Online Analysis Of Suspicious Websites
One of the neatest ways to distribute malware nowadays is by serving it from a web site. Why push malware by files to the victims computer - just put the bad stuff on your web site, and entice the victim to surf there. If he does so, intentionally, he's more likely to trust you, and badda bing, download your malware to his computer.
The classic way of protecting us from malicious web sites was stopping us from surfing there, generally using Hosts file based web site blocking.
Besides web site blocking, and malware protection (both active and passive) on your computer, you need malware scanning of any web site that you access. And what better way to do this than by using the power of the web?
- AVG / Exploit Prevention Labs provides LinkScanner, which can be accessed as a browser add-on or queried online. LinkScanner does a live scan on Google, Yahoo and MSN search results, rather than querying a database of previous scan results.
- FireTrust provides SiteHound, which can be accessed as a Firefox or Internet Explorer toolbar.
- McAfee provides Site Advisor, which can be accessed as a Firefox add-on, or queried online. SiteAdvisor has an accumulated database, a web site popularity meter ("nitecruzr.net" shows a 2 of 4 - "some users"), plus does real-time evaluation when requested. They also accept comments from site readers, and from site owners.
- A partnership between top academic institutions, technology industry leaders, and volunteers provides StopBadware.org, which feeds the Google search engine results pages. Google uses the StopBadware database, and accepts input by site owners through Google Webmaster Tools.
- Symantec provides Norton SafeWeb, which appears to be intended as a plugin to a Norton security suite, though it does provide for web based queries. SafeWeb accepts comments from site readers.
(Update 2009/09/18): Today, we note a significant increase in vigilance.
>> Top