home Interesting Checking a web resource for security. Check the safety of a link from the Internet in real time, online. Using Google to Verify

Checking a web resource for security. Check the safety of a link from the Internet in real time, online. Using Google to Verify

It often happens that we are offered to follow a link.
And we are afraid. Because we are not sure that the site we are going to is safe for our computer.

I check all links unknown to me on the site Virustotal.com/ru.
But there are many other sites on the Internet where you can do the same. And since I chose Virustotal for myself, I will explain using the example of this particular site.

And also, you can check the safety of the link in Dr.WEB
in real time, online - without leaving this page.
At the bottom of the page - Dr.WEB site, for checking links.

at Virustotal.com/en. real time, online

Firstly, in order for the link to be checked in Russian -
you need to go to Virustotal.com/ru with a browser Google Chrome or Internet Explorer. Because Mozilla Firefox, Safari and Opera do not immediately translate the text from English into Russian. Below is a screenshot of Virustotal.com/en opened in the Safari browser.

Of course, you can check the link without translation. To do this, click on the "scan a URL" link (underlined in red). A similar tab will open where you type in the URL, i.e. the link you want to check and then click on the big blue “Scan in!” button below. (scan) and after a short time you will be given the result. But also in English.

How to check a suspicious file on a computer at Virustotal.com

How to check a file from a computer
for viruses and trojans at Virustotal.com/ru

As you can see at the top of the screenshot, in the line "Detection ratio:" there is a fraction 0/20. Zero on the left means that none of the scanners involved in checking this link found anything malicious on the checked site. If one or several scanners detect something negative on the site being checked, then instead of the number 0 there will be a number indicating the number of negative reviews and the color of this number will no longer be green, but yellow or red.

Number 20 on the right - shows the number of participants
in crawling URLs and putting a “clean site” review in the table. And if one or several scanners detect something negative on the site being checked, then instead of a “clean site” of green color, there will be a review that the site and the color of this entry will no longer be green. "Unrated sites" in crawl results - means "unrated".

The icon in the upper right part indicates the reputation of the checked link. A red thumb down and a number shows negative reviews, a green thumb up and a number shows good reviews.

Since my site, at the time of this review, is only five months old -
then it is quite natural that zeros are in the icon about the site's reputation.
Neither bad nor good.

How to check a link from the Internet for free
in Dr.WEB in real time, online

Recently, the Internet has become the main habitat for viruses, since only there they can effectively spread on user computers. Gone are the days when systems were infected via disks or flash cards. With the increase in the amount of downloaded information, the number of infected computers has increased, as users perceive the threat from the Internet as something abstract and something that does not affect them.

Unfortunately, it is not. Neglecting the basics of security can compromise our data stored on hard drives. Infections of computers of large corporations became indicative ransomware virus, which extorted money for unlocking, and otherwise encrypted the data. Most of them contracted it due to banal inattention.

Infection prevention

First of all, you need to use anti-virus programs. Most of them are capable filter traffic, advance warning users about the danger lurking on the resource being opened. Even free versions can significantly enhance the protection of your computer.

Secondly, you should go to browsers, in which is embedded website check. They warn of the danger that awaits users on a particular site. One of these - Yandex browser. Built into it by default plugin, scanning the site and restricting access to frankly malicious resources. If the user tries to access such a page, he will see a warning about the danger and a suggestion to close the tab.

Third, try do not cross on suspicious links in social networks. Vkontakte itself warns that the site can be dangerous, so do not neglect the advice of the service. Most infections happen this way.

Using Google to Verify

This option is suitable for site owners who want to make sure that their creations do not harm users. world wide web. If the site does not belong to you, then you will not be able to check it through search engines.

To start, let's go to webmaster panel. It is located at google.com/webmasters/tools/home (you need to be logged into your Google account). After that, click on the button " Add resource” and enter the link to the site in the box. After that, press " Add».

After that, we will need confirm site rights. For this you need to place HTML Template on the resource so that Google can identify us. We perform all the actions from the instructions and click " Confirm».

After confirmation, we can see all the information about our site. To do this, select the tab " Security issues". If there are viruses on the page, the system will notify us about it. If not, we will see such a picture.

Yandex to check for viruses

By and large, in Yandex we repeat the same procedure as in Google:

Doctor Web and Kaspersky

For the most part, by checking the site through these two services, you can be 97% sure that the site does not contain viruses. These laboratories have devoted years to developing antivirus programs so there is no reason to doubt their competence. Let's start with Doctor Web.

We go to the official website vms.drweb.ru/online. In addition to checking for viruses, you can see an extensive selection information about viruses and their spread. The main part of the page is the address bar in the middle, into which enter the link on the resource being checked and click " Verify».

After a while we will get detailed description checks carried out, as well as a conclusion about the danger or safety of the page.

Work " Kaspersky' is built on the same principle. However, here we can also check files. Enter URL in the address bar and click verify.

Unlike the previous service, we are not loaded with the details of the check, but immediately give the result.

Other online services

In addition to those already considered, there are other services for checking links:

March 6, 2015 at 00:43

Website security audit - identifying risks and threats

Information Security

Site security audit (checking the site for vulnerabilities) - a series of procedures aimed at ensuring stable operation web resource, data security and risk reduction.

It's no secret that the economic situation is now dictating new rules, including in competition. If earlier the “war of technologies”, cyber espionage and destructive actions were mainly the lot of large corporations or entire states, now these methods are quite successfully used in small and medium-sized businesses.

Let's leave offline company sites aside for now, and today we'll talk about commercial websites, whose main income is related to Internet activities.

Site security audit is a set of works to identify errors in the site code and software servers that attackers can use to attack and hack the site.

The motivation used by attackers can be different - it is both bragging and the search for benefits both for themselves personally and by working for a "order".

From the latest "high-profile" examples - hacking of the freelance exchange FL.ru

screenshot of the attacker's message on behalf of one of the administrators

Here, the resource has clearly suffered reputational damage, user loyalty has been reduced. New users may be difficult to attract: www.google.ru/search?ie=UTF-8&hl=ru&q=FL.ru
As a result of the search GOOGLE SERPs at the request of FL.RU, the second is a topic on Habré about draining the user base.

What would a security audit of the FL.RU exchange give - the selection of passwords for resource administrator accounts would help identify these Accounts. Additional recommendations and rules for their observance would help to avoid such an unfortunate oversight. The lack of restriction of access to critical functionality (user accounts) from an untrusted IP address only exacerbated the situation.

The reputational risks of hacking the company's website will naturally affect the profitability of the company. But there is also a direct threat of theft of data that is valuable to the company. Web site of the company associated with online activities - online store, electronic exchange, etc. - the main tool for making a profit - often contains a customer database, all the more valuable if the service involves long-term work with the client, repeat purchases, and so on.

Also, manipulation of payment data, fraudulent transactions in deposit/withdrawal systems or payment systems can cause great damage to the company.

Attackers attacking the site can be conditionally divided into two types:

1. We take everything that lies badly.

This kind of attackers try to gain access to a large number of sites, use primitive techniques, “noise in the logs”. Typically, such actors scan the site(s) with popular vulnerability scanners or look for vulnerable CMSs for a specific exploit. They may be interested in both the user base and the banal iframe on the so-called. exploit-pack.

search for accomplices to commit an offense under Article 273 of the Criminal Code of the Russian Federation

A timely web application security audit will help identify vulnerable components and problem areas of the site. Recommendations will help you be prepared to repel hacker attacks.

2. We attack a specific target.

These types of attackers are usually motivated to obtain certain data or destroy it:

announcements on “near-hacker” forums

In this case, the attacker will not limit himself to passive methods - most likely he will attack the site until he gets the desired result, using all possible combinations of attack vectors.

A comprehensive security audit, which usually includes the following actions, can help to significantly increase the security of a site:

Search for vulnerabilities in server components;
Search for vulnerabilities in the server's web environment;
Check for remote execution of arbitrary code;
Checking for injections (code injection);
Attempts to bypass the web resource authentication system;
Checking a web resource for "XSS" / "CSRF" vulnerabilities;
Attempts to intercept privileged accounts (or sessions of such accounts);
Attempts to perform Remote File Inclusion / Local File Inclusion;
Search for components with known vulnerabilities;
Check for redirects to other sites and open redirects;
Scanning directories and files using brute force and "google hack";
Analysis of search forms, registration forms, authorization forms, etc.;
Checking the resource for the possibility of openly obtaining confidential and secret information;
Race condition class attacks;
Embedding XML entities;
Selection of passwords.

A site security audit is a proactive measure that allows you to get an adequate assessment of the security of a company resource, full information about the vulnerabilities found, possible scenarios attacks and recommendations for their elimination. This, in fact, is not an event, but a continuous process to ensure the security of the company's website business processes, maintain business reputation, economic growth and business development.

Do not wait until your site is attacked by intruders - order a comprehensive website security audit from professionals.

How do you know if the site you are visiting is safe? Is it risky to buy something on it and how suitable is its content for children?

To do this, popular antiviruses have a built-in site rating system. Most often, it works based on the votes of the users themselves. There is a similar system, for example, in Avast internet security. But there is one small "but" - almost all antiviruses with similar functions are paid! And, as a result of their paid nature, they have a rather limited audience, which means that only a small number of them get into the rating of site evaluation!

So I found a better solution for myself. It's called Web Of Trust.

Web Of Trust free service site reliability assessments.

Principle of operation

In fact, this is a special gadget for the browser, which, when opened, new page near address bar shows its rating in the form of a colored emblem. (It can be colored from bright green to bright red) And the greener the emblem (an indicator of the site's trustworthiness, if you will), the safer the site. And vice versa - if the icon turns red - something is wrong with this site ...

And download it by clicking on the red button on the right. I will also attach a short instruction in pictures for installing the plugin in Internet Explorer:

Run the "phpinfo()" protocol and check the line with the "open_basedir" command. With this command, you can define the base directory for all users. After setting this value, they will no longer be able to open files outside of this root folder or its subdirectories, such as "C:\Windows".

If you have other structural directories, define them as the base directory with the "www_root" command. However, one user will also be able to read and modify another user's files. This must be prevented.

Unfortunately, there are no options in the "php.ini" file to prevent one user from accessing another's data.

But there is one interesting way if PHP is running on Apache. In "phpinfo()" you will find two columns: "Main Value" and "Local Value". The first is the value in "php.ini". The second is a value that is determined during server operation.

If the base value is small in numerical terms, then it can be changed in the script using the "ini_set ()" command. This does not apply to "open_basedir" because this value is security critical and can only be changed by an administrator.

AT Apache config the file "httpd.conf" can be specified in the directory under the local value "open_basedir".

Other PHP settings

By setting "disable_functions" in the "php.ini" file, it is necessary to disable functions that are potentially dangerous.
Think carefully about every action you take. Disabling the function means that some scripts will stop working.

Some functions are really dangerous and are not usually required for scripting. Others - may be necessary for certain purposes. Therefore, it is not easy to disable all the features that can be dangerous, but also carefully weigh your decisions.

Do not believe that one "safe_mode = On" function will be enough. She can disable some useful features and not solve the security problem described above. Safe mode deprecated in PHP 5.3.0 and removed in PHP 6.0.0.

Defense issues

There are several mistakes that a web developer can make and make a website insecure.

For example, if you are creating your blog and allowing users to upload images, this can be a major hazard when the code is written by a beginner. There are several mistakes that a programmer can make on the login page, etc. One of the most common is the lack of a ban on downloading malicious algorithms.

The important point is that one insecure site on public hosting is a threat to the entire server. Also installing Open Source projects like PHP-Nuke can be risky. Several vulnerabilities in such projects have already been discovered.

Just about the complex. Programs. Iron. Internet. Windows