At 05:06 11-07-2009, schmero...@gmail.com wrote:
One of our client's websites gets hacked frequently - 1x per month -
usually with some kind of phishing scam.
I understand their first line of defense is to make sure security is
tight and systems are up to date, however, it seems to me that there
must be some scanning utility that would check their site for
unauthorized pages via a search for domain names.
If they are compromised regularly, they should go to the source of
the problem and fix it. You could scan the file system to look for
unauthorized files. You cannot do that for webpages. As the system
is compromised, you cannot rely on the scan.
Any ideas where to look for such a beast &/or a mailing list that
deals with this type of issue?
Search for tripwire.
Regards,
-sm
