110011 01101100 01100001 01101101 00100000 01101001 01110011 00100000 01110100 01101000 01100101 00100000 01110011 01101111 01101100 01110101 01110100 01101001 01101111 01101110

    <a rel=http://www.opensuse.org/en/" border="0" />

  7. #7
    Senior Member wiskic10_4's Avatar
    Join Date
    Jan 2004
    Location
    Corpus Christi, TX
    Posts
    254
    Thanks mostafaxx!!!

    Was that you that posted all that crap in the comments box!?

    Yeah, I need to change the script directory... I will - eventually - I'm not sure how much of a threat it really is? I'd be interested to see if anyone could brute-force their way into it... the username and password is fairly strong and unique...
    My Corner of the Intarwebz: Jeremy Dean Online

  8. #8
    Junior Member mostafaxx's Avatar
    Join Date
    Jul 2010
    Location
    Egypt-damanhour
    Posts
    15
    Was that you that posted all that crap in the comments box!?
    was trying to do some buffer overflow but i'mn't much of a buffer overruner ...

    any way after thinking a bit i agree you run your own server...
    Apache is really great server

    and that is a good way to learn how to run it..
    Decode the following to 8-Bit ASCII : 01001001 01110011 01101100 01100001 01101101 00100000 01101001 01110011 00100000 01110100 01101000 01100101 00100000 01110011 01101111 01101100 01110101 01110100 01101001 01101111 01101110

    <a rel=http://www.opensuse.org/en/" border="0" />

  9. #9
    HYBR|D
    Guest
    is it redirecting any1 else back to here? i've got it working in internet explorer & chrome

    firefox ain't re-directing.

  10. #10
    Senior Member wiskic10_4's Avatar
    Join Date
    Jan 2004
    Location
    Corpus Christi, TX
    Posts
    254
    Thanks HYBR|D,

    It's not re-directing under any browser for me - I tried:
    Under Windows 7 64: IE 8.0 (32 and 64 Bit), Firefox, Chrome 8.0.552.224, Opera v10.63
    Under Slackware 13.0: SeaMonkey. Firefox, Konquerer

    I'll leave the comments up for the next 48hrs and see if it's redirecting anyone else.
    My Corner of the Intarwebz: Jeremy Dean Online

Similar Threads

  1. Firefox marketing site hacked
    By intmon in forum Security News
    Replies: 1
    Last Post: July 15th, 2005, 06:52 PM
  2. Is This Really A security Site
    By SwordFish_13 in forum AntiOnline's General Chit Chat
    Replies: 19
    Last Post: April 5th, 2004, 04:40 AM
  3. VeriSign sues ICANN to restore Site Finder
    By SDK in forum AntiOnline's General Chit Chat
    Replies: 0
    Last Post: February 27th, 2004, 02:56 PM
  4. Al-Jazeera Web Site Faces Continued Hacker Attacks
    By DigitalSyntax in forum Web Security
    Replies: 0
    Last Post: March 27th, 2003, 07:25 PM
  5. USA Today: Hackers vandalized our site
    By NetSyn in forum AntiOnline's General Chit Chat
    Replies: 2
    Last Post: July 13th, 2002, 08:40 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides