alicit (![[info]](http://www.insanejournal.com/img/userinfo.gif){kind=small} alicit) wrote,@ 2009-09-21 10:53:00 |
 |
|||
|
|
|
|
|
|
|
Google Security Link
Quoting almost verbatim from![[info] - personal](http://s.dreamwidth.org/img/silk/identity/user.png)
slowfox's post:
TWiT's Security Now podcast mentioned this fantastic tip in their most recent episode, whereby you can use google to see how many security issues a given site has raised over the last 90 days. Google obviously collect this data, since they warn you about suspicious sites etc every now and again - this tip simply surfaces that information.
Unfortunately, there isn't a user-interface as such, so you have to handcraft the URL, but it's relatively straightforward:
Example: http://www.google.com/safebrowsing/diag
This checks google's own site (and ironically reports one malicious scripting exploit found in the last 90 days).
To target a different site, you simply change the ?site=google.com bit at the end of the URL to point to the desired target.
So, to check The Grauniad's site(s), we'd use ?site=guardian.co.uk, like this:
http://www.google.com/safebrowsing/diag
Interestingly, Livejournal throws up several issues:
Of the 15126 pages we tested on the site over the past 90 days, 144 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-09-20, and the last time suspicious content was found on this site was on 2009-09-20.
Malicious software includes 3 scripting exploit(s), 2 trojan(s), 2 exploit(s).
Malicious software is hosted on 19 domain(s), including tinnily.info/, convex.ru/, lavyer.info/.
10 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including lj-toys.com/, goeachscan.com/, susuman.com/.
The LJ results seem to imply that of the pages they checked, 1% were infected. So, if you've got a large flist...
OTOH, I suspect that the malicious accounts are probably clustered around certain communities. Of more concern was the warning about sites like lj-toys and stuff, because I know that some people on my former flist were using sites like those.
Currently, both Dreamwidth and Insane Journal get a clean bill of health.
Anyway, really cool google tool to play with.
Quoting almost verbatim from
slowfox's post:TWiT's Security Now podcast mentioned this fantastic tip in their most recent episode, whereby you can use google to see how many security issues a given site has raised over the last 90 days. Google obviously collect this data, since they warn you about suspicious sites etc every now and again - this tip simply surfaces that information.
Unfortunately, there isn't a user-interface as such, so you have to handcraft the URL, but it's relatively straightforward:
Example: http://www.google.com/safebrowsing/diag
This checks google's own site (and ironically reports one malicious scripting exploit found in the last 90 days).
To target a different site, you simply change the ?site=google.com bit at the end of the URL to point to the desired target.
So, to check The Grauniad's site(s), we'd use ?site=guardian.co.uk, like this:
http://www.google.com/safebrowsing/diag
Interestingly, Livejournal throws up several issues:
Of the 15126 pages we tested on the site over the past 90 days, 144 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-09-20, and the last time suspicious content was found on this site was on 2009-09-20.
Malicious software includes 3 scripting exploit(s), 2 trojan(s), 2 exploit(s).
Malicious software is hosted on 19 domain(s), including tinnily.info/, convex.ru/, lavyer.info/.
10 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including lj-toys.com/, goeachscan.com/, susuman.com/.
The LJ results seem to imply that of the pages they checked, 1% were infected. So, if you've got a large flist...
OTOH, I suspect that the malicious accounts are probably clustered around certain communities. Of more concern was the warning about sites like lj-toys and stuff, because I know that some people on my former flist were using sites like those.
Currently, both Dreamwidth and Insane Journal get a clean bill of health.
Anyway, really cool google tool to play with.
|
|