If you haven’t updated your Anti-Virus software yet, make sure to do so in order to keep your computer and files safe.

There are different types of hacking. The common type among them is the cross site scripting. This type of hacking can be done in many ways. Stored, reflected or DOM based. Well, I think its better we deal on how to protect against this type of hack than going deeper into what it is. The best way to deal with this is to ensure that you validate all inputs to your site. Validate inputs like page header, cookies, hidden fields that are used in forms etc. Site owner use web forms for subscription to gather emails from users. So validate such inputs against expected input types. Always use HTML script in order to avoid any unwanted script elements. The best way would be to validate against what is allowed rather than what is not.

Let’s see the second type in the hacking list. It is called Google hacking. You may know that search engines provide lots of different tools to track site rankings and you may be aware that Google hits the list for this reason. It is on top of the list both for hackers as well as website owners. Now what is Google hacking? Google hacking simply refers to the techniques used to gain access to unauthorized information through advanced search queries.

Here searching sites are employed by Google hacking using logical operators, special characters, and operators such as cache, link, site, inurl and others. Web masters put important data on their servers which will in turn enable access from anywhere. Such kinds of documents are kept inaccessible but still it is easy to get access to such pages. Actually here, the documents must be specified in the robots.txt file. If not, the search engine spider will index all the documents on a particular site. Then search engine queries will make the documents available to the public. Advanced queries like filetype:doc will search all the word doc files available on the servers.

Now how to protect against such threats? Well, the first thing you got to do is to avoid storing of sensitive data. If necessary, you can use robots.txt file to avoid indexing of such documents.

For instance: User:
Disallow: /documents

What this instruction does is, it will not allow the search engine spider to index the contents of folder “documents”. Similarly there is an alternative way if you do not want the search engine to index that page. Use the Meta tag “meta name=’SPIDERNAME’ content=’NOARCHIVE’ ” on individual HTML pages. Remember to put the correct spider name of search engine.

One more important thing I have to suggest you here is, you must check your server whether directory listing is allowed. In Directory listing the contents of directory can be seen by anyone just by typing in the website address and existing folder name. After you type in the website address and folder name and you are able to see the contents then you should contact the host and make sure it is disabled.

Well, whatever is the case, hacking cannot be completely stopped. But the tips in today’s post can take a step towards minimizing it. In the coming posts I must provide you with tips on protecting blogs from hack threats. Stay tuned as I have more for you in the future.

Don’t disclose your identity

Always, a short message is sent by the access points which repeat the network’s name. This is default. The network’s name is known as SSID. This helps people living nearby. People who live next door can detect that you run a wireless network which can help them in getting in. Best way to avoid this problem is to disable SSID. Once you disable, you will run a network that people think you don’t. In simple words, you don’t reveal that you run a wireless network.

Get rid of default passwords

Default passwords can be a problem. When using your network, its always better you change your password to something else than keeping password by default. The reason is, default passwords are a part of access point instruction manual. So if you desire to keep same without changing, then it can take very less time to get the proper password. Try to use a password that is a mixture of letters and numbers.

Keep Updating

Always don’t forget to update. Updates come along with security features. So keep updating. For this, you can visit the manufacturers website.

Encrypting

Using Encryption can be a good way to go. Encryption is of two kinds. Wired Equivalent privacy(WEP) and Wi-Fi protected Access (WPA). The first method is less secure as it uses 64-128 bit, where as the latter method is better which uses 256-bit encryption and is harder to decode. The best of WPA method is it keeps generating encryption keys. This can effectively avoid hackers from getting in. What these keys do is, when a hacker breaks through a key, a new key is in place. Make sure your gear supports this method.

Others

• Disable remote management if not needed.
• On the access point, remember to turn off pings. This will make it invisible to 802.11b analysis tools.

Alright, try using these steps and see what difference it can bring in. Good luck!