On Apr 09, 2014, at 11:26 , Me <jsch...@flowtools.net> wrote: > On 04/08/2014 09:46 PM, Rob Seastrom wrote:
>> If that's true, you might want to consider immediately disconnecting >> your systems from the Internet and never re-connecting them. After >> all, theres a lot of online unseen code testing your site already >> whether you like it or not. >> >> -r >> > Sending someone to a site with obscure TLDs of .io or .lv doesn't help in > these situations. This is a perfect opportunity for someone to set up a drive > by site to drop malware on someone's computer. > > I'm not saying these sites did that but in order to see the code, someone > would have to visit the site first. I personally would use wget instead of a > browser for sites like these and did so in this situation. > > And yes, your point is not lost on me, there are tons of sites that have > obfuscated code and malware running on them, I know that. In the list of tools were several sites with code you could download, review, and run locally on your machine to test against the bug. However, I trust some of the sites listed. My new favorite is <https://sslanalyzer.comodoca.com/>, since it takes ports other than 443 and gives back a lot of info. -- TTFN, patrick
signature.asc
Description: Message signed with OpenPGP using GPGMail