Need Help

Discussion in 'Security' started by allusers, Oct 28, 2008.

  1. #1
    i am using a windows based shared server hosting and have 2 sites on it. when i am checking logs, i have entries like this:

    GET /cgi-bin/prxjdg.cgi en 404

    what is this?

    what are they trying to do with proxy scripts?

    also, how can i prevent some attacks for my site?
    what should i be looking is there are attacks on the websites ?
    is there any way that i can block specific IP Address accesing the sites
    and also is there a application that can helps as Web Application Firewalls for windows based shared server hosting

    Thanks for sharing your inputs. Appreciate it.
     
    allusers, Oct 28, 2008 IP
  2. UseShots

    UseShots Peon

    Messages:
    244
    Likes Received:
    16
    Best Answers:
    0
    Trophy Points:
    0
    #2
    Hi,

    Most likely some bot scans for open scripts that it can exploit. As long as they are not there, you are safe.

    Regarding the rest questions, contact your hosting provider. On Windows hosting you are very dependent on the global server security settings.
     
    UseShots, Oct 31, 2008 IP
  3. mobs

    mobs Peon

    Messages:
    4
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Regarding application firewalls for windows hosting, ISA 2006 from Microsoft is one of the best available. If you are using the webserver machine and also other normal machines from inside a single network, I suggest using the three legged perimeter network configuration in ISA. Keep your webserver in the perimeter and ensure you create firewall polices to allow only the services that you desire to host, through it.
     
    mobs, Nov 3, 2008 IP
  4. allusers

    allusers Peon

    Messages:
    2
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #4
    Thanks for the reply. i am novice player in website management. i am using some CMS for my site. what you talk about Open scripts, can you give me some examples here?


    Thanks
     
    allusers, Nov 5, 2008 IP
  5. WeWatch

    WeWatch Active Member

    Messages:
    75
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    50
    #5
    Open scripts are scripts that are open to hackers (crackers, cybercriminals, script kiddies...)

    In the example you gave: /cgi-bin/prxjdg.cgi is the open script they're looking for. UseShots said it already, if you don't have those, you don't have to worry about blocking them. Your site as well as many others will always be scanned by bots looking for ways in. You'd go crazy trying to block everyone of them. Use good security policies, watch your logs and you'll be okay.
     
    WeWatch, Nov 16, 2008 IP