I am offering exclusively only to members of DP, my services that include the following: I will audit your website, code, prems, ownership, kernels(linux), access control and etc. to ensure that the frontend is not vulnerable to hackers or datamining. I will also conduct - with premission - backend testing for server integrity. Primarily Front End Testing: SQL Injection XSS LFI RFI CiR "Loose Directories" and/or "Information" Backend Testing: Backup arrangements Access Control Penetration Testing - Can I gain root through hacking? Credentials: CISSP CISA SMD - 2 year CC All of the above are well respected IT security certifications. Contract Details: Following the agreement to do business and the pricing outline, a confidentiality agreement will be issued. When all the documents are signed, I will begin. The duration of the contract will be included in the estimate. Payment is due at the end of the contract when all the log files, and Threat Risk Assessment (TRA) is handed over. For those who are not familiar with a TRA, it is a document that identifies your threats, and the risks of what could happen if they are not addressed properly. For everything identified, there will be recommendations, 1 or 2 short term and 1 or 2 long term solutions. Recommendations are always cost effective, and most of the time free, ie: chmodding your config.php file to 644 or changing the require("badcoding-place-a-shell-on-me.php"); to something other. To contact me- send me a PM through the forums here at DP. Enjoy. PS. This service is tax deductible
If your site is hacked by a professional, the first thing a professional hacker would do is to make MANY holes into it again once the one you got in the first time is closed. My favorite is to place a shell and a few kits hidden in a backup with call backs(a call back is a script that will call my server back when it is untarred). Now considering if you just got hacked and all of your user information in your SQL tables is now compromised(leaked), I have not only all of your user information and etc, but I have another hole into your server when you get your feet back on the ground and restore. With this hole I can repeat the attack, or simply install a small script that will turn your server into a zombie computer to assist in DDoS/DoS attacks resulting in your IP being blacklisted. THUS: coin the phrase "cold site"
Thank you all for the PM's, however, I do ask that pre-sale questions be directed to this thread. They may assist other users. Thank you.