Nguyen Thanh Cong's Confidence (DanTruongX) And Some Methods to Prevent Denial of Service from xFlash
Before doing this article, I wanted to send my apology to Viet Co and its customers. I am very regretful of the things I have done, just because of my superficial and aggressive actions, which have adversely affected the Vietnamese e-commerce environment. I hope to have a forgiveness from everyone, so that I can start over, start a new, better, more useful life. And I hope that you will have a chance to improve and contribute a part to the development of information technology in Vietnam.
And then I want to give you some methods, prevent and limit the harmful effects caused by xFlash DDoS.
In my study too. First in about 2002 in the process of researching information technology, our group of love kids discovered security holes of IE and Flash, applications from Action Script programming code in Macromedia Flash. From those errors, we were quickly applied by the group of children with the purpose of children who are passionate and like to express themselves.
And from the agile actions that helped us quickly gain popularity in the "Network of the Lake" without knowing that it was a misconduct that endangered the situation of E-commerce in Vietnam later. and now I really regret it.
However, since our baby group discovered it and expressed itself, we still have a purpose of honoring that we should never hack or hack into government networks, domains or servers that are set. in Vietnam.
And realize your wrongdoings. now I want to bring some knowledge about preventing from the harm caused by xFlash DDoS:
- If you use a Linux Server that uses CPanel when it detects that DDoS is available if you have root access right away, Suppend Site is being hacked and temporary password is installed after completing the password settings for the folder or site. Under attack, you can Unsuppend to continue watching.
Create a .htaccess file placed in the directory or site that is being flooded as follows:
.htaccess
****************************
AuthUserFile /forum/.htpasswd
AuthGroupFile / dev / null
AuthName "Password Protected Area"
AuthType Basic
****************************
and create a .htpasswd file
****************************
@domain :: @ dGdK8ZQg / FjU
****************************
The above user and pass are: @domain:
The above is just an example where you can go to http://google.com and Search with the keyword .htaccess Generator to create your own password at will.
You should leave the password with the @ symbol in front and the sign: behind because WinXP has fixed the URL entry password: http:/// user: pass@domain.com/, if there is @ and: then the Attacker will not be able to pass By entering User and Pass directly by URL.
Then your job is to create an appropriate Firewall configuration for your site.
.htaccess
************************************************** ******
RewriteEngine on
RewriteCond% {HTTP_REFERER}! ^ Http (s)?: // (www.)? Tenmienbitancong.com [NC]
RewriteRule. (Php | html | asp) $ http://sitefirewall.com [NC, R, L]
************************************************** ******
With Mod Rewrite on you can fight up to 95% of DDoS damage caused by xFlash, it prevents you from harming xFlash's automatic access to your site.
Explanation: on your server, run the programming code of PHP, ASP, HTML when an Attacker attacks the site you specifically have, such as attacking http://tenmienbitancong.com/ it will read the index.php file at This Mod Rewrite will work and Foward will go to http://sitefirewall.com then from http://sitefirewall.com you place a code like this:
Go to Web Site
If you are a real visitor, they will Click "Go to Web SIte" to gain access to the site. if you enter "hiden xFlash" and it will not be accessible. You can study a number of ModRewrite types. Combine with the source code on your site to better configure your site against xFlash.
With these two ways you can rest assured that your site will pass xFlash. As for the room method, there is only one method: access to the address
http://macromedia.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash&promoid=BIOW and upgrade to the latest version "FLASH PLAYER" you will be assured that you will no longer be a hidden Client for XFlash DDoS. And this upgrade is completely free.
And by the way, I want to give advice to those who are currently Attacker and who are intending to be Attacker, so think more carefully not because of personal conflicts or because of the reputation of being lacking in action. Thinking like me that your honor and future might be lost, I hope that hackers in Vietnam should take actions to improve their lives to have a good and useful future for life. Do useful things to contribute to the development of Vietnamese informatics and in your work, focus on working and earning money from your own effort and wisdom.
If you need support or questions regarding xFlash DDoS prevention, I would like to answer and support you. Wishing to help you, businesses that are suffering from DDoS by xFlash and more than ever, it's a desire, an action, a sincere apology to everyone of a person who really recognizes. Mistake, really regret, to help me start over.
In addition, I would like to thank the brothers at security365.org, and the friends who encouraged, advised and guided me to follow the true path.
The email questions or questions, please send to tbcong911@yahoo.com
Nguyen Thanh Cong
You should read it
May be interested
- Thanh Minh and Vietnamese customsdetails thanh minh is a time when most people come back to their roots and remember the deceased. so, what kind of customs do we have in vietnamese?
- How to prevent DDoS attack with Nginxdistributed denial of service (ddos) attacks, through abusive digital communications tactics, overload server resources.
- Some basic points about the mechanism of attacking SQL Injection and DDoSin most of our users, many people have heard of the concept of attacking and hijacking websites with the method of sql injection - sqli and (distributed) denial of service - ddos.
- Telegram is heavily DDoS-heavy, but no significant damage is recordedtelegram messenger, one of the world's largest online messaging platforms, has recently been attacked by ddos (distributed denial of service), but the problem has quickly been resolved by security teams. things seem to have gradually returned to stability.
- Basic steps to build self-confidence in childrenas parents, we all want our children to feel confident in themselves. here's how to help your child build self-confidence.
- Belgium suffered an unprecedented DDoS attackbelgium, a country in the european union (eu), has suffered an unprecedented distributed denial of service (ddos) campaign.
- Do you know what is the preferred 'prey' of DDoS attack?distributed denial of service (ddos) is a common method used by hackers to try to bring down a website.
- What are Volumetric Attacks? How to Detect and Prevent Them Effectivelyvolumetric attacks are a type of cyber attack that falls under the category of ddos (distributed denial of service). attackers will send large amounts of unwanted data to a specific target in order to overload that system.
- CONFIDENCE.T function - The function returns the confidence interval of the population by using the Student's t-distribution in Excelconfidence.t function: the function returns the confidence interval of the population by using the student's t-distribution. support functions from excel 2010 onwards. syntax: confidence.norm (alpha, standard_dev, size)
- How to recognize, prevent and treat flu by natural methodshere's how to recognize, prevent and treat flu by natural methods.