Detecting malicious websites
mitchell
mitchell at tufala.net
Sat May 12 11:40:44 UTC 2012
>
> On Sat, May 12, 2012 at 5:24 AM, Ryan Gauger<rtgkid at gmail.com> wrote:
>>
>>> Sorry for being a little off-topic, but I think you gave just about
>>> enough
>>> information. It is very difficult to detect these malicious websites
>>> without
>>> an anti-malware app, and it is advertised for Linux that there is no need
>>> for this type of software, because Linux/Kubuntu doesn't get viruses. I
>>> have
>>> accidentally visited several malicious websites on Windows 7, so that is
>>> the
>>> main reason I decided to stick with Ubuntu. Thanks!
>>>
>>
Detecting if your website was compromised from your local machine is a
wrong approach. Generally, you would want to do this on the server, hosting
the website, by monitoring the server logs and the modifications to the
files of the website.
In your case, I guess that your mother's computer got infected, and the
virus modified the files on the website using FTP. This is how can spread
to other computers. This would be visible in the FTP logs. I suggest that
you also monitor your files for changes. The easiest way to do this, is run
a cron that makes a recursive directory listing every hour, compare it with
the listing from the previous hour, and e-mail you if there are differences.
Regards,
--
# mitchell
Web: http://csc.bg,
E-mail: mitchell at csc.bg, mitchell at tufala.net
Jabber / Google Talk: mitchell at tufala.net, mitchell at jabber.del.bg
ICQ: 164274286
Skype: mukareste
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kubuntu-users/attachments/20120512/1c5cf530/attachment.html>
More information about the kubuntu-users
mailing list