You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 590 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Fortress™ & UTC Updates
SecurityBoth Fortress™ & Union Tap Code (UTC) have been updated to now catch bad HTML tags that are injected into your server. Back in the PHP-Nuke 5.x days I worked with Francisco to enhance the bad tag catching to what it is today. Fortress™ now monitors this along with Union Tap Code.

So this next version not only checks for UNION SQL injections that try to pass SELECT, TRUNCATE, DROP, DELETE, INSERT, UPDATE queries in plaintext, base64, and HEX, it also monitors for the C language comment code used to mask injections, plus it watches for any bad HTML tags that are injected to your server. Welcome BanOnDemand™ at this point, and the suspect is banned. Estimated time to release is this weekend barring any emergencies.
Posted on Wednesday, May 19 @ 15:27:02 CEST by Zhen-Xjell
 
Related Links
· Computer Cops
· More about Security
· News by Zhen-Xjell


Most read story about Security:
PHP-Nuke admin.php security hole - PATCHED

Article Rating
Average Score: 1.8
Votes: 10


Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad


Options

 Printer Friendly Page  Printer Friendly Page

 Send to a Friend  Send to a Friend

Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register

Re: Fortress™ & UTC Updates (Score: 1)
by nuke-lux on Wednesday, May 19 @ 19:34:43 CEST
(User Info | Send a Message) http://www.nukecommunity.com
it's hard to wait, but i really look forward, fortress could really close some bad security holes of phpnuke ... i have one nuke site hacked every week and it's boring to update my 50 sites every week because somebody found a small hole that some ass wants to test on my site...



Re: Fortress™ & UTC Updates (Score: 1)
by pajucki on Wednesday, May 19 @ 23:22:54 CEST
(User Info | Send a Message)
Is there any way we can directly support this project financially, besides the nuke cops paypal account? I would be willing to pay to support this project if it works, and would consider paying a monthly subscription to receive updates, fourm based support. I've yet to install it, but if it works, it's worth money. I looked for it at sourceforge, but didn't see it there. No doubt, there is a thread here somewhere that explains why. I read through the thread " The Official Nuke Cops Business Model [www.nukecops.com]" Good luck with the rollout. As a rookie, I appreciate all the work on this project.



Re: Fortress™ & UTC Updates (Score: 1)
by SaraHol on Thursday, May 20 @ 03:05:14 CEST
(User Info | Send a Message)
"Both Fortress™ & Union Tap Code (UTC) have been updated to now catch bad HTML tags that are injected into your server"

OK, I know there is a wait for Fortress to be ready, but what abou tthe UTC?

Is the updated version of that available anywhere, and if so, where?

It's kinda spooky sitting here KNOWING that there is a vulnerability there, a fix for it, and I can't put the two together.



Re: Fortress™ & UTC Updates (Score: 1)
by Zhen-Xjell on Thursday, May 20 @ 09:34:49 CEST
(User Info | Send a Message) http://castlecops.com
Thankfully folks have been helping me debug the new code by sending special URLs. I'm making the code tighter.



Cyrillic font characters bug (Score: 1)
by Truden on Thursday, May 20 @ 16:38:28 CEST
(User Info | Send a Message) http://truden.com
Do you know that Fortress is alarming on any accessed link that contains Cyrillic font characters?


Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.075 Seconds - 223 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::