[Chugalug] Website scanners (was d at mn scammers/hackers)

Alan alyawn at gmail.com
Thu Oct 18 03:38:24 UTC 2012


On Oct 17, 2012, at 11:15 PM, David White wrote:

> To fork the thread, anyone know of any services you can use, and/or or
> scripts you can run to check the public facing code of sites and
> ensure there's nothing malicious?
>
> On the internal side of things, I wonder if it would just make sense
> to periodically run an MD5 checksum via cron on each web directory in
> the server(s) and compare that with the good hash (stored externally,
> off the server, of course).
>
> Sent from my iPhone
>
> On Oct 17, 2012, at 10:08 PM, Mike Harrison <cluon at geeklabs.com>  
> wrote:
>

Speaking on the internal side of things, I wrote a script a while back  
to diff the deployed site's files against the latest release in git.  
If there was a difference, I sent myself an email. This all came about  
when I had helped someone setup a ZenCart site that was brute forced  
and used for phishing some London bank. Later, I discovered that  
ZenCart was and always had been riddled with these easy exploits, so I  
got out of that business. In retrospect, I think the 2 biggest risk  
factors were: shared hosting through a popular host (know IP blocks),  
and using older CMS versions. YMMV.

-Alan



More information about the Chugalug mailing list