[Chugalug] Website scanners (was d at mn scammers/hackers)
alyawn at gmail.com
Thu Oct 18 03:38:24 UTC 2012
On Oct 17, 2012, at 11:15 PM, David White wrote:
> To fork the thread, anyone know of any services you can use, and/or or
> scripts you can run to check the public facing code of sites and
> ensure there's nothing malicious?
> On the internal side of things, I wonder if it would just make sense
> to periodically run an MD5 checksum via cron on each web directory in
> the server(s) and compare that with the good hash (stored externally,
> off the server, of course).
> Sent from my iPhone
> On Oct 17, 2012, at 10:08 PM, Mike Harrison <cluon at geeklabs.com>
Speaking on the internal side of things, I wrote a script a while back
to diff the deployed site's files against the latest release in git.
If there was a difference, I sent myself an email. This all came about
when I had helped someone setup a ZenCart site that was brute forced
and used for phishing some London bank. Later, I discovered that
ZenCart was and always had been riddled with these easy exploits, so I
got out of that business. In retrospect, I think the 2 biggest risk
factors were: shared hosting through a popular host (know IP blocks),
and using older CMS versions. YMMV.
More information about the Chugalug