Alan's Blog

"Yeah. I wrote a script that will do that."

Every site is hackable

Posted on April 14th, 2011

WordPress.com was hacked yesterday, see; http://en.blog.wordpress.com/2011/04/13/security/.  The IRS had a hacked website last week.  Almost ever site can be hacked give sufficient resources.  Especially when you do not have full control of ever element.

I do what I can. I don’t use a back end database to avoid cross site scripting attacks, and I much of my site is boring and hand coded.  I have no advertising as this is a gateway for malware. But I host my system commercially, and use commercial software. My host could be hacked.  WordPress could be vulnerable. 

You can get exposed to malware even from legitimate sites.  What can you do? 

  • Run your browser sandboxed –  I am using Chrome which has its own sandbox
  • Do not use an admin account for daily information
  • Don’t turn off UAC for Windows 7, even it it annoys you.
  • Secunia PSI can help you stay current.
  • Keep a backup of your important files
  • Use a password keeper that generates random passwords.  I use KeyPass
  • Opt out of having a site keep your credit card where you can.  I have had two replacement credit cards from online vendor hacks

Tags:
Filed under Security | No Comments »

Please Note

All the scripts are saved as .txt files. Newer files have a "View Script" button which will let you save or open a script in notepad. For earlier posts, the easiest way to download with IE is to right click on the link and use "Save Target As". Rename file from Name_ext.txt to Name.ext.

To see a full post after searching, please click on the title.

PowerShell Scripts were written with Version 3 or 4.

https connections are supported.

All new users accounts must be approved, as are comments. Please be patient. It is pretty easy to figure out my email address from the scripts, and you are welcome to contact me that way.

Site Search

Categories

Archives

SQL Site

Bad Behavior has blocked 169 access attempts in the last 7 days.