A Techno babble Article by Reg Charie
Setting up online forms on your websites. An article that came to my attention today started out saying:
The Storm worm botnet has grown so massive and far-reaching that it easily overpowers the world's top supercomputers. Sergeant said researchers at MessageLabs see about 2 million different computers in the botnet sending out spam on any given day, and he adds that he estimates the botnet generally is operating at about 10% of capacity. "We've seen spikes where the owner is experimenting with something and those spikes are usually five to 10 times what we normally see," he said, noting he suspects the botnet could be as large as 50 million computers. "That means they can turn on the taps whenever they want to." What does this have to do with setting up forms on a website? Most sites are hacked by "bots" or robots that scour the web searching out unprotected web forms.
These bots attempt to enter a malicious script into one of the form fields and if successful, the website can be compromised. They can do this if the forms are not protected with a "captcha" security field.
A CAPTCHA is a type of challenge-response test used in computing to determine whether the user is human. "CAPTCHA" is an acronym for "Completely Automated Public Turing test to tell Computers and Humans Apart". One script that I have found under the GPL License (open source - free) is at http://www.puremango.co.uk/cm_php_captcha_script_113.php
The owner of this site has also listed a number of other scripts that can be hacked, and should be avoided.
http://www.puremango.co.uk/cm_breaking_captcha_115.php Hope this helps keep your sites secure.  | 
