Re: [ISN] Lockstep repairs hacked Web sites with WebAgain

From: InfoSec News (isnat_private)
Date: Thu Feb 21 2002 - 01:33:00 PST

  • Next message: InfoSec News: "[ISN] 'Penetrate and patch' e-business security is grim"

    Forwarded from: Robert G. Ferrell <rferrellat_private>
    
    > WebAgain allows Web sites that are compromised or modified by
    > attackers to automatically be restored to their proper state,
    
    Gee, I wrote a Perl script called MIVP (Mirror Integrity Validation
    Program) in 1996 that did exactly this.  It compared several
    attributes of each file in the user-configured list to those on a
    remote server or read-only media and if it found any differences,
    restored the modified file and notified the proper people.  
    
    It also had a range of logging and other security-related functions
    that could be configured by the user.  I offered it (for free) to the
    Air Force after their Web site got defaced (New Years 1997, if my
    memory serves), but they turned it down.  I know at least one other
    person who wrote a similar program in 1997.
    
    Everything old is new again.
    
    RGF
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Thu Feb 21 2002 - 05:05:58 PST