Fusion Security

Del.icio.us  Digg  Google  Spurl  Blink  Furl  Y! MyWeb  

We have decided to resume the fusion project and as such have added it to sourceforge. We have officially been handed the project and intent to take it further as time permits. For those interested in helping with development head over to sourceforge and
check it out. Fusion Security

We intent to make fusion available to a large selection of nuke distro's including php-nuke 7.6 through to 8.1, all the patched series, raven nuke

Advanced Security

Admin Lock

Assign a user / IP to access admin file

Any other user / IP that is not assigned to have access will be automatically redirected to index.php

Automatic IP Protection

If the above feature is enabled [admin lock] and you have an IP address which changes [dynamic IP address], Fusion will automatically protect your new IP address if it changes

This automatic protection will only apply if you are logged into admin while your IP address dynamically changes. If you are logged out [cookie expired] then you are not automatically protected

Hard IP Protection

Hard protection allows the IP address you are currently logged into the admin file with, to be protected only. This means multiple IP addresses under your username will not be stored. Only 1 IP address under your username will be stored and protected. If this feature is enabled, it will mean a user will be only able to access the administration file from 1 computer / IP only

Dynamic IP addresses will still be hard protected, only if the user does not logout of admin, deeming your cookie session as expired

Admin Lock, Automatic IP Protection and Hard IP Protection are extremely secure, however if you do not have full knowledge of how the features work it can be easy to lock yourself out of your own website. If this happens there are processes you can follow to regain access

Authorised Ban Protection

The ability to protect your IP completely, so it will not be possible to be banned by Fusion

This feature is only available for site administrators

Module Customisation

The ability to create protected properties for modules and assign users/ip addresses to be able to access the protected secure module. All other users/ip addresses that have not been assigned access to the module will be denied.

Users can also be denied access to modules that the general public/community can access.

Bot Crawler Exclusion

Excluding bots / webspiders to be excluded from Fusion page monitoring. Every ip address in this list will not be listed in the log center, thus not tracked.

When the first bot enters your site [i.e. Google] you can add googlebot.com and every google crawler will be added automatically.

Supercharged Security

FTP Security

FTP security allows you to "secure" files on your webserver. This is done by a dynamic database comparison of server file changes.

There are 3 options; Scan and Add, List Approved, and Secure Scan.

Scan and Add is an inital server scan. It scans the server for any filetype extension [php/html/exe/com/js]. Upon scanning, it will list every file [of the filetype selected] and give you the option to "approve" the files.

List Approved option lists the files that you have approved after the file/filetype scan. Once a file has been approved, it means you are aware that it exists and that the file is safe.

Secure Scan is a scan you perform at any time to see if anything has been altered on your FTP without your knowledge. A Secure Scan can give 3 results:
1. FTP is secure, no altered .php files have been found
Note: File is approved but file size has changed
Approved: 3328 byte
Found: (3329 byte)
The file was last changed: November 25 2005 18:49:58.
File: /home/uname/public_html/loc/index.php
File: /home/goose/public_html/fusion1/backend.php is not approved
The file was last changed: September 09 2005 20:15:55.
Size: (2389 byte /home/goose/public_html/fusion1/backend.php)

Denial of Service [DoS] Countermeasures

This features prevents users/ip addresses hitting your site too often in a short period of time. There are 3 configurable options; time limit, max hits, and block time.

The time limit variates on the maximum hits limit and is a set time in seconds in which a user/ip address can make a set amount of hits.

The maximum hits is the amount of hits a user/ip address is allowed to hit your site during the time limit set. If the user hits your site too many times, they will be banned for a set amount of seconds.

The ban time is defined in seconds and will automatically block hit breaches for this set time.

Close Site

This allows you to "close" your PHP-Nuke site. All users that are trying to access your site will be redirected automatically to a page with information including a custom set message.

As admin you can access every part of your site, a notice is displayed at the top of your site displaying that the site is closed and only admins can access.

Additionally you can show your sites logo on the closed page. This can be customised via the preview button.

User Monitor System [UMS]

User Monitor System is an advanced tracking system, which allows admins to track any individual users that they define. It is a more extensive and detailed version of the standard log center.

This feature can use significant server resources, which is why only admins are permitted to define which users are tracked through UMS.

Once a user granted to UMS tracking the following information will be initially collected:
- ID: 1 [note: this is the UMS id / #]
- IP: xxx.xx.xxx.xxx
- Proxy: If applicable
- Host: xxxx-xx-xxx-xxx.xxxxxx.xxx.xxxxxxxx.xxx
- Name: Username
- Last here: yyyyy.mm.dd hh:mm:ss
- Hits: ####
- User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Maxthon)

This can also be linked to IP 2 Country to find a users country/city location.

In addition, every users movement will be tracked and logged. This includes:
- Last used ip address
- Time of ip usage and user agent used.
- IP addressed previously used including time of last ip usage and user agent used.
- Pages visited including times and user agent.
- What the user did on any page, including GET [http location] and POST [any user input such as login form or forums].

Article submitted by: Noobified
Last Update: 07-05-2008
Category: Security

Print | E-mail

Current rating: 6.5 by 4 users
Would you recommend this article to a friend?

Not a Chance 12345678910 Absolutely

Please register or sign-in to post comments.

Related News Stories

(14,918 reads) 06-02-2007
 · NukeSentinel(tm)2.5.10 Critical Update
(13,708 reads) 05-07-2007
 · NukeSentinel(tm) 2.5.08 Maintainance Release
(15,132 reads) 03-15-2007
 · NukeSentinel(tm) 2.5.07 Reissued: Critical Update
(13,632 reads) 03-02-2007
 · NukeSentinel(tm) 2.5.06: Critical Update
(14,430 reads) 01-23-2007
 · NukeSentinel(tm) 2.5.05 released
(14,464 reads) 12-24-2006
 · NukeSentinel 2.5.04 released
(14,186 reads) 11-03-2006
 · NukeSentinel(tm) 2.5.03 Released
(18,043 reads) 10-19-2006
 · Php Nuke 8.0 Patched
(14,414 reads) 10-01-2006
 · ipBan Modification
(12,413 reads) 08-02-2006
 · JavaScript opens doors to browser-based attacks.