Penetration Testing mailing list archives

Re: failure notice

From: "john.bryson () oit gatech edu" <john.bryson () oit gatech edu>
Date: Tue, 13 Oct 2009 14:24:18 -0400 (EDT)


----- "L. Pop" <zhiglee () gmail com> wrote:

Hi,

In my mind there are two ways to detect whether a website has been
hacked,
1. to detect whether there worm fingerprinting
2. to detect whether there are malious url inside the website

is there any other good methods?

Is there any efficient existing tools do the job?


Kind Regards,
Pop

------------------------------------------------------------------------

 
I might suggest that from the host, you can do a lot - integrity checking, such as tripwire, checksums could be 
effectively used, etc. From a remote location, you only have access to what the web server allows, or what other 
services allow. (ex if some new suspicious service just started listening, or the web server serves up a suspicious 
page)

-- 
John  Bryson  
 

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------

Current thread:

Re: failure notice L. Pop (Oct 13)
- Re: failure notice john.bryson () oit gatech edu (Oct 13)
- Re: failure notice pand0ra (Oct 13)
- Re: failure notice john lokka (Oct 13)