SOLDIERX.COM Nobody Can Stop Information Insemination

So I'm looking for a good VPN provider and was wondering if you guys had any opinions/suggestions. Mainly I'm looking for something that has openVP and keeps no real logs. Thanks in advanced for any advice.

hey all I have been using php for a while so I am aware of how to sanitize data on a website from SQL injection however recently I have decided to make my own forum and have never sanitized a string that contains BBcode and can't find much on it via search engines. when I use mysql_real_escape_string() on it the output ruins the BBcode entries. Can anyone please advise how to handle this in a better way? what charcters should I sanitize from the data. Thank you for any help on this matter.

I have the CEHv7 toolkit and would be more than willing to upload it for SX use. Would someone please let me know what the process for uploading and submitting this toolset is. I also hope that I have posted this in the correct forum topic as I wasnt sure whether Hacking or security was the proper location to post this.

So I wasnt sure whether to put this under security or hacking... so I chose security.

So I am in the process of starting a new web design company

I have a team of guys proficient in Joomla, Wordpress, Drupal, MODx, Mambo, and a Few other CMS apps...

So I am wondering what tools are best to use for security checks on Joomla, and WordPress. I want to make sure I do an ethical hack on all my clients sites to verify security is properly in place prior to making their sites completely live and vulnerable to the world. I was thinking burbsite sounded good, Brutus as an oldy but goody... I am just curious what is best for checking for cross site scripting vulnerabilities, and sql injection vulnerabilities (I ALWAYS change the sql tables prefix from the standard jos_ to something random) but still need to scan for vulnerabilities. I have implemented all the following security protocols on the Joomla Sites:

-Easy update / refresh of the core Joomla! files

I'm a junior standing at college majoring in computer science. I would like to specialize in network security but I noticed the major is generalized for programming, networking, security, and web development. So I have been reading books on my own such as metasploit, 24 sins of software security, hacking: the art of exploitation, etc. My question is should I continue learning on my own or is there a logical method. Not a guide or tutorial but more of learn a, learn b, apply both to figure out c. Something of that nature. Second, to all the professionals here, what are need to know requirements for positions in this field of work. Languages? Databases? OS? Mentality? Etc. Thanks.

Let me know if you think my framework is useful: https://devio.us/~sigflup/concr/#

Have you tried it?

I've set it up to put a wringer on traffic. I calculated yesterday that spam and attacks on my site have increased 3657% percent versus last year. I don't have any problem denying the attacks, nothing ever gets posted. But it really sucks the bandwidth, even when using dynamic block lists, honey pots, etc.

(http://www.spambotsecurity.com/zbblock.php)

Apparently there is another unrelated project with a similar name for protecting Counter Strike servers. Interesting coincidence given that was a recent forum topic (http://zblock.mgamez.eu/).

I'm in the process of building a dedicated UTM appliance to replace my Netgear WNDR3700 router. I feel that the Netgear has very limited options even with the custom DD-WRT firmware loaded on it.

I've done quite a bit of research and have narrowed the field to Untangle, pfSense, Endian and Astaro.

I would be using the free/community version of each of these products. Does anyone have any personal experience with any of these products?

Any advice would be greatly appreciated.

I'm an italian student of computer engineering.
I'm preparing the final test about security of mobile banking. I need to know how banks grants the security of their transaction (at the low level and not high one) and if there are some vulnerabilities.

If you don't have these information could paste only the link which have them.

hope in a useful answer

regards

Ok I was bored today and thought I'd try my hand at finding a SQL injection problem in wordpress some wordpress plugins. Lo and behold I found one. It wasn't that hard and it really doesn't do much. You could perform a DOS attack with this and that would be lame and that's why they need to fix it. Then again if your host has proper mysqld kill scripts set into place, it's only a small annoyance.

You can find the plugin page right here http://wordpress.org/extend/plugins/contact-form-wordpress/

It's actually one of the more popular plugins people use for some reason. So I guess if you wrote a script to search for id="easyform" in the html output you could find alot of blogs using this its only been downloaded 1,666 times so there has to be at least 600 blogs out there using it.

Remember that WOW upside down spells MOM. Keep that in mind for future reference. OFYLTA