Hacker Beware - Joomla Security Script - ToDo and Future Development

Like all scripts 'Hacker Beware!' is to some extent a work in progress. Security related scripts have to be extra careful to ensure that the script intended to protect the Joomla site does not in fact introduce new vulnerabilities. Scripts that are security related (as this one is), and scripts that are made by interested amateurs (as this one is) need to be even more cautious.

With this in mind I have identified the need to have the code reviewed by someone who is more qualified than myself to judge the likelihood of my making a mistake and introducing vulnerabilities into someone's site. Whilst I am not altogether inexperienced in programming - I recognise that I am but an amateur and that it is wise to seek input from those better qualified to judge my work.

With that said - here is my list of issues for investigation and also ideas for future development:

Hacker Beware! To Do List

1. Get code checked over by a *real* programmer

check for possible security vulnerabilities
Obviously I would hate to be responsible for introducing the possibility of attacks into other people's systems. The idea appears valid and the implementation looks sound (to my untrained eye).

2. Check need to sanitise input.

Input is created / read in from a GET Query string introduced during the .htaccess redirect
A malicious user could directly pass a query string to the hacker_beware script.
What are the implications of this?
The query string is 'printed' to the standard output stream if $debug_this_script is set to 1 (on).

Hacker Beware! Future Development:

1. Investigate automatic host lookup / whois lookup

to obtain 'abuse@' e-mail address and send automatic e-mail to try and get the abuser's account removed/restricted - or at least have the unwitting webmaster of a hacked site alerted that they are being used as a launchpad for such attacks.

2. Investigate possible notification to a central server

Doing so would mean that other Joomla powered sites can block rogue IP addresses BEFORE they have even been probed by the hacker. In effect the hacker makes one attempt on one site and gets blocked from ALL signed up Joomla sites.

This would also allow for monitoring of trends and alert us to any rise in hacking activity.

Thoughts anyone? Does that sound do-able? useful?

 
< Prev   Next >

Buy Hacker Beware Now

Hacker Beware! is now available for purchase and download through our online store

Buy Now!
Only £10.00

Web designer Lancaster and Morecambe PHP Amazon store script Pipex Internet Pipex broadband review Pipex criminal fraud Bulletproof Themes Bulletproof Themes UK Dean Marshall Mambo and Joomla Consultant | Joomla and Mambo consultants Joomla Amazon Component British English crossword and anagram solver British English crossword and anagram solver Professional Researcher Professional Researcher
The JoomlaSphere | The JoomlaSphere | The JoomlaSphere | The JoomlaSphere JoomlaMonkey | JoomlaMonkey | UK Joomla Consultancy Services Joomla Consultancy Services UK Joomla Consultancy Services Joomla Consultancy Services
Buy gifts for women UK Buy gifts for men UK find gifts for men UK Buy gifts for women UK Buy gadgets Buy gifts for gays UK Buy gifts for gays UK Buy toys in the UK
The Mambo Foundation Mambo Tracker Mambo Foundation Membership Mambo Foundation Home Download The Source Forum Donate Newsroom Mambo Love Mambo Documentation Alternative documentation Software Forge Bug Tracker SVN Instructions Mambo on the Forge Joint Commercial Developers Extensions for Joomla and Mambo Amazon Products Feed Bridge Joomla Amazon Components - Amazon Products Feed Bridge Million Dollar Pet Pix - Make your pet a star