Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Topic Options
#321280 - 09/04/2009 11:33 Webstore protection
Phoenix42
veteran

Registered: 21/03/2002
Posts: 1424
Loc: MA but Irish born
A friend of mind run a webstore that was hacked last month. Unfortunately due to a change in the CC module the site was storing the full 16 digits not just the last 4 as it previously did. This has resulted in several of his customers, including me, having their CC numbers stolen.

What I am wondering is are their products out there that he can use to verify that there are no know flaws in his site that could be used to hack it? It uses osCommerce.

Top
#321281 - 09/04/2009 11:54 Re: Webstore protection [Re: Phoenix42]
DWallach
carpal tunnel

Registered: 30/04/2000
Posts: 3810
Quote:
What I am wondering is are their products out there that he can use to verify that there are no know flaws in his site that could be used to hack it? It uses osCommerce.

If only it were so simple. There's a whole industry of consultants who offer their time to help people like your friend secure their sites, and there are some automated tools out there, particularly for finding things like buffer overflows, but security auditing is still largely a manual process done by experts.

Top
#321307 - 09/04/2009 21:39 Re: Webstore protection [Re: DWallach]
siberia37
old hand

Registered: 09/01/2002
Posts: 702
Loc: Tacoma,WA
SQL Injection, Cross Site Scripting, known exploits in server software code. Those are the big ones to start with. Once you get those holes closed you are basically just as secure as everybody else.

Top
#321314 - 10/04/2009 08:13 Re: Webstore protection [Re: Phoenix42]
Mojo
Unregistered


Like the others said, not really. But if you want to throw money at it, you can place a McAfee or ScanAlert "Hacker Safe" logo on your website for about $1500/year.

I believe it port scans your site everyday looking for known vulnerabilities.


Edited by Mojo (10/04/2009 08:17)

Top