This information may prove more important than you will ever know!!!
Eventually many of you will progress to paying for your own domain name and a decent hosted web site other than a "free" web site. While passwords are used for accessing even free web sites, once you become a webmaster of a truly independent web site security issues become even more of a responsibility.
When creating / changing passwords for what ever reasons dealing with web sites - ie FTP access (uploading files), server controlled password access to private directories, CGI program administrative forms, even your PC e-mail client for accessing your e-mail - there are some very simple rules you should FORCE your self to adhere to.
A) Do NOT use real words
Hackers and other mischief makers (lowlifes)
mostly gain access to a web site by chance. That is,
Much of that mentioned in 3 can often unwittingly be found easily in texts on ones web site!
There are web sites created by high level hackers turned good guys? who make considerable money hired to intentionally attempt a site/server break in, mainly for the corporate world. Their lessons are applicable to all. They often list some extremely stupid passwords used by even so called well trained IT specialists, and most surprising to the layman (sorry, layperson) are some chance overheard clues obtained in bars and clubs which lead them (the hacker) to a path of investigation. Even explicitly described passwords on paper in wallets or handbags have brought a few corporate sites down.
So, the rule is simple, follow the above rules when creating passwords that YOU HAVE TO notarise AND keep secure, NOT ones that are simply easy to remember (and when noting them do not include "such and such password = ????" identifying what for where, at least leave that up to your own memory).
Other hackers write simple "robot" programs which can search, index, and copy every available file on your site!! If any of those found files include passwords or client details or client CCard numbers or any other sensitive info then guess whose integrity and trust go out the window (Search engines are sophisticated "robot" programs BUT with mostly GOOD manners).
The last comments are alone good reason why if obtaining your own domain/real hosted website you should go for the more secure yet cheaper, most popular (over 50% of all), Unix type hosted site. Setup/management of server protected password blocked directories are very efficient (so long as decent passwords are used!) and can block robots too.
A site like dtp-aus.com often attracts such attention and signs of above show in various logs I have access to or create by my own programs. But just because you only have a simple family site to start with don't think you are immune.
Primary concern of hackers is to gain access to / do damage to servers. Your site content may not be of interest but just may be a simple conduit for more sinister purposes.
As a webmaster, especially but not only with a proper hosted domain site on someone elses networked computers, you have responsibilities. You could become a weak link in the network.
|Over 120 pages: All major topics divided into Classrooms|
|Free Backgrounds & Buttons!||DTP and HTML||"My First Page" HTML lessons|
|Tutorial Text Search||Perl CGI Scripts||Typography & Layout|
|4 pages of Links||Visitors Book||Perl Scripts Forum n/a|
|Free Links page||Feedback Form||Q/A contact Forum|
|pages Designed & Published - Ron F Woolley|
|©1997 '98. Last Revised: Friday, 31 October 2003 22:04|