[Chugalug] Website scanners (was d at mn scammers/hackers)

Dave Brockman dave at brockmans.com
Thu Oct 18 03:45:19 UTC 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/17/2012 11:15 PM, David White wrote:
> To fork the thread, anyone know of any services you can use, and/or
> or scripts you can run to check the public facing code of sites
> and ensure there's nothing malicious?
> 
> On the internal side of things, I wonder if it would just make
> sense to periodically run an MD5 checksum via cron on each web
> directory in the server(s) and compare that with the good hash
> (stored externally, off the server, of course).


tripwire?

ossec?

Regards,

dtb


- -- 
"Some things in life can never be fully appreciated nor
understood unless experienced firsthand. Some things in
networking can never be fully understood by someone who neither
builds commercial networking equipment nor runs an operational
network."  RFC 1925
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iEYEARECAAYFAlB/e08ACgkQABP1RO+tr2RR5gCgiGxILJVoii477BRYGBQhoX0K
n2oAn3vbisLm30UUMMgZLG/TuvXkFxdc
=mhZx
-----END PGP SIGNATURE-----


More information about the Chugalug mailing list