Server Protectors to crawl the web to alert vulnerable site owners
Gosh, darn script kiddies!
Has your site ever been compromised through an embarrassing security hole? A few months back, a forgotten virtual machine in the DMZ part of a client's network was compromised... several times, by different people... It was amusing seeing how many modifications they made to some tables in a few databases, what they wrote, we got a pretty good kick out of it.
But it definitely got us thinking, these script kiddies go around all day, abusing zombie servers and google to find new victims, trying to hit a jackpot, hoping to find SSNs, credit card numbers or something similar. So, what can we do stop them? Well, secure that server, sure, but what else?
We could also alert people with holes in their machines, but hey, can we afford to do that? Yeah! We can, at least for visible holes those script kiddies exploit!
And on we go...
What's their modus-operandi? They look for a popular vulnerability, easy to exploit, and easy to find, with Google (the reason Google continuously makes the top-100 list of preferred security assessment tools as you can see here).
And this is exactly what we are doing, crawl the web for known security issues, try to assess if the hole is present in a particular server, try to identify the proper person to contact, either by email addresses published in websites hosted there or through the whois records, and alert them with proper information to fix this bug.
Simple enough! Yes, but we believe this could go a great length at stopping this type of attacks.
Stay tuned for more!
Hello server-owner!
We are writing you from Server Protectors to let you know that we have identified a potential security hole in your server with IP $ip. You might want to address this security issue as soon as possible since this issue can be easily found using the following query on google, $query.
CVE: $cve_data
URL affected: $url
Date: $dateYou can read about why you are getting this in Server Protectors to crawl the web to alert vulnerable site owners.
