Penetration Testing mailing list archives
Re: failure notice
From: "john.bryson () oit gatech edu" <john.bryson () oit gatech edu>
Date: Tue, 13 Oct 2009 14:24:18 -0400 (EDT)
----- "L. Pop" <zhiglee () gmail com> wrote:
Hi, In my mind there are two ways to detect whether a website has been hacked, 1. to detect whether there worm fingerprinting 2. to detect whether there are malious url inside the website is there any other good methods? Is there any efficient existing tools do the job? Kind Regards, Pop ------------------------------------------------------------------------
I might suggest that from the host, you can do a lot - integrity checking, such as tripwire, checksums could be effectively used, etc. From a remote location, you only have access to what the web server allows, or what other services allow. (ex if some new suspicious service just started listening, or the web server serves up a suspicious page) -- John Bryson ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: failure notice L. Pop (Oct 13)
- Re: failure notice john.bryson () oit gatech edu (Oct 13)
- Re: failure notice pand0ra (Oct 13)
- Re: failure notice john lokka (Oct 13)