On Mon, Jan 28, 2008, Geoffrey S. Mendelson wrote about "Finding porn links in hacked web pages": > He is not technicaly inclined at all, and does not have the ability > to check his pages without going to each one in a browser and looking > at the page source. He has thousands of pages and runs the site as > a Jewish news site, with no income. > > I was thinking that I could write a program that scans each of his > web pages using wget or lynx to download them, but don't want to > start writing code if it has been already done.
If this guy is the only one changing his content, what I would do is run a trivial script on a remote machine: every day (or whatever) fetch the entire content of the site (with wget) compare (with cmp) the new content to the previous content, and finally email or SMS this guy the number of modified files. If he knows that he modified one page, and got a mail saying one page changed, he's safe. If he changed nothing and got a message that 100 pages changed, he knows he has a big problem. I don't think that "scanning for porn links" will work; How will you know that these are porn links? And what will happen the next time his site is cracked, and the cracker won't add porn links, but do something else? During the doc.com boom, I remember an Israeli startup whose business was exactly this - noticing that a site has been defaced using remote servers which constantly try to download pages from the site and notice if something has changed. Unfortunately, I can't recall now the company's name. -- Nadav Har'El | Monday, Jan 28 2008, 21 Shevat 5768 [EMAIL PROTECTED] |----------------------------------------- Phone +972-523-790466, ICQ 13349191 |A messy desk is a sign of a messy mind. http://nadav.harel.org.il |An empty desk is a sign of an empty mind. ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
