Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
systems:web:security [2013/02/26 14:04]
smayr
systems:web:security [2013/02/27 16:52] (current)
smayr [Website Security]
Line 3: Line 3:
   * [[http://www.google.com/webmasters/tools|Google Webmaster Tools]]   * [[http://www.google.com/webmasters/tools|Google Webmaster Tools]]
     * Login, then Home > Add Site. Eg: ''http://www.example.com''     * Login, then Home > Add Site. Eg: ''http://www.example.com''
 +    * Verify:
 +      * Traffic > Links to Your Site
 +      * Traffic > Internal Links
   * Install Lynx web browser to test site. In Ubuntu:<code>% apt-get install lynx-cur   * Install Lynx web browser to test site. In Ubuntu:<code>% apt-get install lynx-cur
 % lynx www.example.com % lynx www.example.com
 </code> </code>
-  * Install a sitemap: <code xml>+  * Install a sitemap following [[http://support.google.com/webmasters/bin/answer.py?hl=en&answer=183668|sitemap standards]] (use a [[http://code.google.com/p/sitemap-generators/wiki/SitemapGenerators|sitemap generator]]): <code xml>
 <?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
 <urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" <urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"
Line 27: Line 30:
 </urlset> </urlset>
 </code> </code>
 +  * List all files with a certain datetime stamp that match the compromised files: <code>% ls -l -R | grep --color=auto '2011-08-02 16:18'</code>
 +  * List all files with a certain string inside: <code>% grep -H -r "redeem reward" /home/tom | less</code>
 +  * Update server operating system. Eg. Ubuntu: <code>% apt-get update
 +% apt-get upgrade</code> Upgrade operating system to newer version. Eg. Ubuntu: <code>% do-release-upgrade</code>
 +
 +== References ==
 +  * [[http://www.opinionatedgeek.com/dotnet/tools/base64decode|Base64decode for encrypted malware]]
 +  * [[http://ddecode.com/phpdecoder|PHP Decoder: Decrypting malware]]
 +  * [[http://stackoverflow.com/questions/5922762/eval-base64-decode-php-virus|Cleaning Eval-base64-decode PHP virus]]
 +  * [[http://support.google.com/webmasters/bin/answer.py?hl=en&answer=183668|Creating Sitemaps]]
 +  * [[http://support.google.com/webmasters/bin/answer.py?hl=en&answer=35769|Google: Webmaster Guidelines]]
 +  * [[http://support.google.com/webmasters/bin/answer.py?hl=en&answer=163634|Google: Cleaning Your Site]]
 +  * [[http://support.google.com/webmasters/bin/answer.py?hl=en&answer=2721435&topic=2371375&ctx=topic|Google: Hacked Content]]
 +  * [[http://hakipedia.com/index.php/Local_File_Inclusion|Hakipedia: Local File Inclusion]]
 +  * [[http://www.imperva.com/docs/HII_Remote_and_Local_File_Inclusion_Vulnerabilities.pdf|Imperva: Remote and Local File Inclusion Vulnerabilities (PDF)]]
 +  * [[http://blog.sucuri.net/2011/02/the-attack-from-the-ccs-domains-considered-harmful.html|Sucuri: Website Attack Cleaning]]
 +  * [[http://sitecheck.sucuri.net/scanner/|Sucuri: Website Malware Scanner]]