Ah ok Joseph, thanks for clarifying ----- Original Message ----- | From: "Joseph Tintale" <jayxtintale@gmail.com> | To: "Skunkworks Mailing List" <skunkworks@lists.my.co.ke> | Sent: Lunes, 24 de Febrero 2014 7:23:09 | Subject: Re: [Skunkworks] ECCouncil Hacked | @Steve, did you ever hear me say that you shouldn't do anything and | wait for hack3rs to break your site? FYI, I'm a security researcher | and always take web security seriously. | As much as one tries to mitigate exploits, there are several advanced | techniques which hack3rs use to break sites. These include: | WAF bypasses, encoding sniffing, external entity injection and | advanced SQL injection. | KR, | Joseph. | On Mon, Feb 24, 2014 at 9:52 AM, Steve Obbayi < steve@sobbayi.com > | wrote: | | @Joseph I don't agree with your attitude to a high degree. To be | | honest if your were to ask me to develop my site, I would run away | | so fast in the opposite direction. Hackers spend a lot of time | | finding exploits... why can't you as a developer spend as much or | | more time hardening your website or finding new ways to beat these | | guys, or recovering as fast as possible from an attack? You don't | | just sit and say since PayPal or VISA were hacked, there is nothing | | that can be done. | | | Here is an example of doing something right other than throwing | | hands | | up in the air | | | http://blog.cloudflare.com/good-news-vulnerable-ntp-servers-closing-down | | | My advice to Janiffer, keep worrying and let that worry be positive | | in that in makes you become better techie. | | | Steve | | | | From: "Joseph Tintale" < jayxtintale@gmail.com > | | | | | | To: "janiffer muthama" < j_muthama@yahoo.com >, "Skunkworks | | | Mailing | | | List" < skunkworks@lists.my.co.ke > | | | | | | Sent: Lunes, 24 de Febrero 2014 6:18:50 | | | | | | Subject: Re: [Skunkworks] ECCouncil Hacked | | | | | | Janiffer, | | | | | | What you need to understand is that all websites are vulnerable | | | to | | | hacking. These hackers spend lots of time finding exploits on | | | their | | | targets. | | | | | | There's also DDOS which is quite hard to mitigate and major sites | | | like visa and paypal have suffered occasionally from these type | | | of | | | attach. | | | | | | As a student worry not should you, because worrying is as | | | effective | | | as trying to solve an algebra equation by chewing bubblegum. | | | | | | KR, | | | | | | Joseph. | | | | | | On Monday, February 24, 2014, janiffer muthama < | | | j_muthama@yahoo.com | | | > wrote: | | | | | | | http://www.eccouncil...org | | | | | | | | | | I thought Eccouncil offers certifications to provide the | | | | foundation | | | | needed by every Electronic Commerce and Security Professional!, | | | | The | | | | professionals are trained by "super professionals" who are | | | | supposed | | | | to build and manage an organization’s networking and security | | | | operations and to effectively utilize various resources to | | | | achieve | | | | operation excellence. | | | | | | | | | | Now their site is hacked!! how now??, a shame on their | | | | professionalism or alama ya Dugudugu? | | | | | | | | | | Worried student... | | | | | | | | | _______________________________________________ | | | | | | skunkworks mailing list | | | | | | skunkworks@lists.my.co.ke | | | | | | ------------ | | | | | | List info, subscribe/unsubscribe | | | | | | http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks | | | | | | ------------ | | | | | | Skunkworks Rules | | | | | | http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 | | | | | | ------------ | | | | | | Other services @ http://my.co.ke | | | | | _______________________________________________ | | | skunkworks mailing list | | | skunkworks@lists.my.co.ke | | | ------------ | | | List info, subscribe/unsubscribe | | | http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks | | | ------------ | | | Skunkworks Rules | | | http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 | | | ------------ | | | Other services @ http://my.co..ke | | _______________________________________________ | skunkworks mailing list | skunkworks@lists.my.co.ke | ------------ | List info, subscribe/unsubscribe | http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks | ------------ | Skunkworks Rules | http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 | ------------ | Other services @ http://my.co.ke