Looking for something?

Google

Tuesday, February 27, 2007

Site Advisor: An Internet User's Indispensable Tool


I was lazily browsing the net, until I ended up on one website wherein several pages loaded one after another. Right away, it raised a red flag on my geek meter. The pages that loaded were mostly bogus ad sites. Bogus because I never requested for those web pages. They just popped out of nowhere. Then the confirmation came. My anti-virus software sitting in my desktop immediately prompted me about an infected file and the trojan name was "exploit byte-verify". Most low threat viruses that gets into your PC can be cleaned right away by most anti-virus software, but this one cannot be cleaned and cannot be deleted completely as well. I attempted to delete the file but apparently it didn't work because the bug has a read-only attribute. So I left it sitting in my PC while I scoured the net for answers. There were do-it-yourself solutions to removing the bug, but I didn't bother to experiment on them instead, I just downloaded a more updated and powerful virus protection software, and that did the trick, at a price of course.

Well, I was more concerned about how did I end up in a mal-infested web site in the first place and how could that be possible. All the while we thought that certain websites like pornographic sites, free sites, share ware sites are the sites that are typically infested by the dirty net bugs and that for us long as we don't go that way we are perfectly safe. Not anymore! Why?

In the older days, spamming used to be the trick until internet users learned to ignore unsolicited e-mails. Definitely these bad guys needed another way to victimize unsuspecting users, and that is how they learned to attack users through the net in a much easier fashion.

But how? Simply by "web defacement". Web defacement does not necessarily change the way a website looks. It is carried out by implanting and alien code into a website and is not visible by a user in a browser. It can also be carried out by injecting an alien link which maybe visible or invisible. This attack is possible if the attacker has access to the website or if the attacker can hack into it. Defacement targets so called remote-root vulnerabilities brought about by the lack of recent security patches and bad management and/or practices like weak passwords, guest accounts, open shares or vulnerabilities in applications. Defacement can also be carried out by hacking into a web proxy though the original website may still look perfect. Popular websites are more carefully maintained thus attacks are less likely to succeed. On the other hand, many sites over the internet do not observe the same amount of security measures or periodic site checking or maintenance, thus, even if they maybe already a victim of defacement, they remain unaware for a while and it is the unsuspecting internet users that are diverted to malicious websites at the attacker's choice to be victimized by their malicious codes. Take note, that subtle modifications made to a hacked website can go unnoticed for a very long time and unless regular integrity checking is performed on the website by the webmaster there is no way to find unauthorized modifications into the hacked site.

So how do we protect ourselves from falling prey into the traps of these malicious attackers? Prevention is better than cure. Would it be nice if we can go about the web and someone can provide us a site map of which websites are safe, which ones are vulnerable and which ones are we supposed to stay away from? It is only after I was victimized of this malicious attack that I learned that there are effective tools you can use to protect yourself from this kind of attack. One that is worth trying is the McAfee SiteAdvisor which you can download for free. As soon as you perform a search from a search engine, the site advisor provides a clue on which sites are safe, which sites have potential malicious codes based on their own site tests, and even shows you which sites have not yet been tested. To me this is an indispensable tool because it empowers you being the user to choose the sites at your own risk. At least you have been pre-warned so whatever happens next is entirely up to you.

Now, I have my site advisor sitting and waiting for me to trek the net, and as soon as I set off to go into the internet highway, it flashes green, red, yellow or gray to forewarn me. Protect yourself now. It costs absolutely nothing.

No comments:

Find it here