Renk
24.04.10, 06:44
Huge issue, not to be solved in a few lines for sure.
But I just found a tool which could interest those who are security concerned.
What you have to do is to configure your browser's http proxy setting with
www.spybye.org :8080
then go to
http://spybye.org and write the url of the site you want to visit.
You can test this tool e.g. on one of the Google's Top Ten Malware Sites:
Google Online Security Blog: Top 10 Malware Sites (http://googleonlinesecurity.blogspot.com/2009/06/top-10-malware-sites.html)
Or you can test it on sbi too. Results: SBI is clean and safe !!! :klatsch_3:
http://img59.imageshack.us/img59/2457/testsb.jpg (http://img59.imageshack.us/i/testsb.jpg/)
Interpreting SpyBye Output
SpyBye classifies URLs into three categories:
* harmless: A URL that originates from your web site or is matched by a pattern in the good patterns file.
* unknown: A URL that did not originate with your web site. This is likely to be 3rd party provide content and could be dangerous. If you see an unknown URL that you do not recognize, something might be wrong with your web site.
* dangerous: A URL with a high likelihood of being dangerous. This is usually an indication that your web site has been compromised. You should check if all your web applications have the latest security patches installed, you might also have to reinstall your web server. Attackers usually leave backdoors that give them remote access to your site, even after you have removed potential exploits from your web pages.
How to get SpyBye running - Niels Provos (http://www.provos.org/index.php?/pages/installation.html)
You can have a look at the spybye's code here:
spybye - Project Hosting on Google Code (http://code.google.com/p/spybye/source/browse/#svn/trunk/spybye)
You can use this tool in conjunction with privoxy and/or polipo and/or squid in order to be (almost) entirely sure in chaining (I suppose but correct me if I committed mistake) in the following way:
your browser <-> squid <-> privoxy <-> polipo <-> spybye <-> the Wild Wide Web
NB: A suggestion: Why not to open on sbi a "paranoid" section ? It would be a transversal section, with extreme ideas, config and tutos about various subject (mainly in connection with security) such as the previous one, or better "how to use Tor and I2P together" or "how to use Ants or Rshare on I2p inside a VM through VPN" (or "The most complicated and tricky way to kill your fiber connection and melt your octocore processors").
But I just found a tool which could interest those who are security concerned.
What you have to do is to configure your browser's http proxy setting with
www.spybye.org :8080
then go to
http://spybye.org and write the url of the site you want to visit.
You can test this tool e.g. on one of the Google's Top Ten Malware Sites:
Google Online Security Blog: Top 10 Malware Sites (http://googleonlinesecurity.blogspot.com/2009/06/top-10-malware-sites.html)
Or you can test it on sbi too. Results: SBI is clean and safe !!! :klatsch_3:
http://img59.imageshack.us/img59/2457/testsb.jpg (http://img59.imageshack.us/i/testsb.jpg/)
Interpreting SpyBye Output
SpyBye classifies URLs into three categories:
* harmless: A URL that originates from your web site or is matched by a pattern in the good patterns file.
* unknown: A URL that did not originate with your web site. This is likely to be 3rd party provide content and could be dangerous. If you see an unknown URL that you do not recognize, something might be wrong with your web site.
* dangerous: A URL with a high likelihood of being dangerous. This is usually an indication that your web site has been compromised. You should check if all your web applications have the latest security patches installed, you might also have to reinstall your web server. Attackers usually leave backdoors that give them remote access to your site, even after you have removed potential exploits from your web pages.
How to get SpyBye running - Niels Provos (http://www.provos.org/index.php?/pages/installation.html)
You can have a look at the spybye's code here:
spybye - Project Hosting on Google Code (http://code.google.com/p/spybye/source/browse/#svn/trunk/spybye)
You can use this tool in conjunction with privoxy and/or polipo and/or squid in order to be (almost) entirely sure in chaining (I suppose but correct me if I committed mistake) in the following way:
your browser <-> squid <-> privoxy <-> polipo <-> spybye <-> the Wild Wide Web
NB: A suggestion: Why not to open on sbi a "paranoid" section ? It would be a transversal section, with extreme ideas, config and tutos about various subject (mainly in connection with security) such as the previous one, or better "how to use Tor and I2P together" or "how to use Ants or Rshare on I2p inside a VM through VPN" (or "The most complicated and tricky way to kill your fiber connection and melt your octocore processors").