Free Online Articles Directory
Home Page  Joseph Schembri |
|||||
 |
 
Joseph Schembri - Articles Sort By: Date | Popularity
 Quick Reference Links To Fight Iframe InjectionsI have had many requests from people reading my articles on combatting iframe injection to create a quick start guide with the various links one can use to detect and recover from iframe injection attacks. New Malicious iFrame Injection - Mal/Iframe-NThe Mal/Iframe-N appears to be the latest malicious iframe injection attack on websites. Since releasing detection for Mal/Iframe-N, SophosLabs have seen a rising number of detections. Detections are now into the thousands of websites affected by this threat. Some of the sites hit are also well known. More On Hidden Malicious Iframe InjectionsTo hide iframes in the HTML, hackers use obfuscated scripts. Apart from obfuscated scripts, hackers are now also using what is called packed javascripts. Packing javascripts is a good thing as it improves delivery and optimization. But, as always, these legitimate things can be used in a bad way to hide and insert malicious unreadable iframes into your web page. When you check the HTML code of such web pages you don’t see any iframes, just some JavaScript with unclear purpose. Obfuscated iFrame Injection AttacksCompromised websites can be infected with hidden iframes and/or with obfuscated (escaped) javascript code. Obfuscation is the concealment of meaning in communication, making communication confusing, intentionally ambiguous, and more difficult to interpret. It is basically a form of encryption. Using File Permissions To Combat iFrame InjectionsMost website file permissions are CHMOD 644. Since iframe injections attack your index.* web pages, the CHMOD 644 may not be enough to protect them. CHMOD 644 gives you, the user, all read, write and execute permissions and everybody else only read and execute permissions. You would think
that this should be enough to prevent an iframe injection. Unfortunately, it is not. Measures to Prevent and Detect iFrame Injection AttacksIf you have suffered an iframe injection attack you need to act fast. If the security of your website is compromised, it can affect the search engine rankings of your website. Besides, it may pave way for more sophisticated attacks. Google will mark your site in it's search results with a warning: "This site may harm your computer". Your traffic will go down to zero. How To Submit Your Blogger Blog To Search EnginesHow to submit your Blogger Blog to the major search engines in the same way as done with websites. Learn how to do a complete submission rather than just submit a URL that would have an unkown time for indexing, being added to the search engine directory. Website Protection Using The Index PageThe other directories(sub-folders) on your website, the ones below your root directory, which is typically called "public", or "public_html", do not normally have an index page. If the index page is not there, your visitor may be able to view every web page or file you have in that directory. A folder without an index page is open and everyone can find your product if they search for it. You thus should create an index page for all your folders. Website Protection and Security Using File and Directory CHMODA variety of files and directories in your website need to be given the correct permissions. Giving permissions to files or directories is called CHMOD (change mode). Chmod is a command that lets permission levels be assigned to each file or directory. The proper CHMOD is needed to help you with your website protection and security. Website Protection Against iFrame InjectionsLearn how to detect, remove and protect against iFrame injections attacks to your website.
|
 |
|||
|
Article Categories
|
|
||||
|
|
|||||
