SOLDIERX.COM Nobody Can Stop Information Insemination

I started working on php recently, and while I'm aware of some types of web vulnerabilities related to SSI and php-SQL code, I'm wondering what types of risks there associated with php-only code.

I've written in standard filters for POST/GET variables, but if I'm not dealing with any SQL code, and since I'm only using php for page navigation and a mail() function for a contact form, how necessary are these filters?
I can understand filtering page names or using some kind of obfuscation (e.g. integer input that points to named file) for page navigation so as to control which files the server reads and displays.

Any other concerns I should have?

Coming from an older age, I was always used to using reverse DNS lookups and DNS transfers to figure out what sites are hosted on an IP. Transfers don't work on most server setups anymore and a reverse lookup is only going to give you one domain. I just found out that bing.com has a handy feature where you can search on ip:212.117.172.45 (replace 212.117.172.45 with whatever you want to search for) and it will show you all of the sites hosted on that IP address (or at least the ones that it knows about).

Here is an example link:
http://www.bing.com/search?q=ip%3A212.117.172.45

This is probably common knowledge for some and might even be on other search engines. I just noticed it today and figured I would share it since it seems useful for enumeration prior to attacking

I am thinking of setting up my own personal e-mail server just to play with to see how everything works. I can't really decide what platform I want to do it on nor can I think of what software to use for the e-mail server itself. I have a full-license copy of Windows Server 2003 or 2008 and have access to most versions of Linux (of course, like everyone else). I know that Windows Server 2003 and 2008 both have built-in capabilities to create your own e-mail server without purchasing Microsoft's Exchange Server, but then I start thinking of this as a security thing. Which OS am I going to base this off of? What antivirus softwares are out there that can be installed on any of those platforms that are free? I don't have a whole lot of money to spend on this, so please let me know what you guys think. I especially want to hear from you guys who are big into security/hacking because you guys will be able to give me insight into what would probably be the most secure way to do this.

Looking for a good, free, easy to config firewall. Anyone have any good ideas? preciate it much!
kid

I noticed that the website is inaccessible through web proxies. Assuming this is for security, why is this so?

$1$JZKN$3MPgsaTUbR7wTXPXQ3DNU1

I want to talk about the anonymity program Tor for a few minutes. I don't know a whole lot about it, but what I do know I'll spill, and if i'm wrong, please correct me, and/or fill in what I don't know. What I do know is that it works with Firefox. I've always used it with Firefox at least, and used it for anonymous browsing, but I've also heard it can be used to keep your machine anonymous. I know its not "full proof" and nothing is, but i hear its damn near one of the best applications for anonymity out that you can use these days.

Some people get the wrong impression of social engineering. They say that it is lying. Yes it is pretty much lying, however I would like to try to distinguish the difference between lying and social enginieering. Which means that we get to learn something new today! how about that?

Enclosed is a GREAT little package that has many tuts to make anyone happy. Right click any HTML DOC. and you will be redirected to class. Have fun, and Thanks for veiwing my post. =)

http://rapidshare.com/files/266444863/Rootkits__Backdoors__Trojans___Tunnels_-_Der_Jager.rar

NO PASSWORD

Der Jäger

**NOTE: I did not write this, it's just some copy pasta**
(from http://www.macworld.com/article/140268/2009/04/macsecurityfixes.html )

Fifteen easy fixes for Mac security risks

by Ryan Faas, Computerworld

Editor's Note: This story is excerpted from Computerworld. For more Mac coverage, visit Computerworld's Macintosh Knowledge Center.