You could take a look at ModSecurity if you are on Apache( http://www.modsecurity.org/ ) to block the attacks that found the holes in the first place, once you have fixed the current issue that is.
The standard ruleset is very good and can be relatively easily tweaked. -- Regards Barry -----Original Message----- From: schmero...@gmail.com [mailto:schmero...@gmail.com] Sent: 11 July 2009 13:06 To: users@spamassassin.apache.org Subject: OT: Website protection One of our client's websites gets hacked frequently - 1x per month - usually with some kind of phishing scam. I understand their first line of defense is to make sure security is tight and systems are up to date, however, it seems to me that there must be some scanning utility that would check their site for unauthorized pages via a search for domain names. So, if our client was google, the utility would search all files on the site looking for domains. If it found microsoft.com within one of the pages and email would be sent to the administrator who could delete the page and look for other evidence of being hacked or add microsoft.com to the whitelist. Any ideas where to look for such a beast &/or a mailing list that deals with this type of issue?
