Twitter Hacked - could it happen to you?

On 12/17/2008 around 7:00 PM EST , Twitter.com was hacked by a group claiming to be the Iranian Cyber Army. The actual attack was a DNS Hijacking (or DNS Poisoning) that resulted in Twitter Users being directed to a page of their choosing. In this example here is what they posted:

Twitter Hacked - could it happen to you?

This old school defacement actually was conducted by 'hijacking' the sites DNS - how they accomplished this is still unknown, the fact is they did. What exactly is a DNS Poisoning or Hijacking?

Read more: Twitter Hacked - could it happen to you?

How to Handle Request Variables in Joomla!

One of the most important aspects of extension development is gathering input from the user and manipulating it in a meaningful way. Many times, you will collect data with a form and then store it into a database table. Other times, you will decide how to order or display information to the user based on the query string of the URL. In either instance, you are taking and acting upon input from the user. Obviously, you hope that your users have good intentions in using your extension, but unfortunately, the reality is that not everyone has your best interests in mind. For that reason, you must be careful about the input that you allow into your extension.

Read more: How to Handle Request Variables in Joomla!

What's that smell? It's Packets!

A detailed look at the Wireshark protocol analyzer

Greetings, In this article I want to discuss the other powerful tool a systems administrator should know about. It is called Wireshark (from Wireshark.org). Wireshark is in essence a sniffer, in that it can listen in on the packets on the wire and tell you whats what. Officially its called a protocol analyzer which is more true to its mission. In this article I want to share with you a few items of value about Wireshark, and why you should get to know this tool better.

I think that as technical people we get lulled into a dull sense of safety with tools, for example a reliance on a control panel tool that identifies bad guys by their actions and blocks their IP's. This is for sure a good thing, but it is not the only thing. With tools like Wireshark, we can peer into the activity of our server and see what is going on at the packet level. A client some months ago came to JoomlaRescue.com and was having a problem with continually being hacked. We tracked it down to a compromised (vulnerable) FTP software that had allowed them in. However we found they were using FTP through the use of Wireshark.

This is important because if you were unfortunate enough to have a bad guy insert this INTO your network he could eavesdrop on everything you do. However - in this use case, it is being demonstrated as diagnostic tool.

For the purposes of this article I ran Wireshark on MY personal machine only. It was never allowed outside my network, so in other words, everything you see here came to my machine using normal, everyday browsing techniques.

Read more: What's that smell? It's Packets!

10 Spots Left in 2nd Joomlashack University Class

Joomlashack University - the fastest and easiest way to learn Joomla is about to close its doors for the second time.

If you haven't heard, Joomlashack University is our new Joomla training course. Its delivered 100% online so you can learn at your own pace, and in the comfort of your own home. Each month we open to only a few students, and then stop taking on subscribers. This makes sure our teacher-student ratio is low and everyone's questions are quickly answered.

In November we opened our doors for 200 students have have about 10 spots left. We will be stopping open enrollment next Monday 14th of December, but these last 10 spots will probably go by the end of today!

Read more: 10 Spots Left in 2nd Joomlashack University Class

How to Add CSS/Javascript to Your Joomla Extension

This article applies to Joomla! 1.5 development. This information is subject to change in Joomla! 1.6.

When writing your custom component or module, more often than not, you will want to include your own CSS or Javascript code. If Joomla! did not provide an easy way to do this, you would be forced to use script tags throughout your code. While this approach would technically work, the best practice is to put all scripts inside the head tag of your page. How is that possible when the of your page is only seen on your template index.php file and you're developing a new module or component? The JDocument class is the answer. Let's look at the easiest way to go about doing this.

Read more: How to Add CSS/Javascript to Your Joomla Extension

Nmap In detail

In our previous articles, we discussed at a high level a few tools, the first of which was Nmap from insecure.org. In this article I want to give you a short primer on Nmap and some of the popular methods to use this powerful tool.

Read more: Nmap In detail

Joomla SEO Templates the Right Way

Since 2005, Joomlashack has been creating Joomla templates that are ideal for Search Engine Optimization of a Joomla website. Back in 2006 we wrote the first available guide for SEO for Joomla, and also a guide for creating source ordered templates that's been used by thousands of designers.

Our first SEO templates in 2006 were super-lightweight ones like Simplicity and Lightfast, that the competition took years to catch up with, but over the last few months we have developed a breed of special Joomla templates that provide a rock solid foundation for your site; Inspirion, eBusiness and now JS Community.

How do you set up SEO optimized Websites? Do you want to learn SEO? Would be interested in SEO lessons? SEO Courses? SEO video tutorials? SEO Training? Conversion optimization lessons? Conversion optimization courses. Conversion optimization video tutorials. Conversion optimization training.

Read more: Joomla SEO Templates the Right Way

More Tools You Need to know about

Good Day to you!

In my last article, I introduced you to NMAP, WIRESHARK and NETCAT. These fall in the category of diagnostics and troubleshooting. The next two tools known as vulnerability scanners. They check your server, code and in the case of the second tool - Accunetix - it scans your "code" for such things as SQL Injection flaws and Cross site scripting.

Read more: More Tools You Need to know about

Joomlashack Suport for IE6 to End Dec 14th

Mark your calendars, it's official, Joomlashack will stop supporting Internet Explorer 6 as of December 14th, 2009.

With the coming of the new year and many Joomla template providers agreeing that support for IE6 should officially end, we've decided to make the leap a bit early.

The move to stop supporting IE6 is not limited to Joomla template developers alone, in fact it's got quite a large following from web developers as a whole. Just do a Google search for 'no more IE6' and you will be treated with a list of articles, and even whole websites, dedicated to ending the life of IE6, or at least stopping the support of it.

Read more: Joomlashack Suport for IE6 to End Dec 14th

JS Community: SEO meets community template

JS Community Joomla template

Superior SEO + limitless flexibility + seamless JomSocial styling = Joomlashack's new template, JS Community!

Built on our powerful CSS 960 grid framework, JS Community is a sleek yet sophisticated approach to design. It comes loaded with over 30 module positions, multiple source-ordered column layouts, easy to customize CSS files, and much more!

And most exciting- JS Community is ready for JomSocial, the best social networking extension available for Joomla.

Need to offer community tools to your audience but want a consistent, seamless look and feel? Try out our demo and see how JomSocial and JS Community work together for a perfect social networking experience. 

How do you set up SEO optimized Websites? Do you want to learn SEO? Would be interested in SEO lessons?  SEO Courses? SEO video tutorials? SEO Training? Conversion optimization lessons? Conversion optimization courses. Conversion optimization video tutorials. Conversion optimization training.

JS Community is chock full of powerful, state-of-the-art features. Check out Community's full bag of tricks, including:

 

 

Read more: JS Community: SEO meets community template