Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


FraudRecord - Member Email Addresses Leaked - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

FraudRecord - Member Email Addresses Leaked

2»

Comments

  • I was honestly thinking of creating an account (to see how FraudRecord works and if some scammy host put a record against me), but I'm quite hesitant on doing so now. I feel it would be a major privacy risk if I signed up with my personal information.

  • Did anyone grab the data? I'm not interested in the email addresses, but having a domain list of providers would be nice, it might save time finding new hosts.

  • MicrolinuxMicrolinux Member
    edited February 2015

    Evidently a blank index.html is the new standard for security. I have no word to describe that other than "moronic".

    Thanked by 1Mark_R
  • jarjar Patron Provider, Top Host, Veteran
    edited February 2015

    @Microlinux said:
    Evidently a blank index.html is the new standard for security. I have no word to describe that other than "moronic".

    It's not at all uncommon though. Honestly people who take any steps whatsoever to secure data, I propose, are the minority. Most people don't have a clue where to start and many of them are perfectly satisfied by "I can't think of anyone that would want to attack me so I don't need to secure anything."

    I mean there's still people out there running WHMCS from 2009 without updates. It's getting harder and harder for me to be outraged by anyone's lack of security these days, takes too much energy.

    Thanked by 2Microlinux geekalot
  • @Jar said:
    I mean there's still people out there running WHMCS from 2009 without updates. It's getting harder and harder for me to be outraged by anyone's lack of security these days, takes too much energy.

    Any sound advice you'd care to share on good web security practices?

  • jarjar Patron Provider, Top Host, Veteran
    edited February 2015

    @Pwner said:
    Any sound advice you'd care to share on good web security practices?

    Keep things up to date, convenience be damned. Make use of web server features to forcefully block public access to things people don't need to be accessing, make your own mod_sec (or equivalent) rules based on common tactics you see in log audits. Also, do log audits :)

    Always remember, you are a target. Doesn't matter who you are or what you do.

    Thanked by 2Pwner geekalot
  • @Jar said:
    Keep things up to date, convenience be damned. Make use of web server features to forcefully block public access to things people don't need to be accessing, make your own mod_sec (or equivalent) rules based on common tactics you see in log audits. Also, do log audits :)

    I appreciate it, just getting into some programming courses in college and it's going to be a while before I get to the security classes. I still prefer learning as much as I can about the category just for my own accord. This should give me a nice start. :-)

    Thanked by 1jar
  • @Pwner said:
    Any sound advice you'd care to share on good web security practices?

    What @Jar said, and also this: do not, under any circumstances (doesn't matter if it's not in production, etc) ever trust ANY data not to be malicious or invalid. Sanitize everything.

    Also, MySQL injection is not the only dangerous attack. There are many other attacks which can have very serious consequences, and you should research on them.

    You won't be able to fight something until you learn what you need to fight against.

    Thanked by 4jar Pwner lazyt geekalot
  • @Pwner said:
    I appreciate it, just getting into some programming courses in college and it's going to be a while before I get to the security classes. I still prefer learning as much as I can about the category just for my own accord. This should give me a nice start. :-)

    @Pwner, many things about IT Security you can read about, but unfortunately some things you get by getting your hands dirty (i.e., running a system and observing the attack vectors used against it).

    Take LET for example, beautiful playground to learn the various attack vectors used against your site(s). :-)

    To get a good idea what you can read up on/get certified in, just do a search on "internet security certifications" -- there are some nice lists of "Top IT Security Certifications."

    IMHO, these days in IT the right certification >>>>>>> "formal" education (but please don't construe this as a knock against getting formal education). IT certifications are what employers seek (or pay for) almost above all else.

    Cheers

    Thanked by 1Pwner
Sign In or Register to comment.