Did you know if your website is probably leaking some confidential information?
Your reviewer looked at found several insecure websites owned by some Delphi vendors ... which could lead to unwanted logins and downloads.
Unfamiliar Questions
Q1: Is your website secure, like only you can Login into, or 101 people can illegally login from your site?
Q2: Did you ever consider updating that Windows server with all service packs, and with all updates?
Q3: Did you consider getting latest version of that forum you use, you know, like PHPBb, or latest Snitz forum before someone review your site for holes?
Q4: Did you ever consider securing MySQL access, so only you can use it, or is there 50 extra "guest logins" to access your forum, and possibly that private WordPress blog on your site? Also that private X-rated photoblog, or maybe Dear Diary site :)
Q5: Did you ever consider securing MSSQL access to your server, so only you can use it, Maybe someone from China or maybe South Africa can access your MSSQL server found on your server? Maybe they downloaded some extra stuff, like that version control backup!
Q6: Did you ever consider securing mail server, you know, someone else could be reading your email? (They do it by getting the mail, and then not deleting the content.)
Q7: Is someone else having extra access to your FTP site? Did Paul, John, or maybe Norman Bates (from Psycho) recently login or running a password attack exploit on your FTP? Have you consider getting an SSL/FTP site instead?
Q8: Did you ever consider buying a high-end firewall for your server and constant anti-virus scanning? you know, to prevent those extra ports from opening without your knowledge?
Q9: Did you ever consider looking at the Windows User list, are there more users than physical users?, More administrators than normal users?
Q10: Did you ever consider someone else maybe using your website or servers without your knowledge? Maybe there are extra unwanted directories or maybe extra ISO files for no reason? Did you look hard enough?
Q11: Does your server send spam without your knowledge? Or maybe have some extra unwanted IP address?
Maybe things go bonk at night, but really, have a hard review of security on your servers. But of course, for some vendors, your reviewer just keeps quiet...
Your reviewer, DelphiHater once told a few Delphi Vendors about some stupid security issue on their website, and was told to *********-OFF and get lost.
but really, who cares? they would shoot the messenger, maybe the vendor deserves it.
Your reviewer looked at found several insecure websites owned by some Delphi vendors ... which could lead to unwanted logins and downloads.
Unfamiliar Questions
Q1: Is your website secure, like only you can Login into, or 101 people can illegally login from your site?
Q2: Did you ever consider updating that Windows server with all service packs, and with all updates?
Q3: Did you consider getting latest version of that forum you use, you know, like PHPBb, or latest Snitz forum before someone review your site for holes?
Q4: Did you ever consider securing MySQL access, so only you can use it, or is there 50 extra "guest logins" to access your forum, and possibly that private WordPress blog on your site? Also that private X-rated photoblog, or maybe Dear Diary site :)
Q5: Did you ever consider securing MSSQL access to your server, so only you can use it, Maybe someone from China or maybe South Africa can access your MSSQL server found on your server? Maybe they downloaded some extra stuff, like that version control backup!
Q6: Did you ever consider securing mail server, you know, someone else could be reading your email? (They do it by getting the mail, and then not deleting the content.)
Q7: Is someone else having extra access to your FTP site? Did Paul, John, or maybe Norman Bates (from Psycho) recently login or running a password attack exploit on your FTP? Have you consider getting an SSL/FTP site instead?
Q8: Did you ever consider buying a high-end firewall for your server and constant anti-virus scanning? you know, to prevent those extra ports from opening without your knowledge?
Q9: Did you ever consider looking at the Windows User list, are there more users than physical users?, More administrators than normal users?
Q10: Did you ever consider someone else maybe using your website or servers without your knowledge? Maybe there are extra unwanted directories or maybe extra ISO files for no reason? Did you look hard enough?
Q11: Does your server send spam without your knowledge? Or maybe have some extra unwanted IP address?
Maybe things go bonk at night, but really, have a hard review of security on your servers. But of course, for some vendors, your reviewer just keeps quiet...
Your reviewer, DelphiHater once told a few Delphi Vendors about some stupid security issue on their website, and was told to *********-OFF and get lost.
but really, who cares? they would shoot the messenger, maybe the vendor deserves it.
No comments:
Post a Comment