[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Websec

On Wed, 26 Jan 2005, David Baron wrote:

> That is if these sites are on my server. I am talking about sites elsewhere so 
> would require downloading everything first. Websec (off Sid) keeps the 
> previous version around for you and compares from the URL.

remote is even better ...
	- you do NOT waqnt the master to be on the same server
	as the one being defaced

ssh remote-box
	ls -laR --long-time /home/http > /tmp/website.txt

mail -s stuff  d_baron@012.net.il < /tmp/website.txt

now on your box or the remote box.. you can
check the data against the tree
	- use ls or md5sum or anything you like

	- cron should be running every minute or 5 minutes
	to check for its "defaced status" if you're
	super paranoid 

a remote copy of the entire tree is also a good idea

besides, you should always have 2 or 3 copies of all your
web data ( backups ... full, weekly, daily.. etc ) including
your db updates/changes and ecomm info

	- and credit card info is even more critical to
	cover its track which should not be out there

c ya

Reply to: