Saturday, July 22, 2006

What's Down the Garden Path?

Most viruses, trojans, and other computer infestations are generally the result of clicking on a popup, banner advertisement or a link to an infected page. There are many web pages that contain hidden "drive-by" installations that can occur merely be accessing the page.

There are two methods available now to check what's down the garden path before accessing a URL. The first, and currently better known product is SiteAdvisor, originally developed at MIT and recently acquired by McAffee. SiteAdvisor includes plug-ins that reveal dangerous Web sites listed by search engines, including Google, MSN, and Yahoo, before clicking the link.

As indicated in information on "How SiteAdvisor Works", SiteAdvisor provides three indices through color changes of the "safety button":
  • Safe: We tested the site and didn't find any significant problems.
  • Caution: Our tests revealed some issues you should know about. (Example: a site tried to change our browser defaults, or sent a lot of "non-spammy" e-mail)
  • Warning: Our tests revealed some serious issues that you'll want to carefully consider before using this site at all. (Example: The site sent us lots of spammy e-mail or bundled adware with a download).
The newest tool available is LinkScanner by Exploit Prevention Labs. Simply paste the URL in the box provided at where the site will be inspected in real-time to determine whether it is hiding any exploit code.

As explained by Exploit Prevention Labs:
"Cybercriminals use "lure" sites to attract web users to sites they have invisibly infected with exploit code. This exploit code is then used to infect users' PCs with drive-by downloads of spyware, rootkits, and other malware."
Although neither SiteAdvisor nor LinkScanner provide a guarantee that a site is 100% safe, checking out an unknown URL through either tool first will greatly supplement your computer's security tools and provide a much clearer picture of what may be lurking down the garden path.

No comments: