Re: External link checks

["Jenkins, Matthew" <matthew.jenkins () FAIRMONTSTATE EDU>]

Thanks everyone for the ideas.  The AppScan and WebInspect products look
like they would be great to have for internal security testing; however,
I am not sure they would test for security issues outside of the
organization that would affect the end user's workstation.  They appear
to be more geared towards finding holes in the web apps themselves.  Let
me know if I am wrong on that.

 

I had thought about using wget to fetch things, and then run it through
an AV such as Sophos and/or an IPS such as Snort.  As well I suppose
custom scripts could be written to somewhat check for content we may
want to be aware of.

 

The two concerns I see with pages hosted directly on our *.edu servers
are direct links to pages that would contain malware that could harm an
end-user's computer and direct links to pages containing inappropriate
content (pornography, racial slurs, phishing, etc.).  User pages are a
different story as that does get into the grey legal area that bring
headaches to us all.  My target focus is institutional webpages
(offices, departments, clubs, etc.) that contain links to external
sites.  Obviously there isn't any way to control what is linked from
pages directly linked from our webpages.  For example, on a student
organization's page at www.school.edu/stuorg/related.html a link is made
to www.relatedorg.org/bulletinboard.php which links to
www.someotherorg.org/comments.html.  There is no control over the link
to someotherorg.org; however, if the page at relatedorg.org becomes
compromised and ends up with a security threat or inappropriate content
then we can remove the link off of our servers to the relatedorg.org
page.

 

Matt

 

Matthew Jenkins
Network/Server Administrator
Fairmont State University
Visit us online at www.fairmontstate.edu <http://www.fairmontstate.edu/>


 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Alex
Sent: Monday, April 07, 2008 4:42 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] External link checks

 

Matthew:

 

Most of the web-based assessment tools would support creating custom
checks for assessment.

I checked, and both IBM AppScan and HP WebInspect would allow for what
you described.

You could also look at general/OS assessment tools like Nessus, which
one could write a script for to perform some type of a check.

I can see how the checks would be useful. Many times, the content has
been posted without authorization on some of these types of sites.

 

Sincerely,

 

Alex Everett, CISSP

University of North Carolina

 

________________________________

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jenkins, Matthew
Sent: Monday, April 07, 2008 2:27 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] External link checks

Does anyone know of a tool that would scan a website for external links,
and then check each of those links to a specified depth for specific
content?

 

Example use:  Someone has a weblink on the organization's website.  The
page the weblink points at is compromised and malware, inappropriate
content, etc. are placed on the site.  If there was a tool to scan the
external links to check content, this would be caught and an
administrator noticed so the link could be removed from the
organization's website.

 

Thanks all,

 

Matt

 

Matthew Jenkins
Network/Server Administrator
Fairmont State University
Visit us online at www.fairmontstate.edu <http://www.fairmontstate.edu/>