Re: Finding porn links in hacked web pages

Mon, 28 Jan 2008 00:05:42 -0800 

Hi Geoffrey,
I think the problem here is a business and ethical issue and not a technical issue. The technical reality is as Omer states. That is, it takes time and technical ability (in other words, money) to keep web sites safe. Your friend needs to understand this and either find the money required to maintain his site properly or to shut it down. He might also consider merging his service into a site that has the resources to look out after itself and its users. 
Regards,

 - yba


On Mon, 28 Jan 2008, Omer Zak wrote:


Date: Mon, 28 Jan 2008 09:15:57 +0200
From: Omer Zak <[EMAIL PROTECTED]>
To: linux-il <linux-il@cs.huji.ac.il>
Subject: Re: Finding porn links in hacked web pages

The method which I use is to:
1. Perform periodic backup of the entire Web site, including SQL dumps
of any databases driving it.
2. Download the backup files to PC.
3. Open them (into a subdirectory and import into a new DB instance,
respectively).
4. Run 'diff' between the opened files and the previous backup.

For regular files, use 'diff'.  For DB comparison of two MySQL DBs, I
use a Python script, which I wrote.
                                          --- Omer

On Mon, 2008-01-28 at 09:03 +0200, Geoffrey S. Mendelson wrote:

Yesterday my wife went to a perfectly normal web page and after
a few seconds a porn page replaced it.

I looked at the HTML page source and found that at the bottom of the
page were hundreds of links, which did not belong there. I called
the publisher of the page, and he determined that his server had been
"hacked" and the links added.

He is not technicaly inclined at all, and does not have the ability
to check his pages without going to each one in a browser and looking
at the page source. He has thousands of pages and runs the site as
a Jewish news site, with no income.

I was thinking that I could write a program that scans each of his
web pages using wget or lynx to download them, but don't want to
start writing code if it has been already done.

Any suggestions?





--
 EE 77 7F 30 4A 64 2E C5  83 5F E7 49 A6 82 29 BA    ~. .~   Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
     - [EMAIL PROTECTED] - tel: +972.2.679.5364, http://www.tkos.co.il -

=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Reply via email to