Malicious website testing?

[Davej]

Is there a website that can be used to determine whether another
website is malicious or not? I realize there are a few websites that
will look up the claimed "reputation" of a website but I'd like to
find one that will actually go and test a website.

Thanks

 

[Paul]

Is there a website that can be used to determine whether another
website is malicious or not? I realize there are a few websites that
will look up the claimed "reputation" of a website but I'd like to
find one that will actually go and test a website.

Thanks

This site (SiteAdvisor from McAfee) checks for downloads and tests a few.
You put the site name at the end of the link, to test your site.

At one time, the site in this example, got a "bad" rating, and that was
likely because the site was hacked and wasn't fixed for a long time. It's
now back to "green".

http://www.siteadvisor.com/sites/bioscentral.com

I notice a "red" site is linked to that site. If we test
the "red" site, we can get details of why it is rated "red".

http://www.siteadvisor.com/sites/bobhurt.com

"W32/Virut.n virus,Artemis trojan"

You can use www.virustotal.com for testing downloads, but
that doesn't protect you from an actual malicious web page itself.
The one time I got attacked, it was going to a commercial site,
that had been hacked. And I wasn't downloading anything - the
browser just went nuts, when visiting their main page. A number
of commercial sites have been attacked in that way in the past, that
makes a joke of ratings systems.

So it really doesn't change things at all. You can still be
attacked at any time, by a green site. All it takes, is a
good hacking.

Paul

 

[RayLopez99]

So it really doesn't change things at all. You can still be
attacked at any time, by a green site. All it takes, is a
good hacking.

    Paul

I'm curious what hacking you have in mind. I visited a site recently
defaced by the SQL Injection attack that's been making the rounds but
obviously that's not what you have in mind. What site would take over
your PC, if you have modern browsers with all the latest patches
installed? I've not heard of any. Of course a user clicking on a
link and installing malware is different--that's social engineering.
But Windows 7 asks you before you install anything, so if you
accidentally click on something you can always cancel yourself out.

Copied to COLA since they claim Linux is immune from viruses (I say
Windows 7 is too)

RL

 

[Davej]

[....]
The one time I got attacked, it was going to a commercial site,
that had been hacked. And I wasn't downloading anything - the
browser just went nuts, when visiting their main page. A number
of commercial sites have been attacked in that way in the past, that
makes a joke of ratings systems.

Yes, that is what I had happen last week and I thought it would be
nice if I could have some website scanning system go back and analyze
what this other site was doing. That way I might be better prepared if
I did discover that I had an infection from it.

Thanks

 

[Flasherly]

[....]
The one time I got attacked, it was going to a commercial site,
that had been hacked. And I wasn't downloading anything - the
browser just went nuts, when visiting their main page. A number
of commercial sites have been attacked in that way in the past, that
makes a joke of ratings systems.

Yes, that is what I had happen last week and I thought it would be
nice if I could have some website scanning system go back and analyze
what this other site was doing. That way I might be better prepared if
I did discover that I had an infection from it.

Simple binary ghost image of the C boot drive, which I do on a regular
basis from a boot arbitrator menued both for Win and a hidden DOS
partition for that purpose. Program installs on another drive are
what's simple about it (that a couple of "tricks" here and there, I
suppose, like program links in a physical folder that retains its
ordering, also referenced elsewhere than C). Can't be too prepared.
A boot CD for repartitioning and formating or wiping the MBR clean,
also usual for building a system. External HDs for mass storage
backups. That's all I need to know about common sense and getting on
sites that don't have any. For whatever reason they got, that I can
get by better without having it spread all over me.

 

[John Doe]

Simple binary ghost image of the C boot drive, which I do on a
regular basis from a boot arbitrator menued both for Win and a
hidden DOS partition for that purpose. Program installs on
another drive are what's simple about it (that a couple of
"tricks" here and there, I suppose, like program links in a
physical folder that retains its ordering, also referenced
elsewhere than C). Can't be too prepared. A boot CD for
repartitioning and formating or wiping the MBR clean, also usual
for building a system. External HDs for mass storage backups.
That's all I need to know about common sense and getting on
sites that don't have any. For whatever reason they got, that I
can get by better without having it spread all over me.

Long ago, I kept programs on another partition. Nowadays... I use
Macrium Reflect to do the simple compressed copy of drive C to my
large secondary drive D. Those copies of drive C are browsable,
files can be retrieved from any of them. If anything major goes
wrong... I make a current copy of data files that by default are
kept on drive C, from drive C to a "keep" folder on drive D. That
includes Internet bookmarks, various program folders, ect. You
have to know where your important files are kept on drive C, that
takes some learning I guess (it's been a long time). Then I jump
to the boot disk and restore a known good copy in place of the
problematic drive C. Then those copied files are put back into
their places. Lately, I have also been keeping a RootkitRevealer
results file with each copy of drive C, to keep track of how many
root kits each installation has. And of course I keep important
files on removable media like USB flash drives.

Good luck and have fun.