Re: Lockstep repairs hacked Web sites with WebAgain

[InfoSec News <isn () c4i org>]

Forwarded from: Robert G. Ferrell <rferrell () texas net>

> WebAgain allows Web sites that are compromised or modified by
> attackers to automatically be restored to their proper state,

Gee, I wrote a Perl script called MIVP (Mirror Integrity Validation
Program) in 1996 that did exactly this.  It compared several
attributes of each file in the user-configured list to those on a
remote server or read-only media and if it found any differences,
restored the modified file and notified the proper people.  

It also had a range of logging and other security-related functions
that could be configured by the user.  I offered it (for free) to the
Air Force after their Web site got defaced (New Years 1997, if my
memory serves), but they turned it down.  I know at least one other
person who wrote a similar program in 1997.

Everything old is new again.

RGF



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.