W.O.P.R STORM monitor - how to find intruders
Home
/
storm.monitor
/index.asp
Protect your website by monitoring your content.
This is a set of tools and utilities to monitor, and discover unauthorized intrusion of your website. It's a kind of Intrusion Detection System for webservers.
GOTO: Understand your Enemy, or - Rationale
Get an Overview of the monitor concept.
Contents monitoring
Discover use as placeholder for malware files.(Description in pipeline)
Discover use as redirection to malware files.(Description in pipeline)
Files - .exe, .js , .htaccess etc.(production ready)
MS SQLServer database.(production ready)
The Serverside tools
ASP driven websites.(production ready)
Monitor - ASP
The serverside ASP file, which is used by the Monitor for ASP systems, Description
here
Monitor - ASP/md5
Include file to the serverside ASP file.
Monitor - TEST/asp
A testform to verify the serverside ASP file.
PHP driven websites.(production ready)
Monitor - PHP
The serverside PHP file, which is used by the Monitor for PHP systems, Description
here
Monitor - TEST/php
A testform to verify the serverside PHP file.
ASP/MS SQLServer sites.
3 steps to install the table and functions/triggers
Monitor - ASP/SQL
Description
here
mySQL.(NOT in pipeline p.t.)
Should be possible to make with newer versions of mySQL
Oracle.(NOT in pipeline p.t.)
Should be no problem.
postgreSQL.(NOT in pipeline p.t.)
Should be no problem.
SQLite - getting and setting up
GOTO: SQLite installation and setup.
Clientside Monitor/probe
The
ini file
common(allmost) to both Windows and Linux.
Download and install the
Native windows service.
Download and install the
Linux(x86) daemon or console.
Linux/WmWare(Description in pipeline)
About SQL Injection (finding & removing), may - aug 2008
How it's done, how we can find it, and eventually how to remove it.
Index of the
S
QL injections