Home > IT Blogs > Security Corner > Software for Secure Computing: Exploit Prevention Labs Link Scanner
>>VIEW ALL POSTS  

Security Corner

« Security Resolutions for 2009
The Great Drive Wiping Controversy Settled at Last »
Jan 17 2009   3:27AM GMT

Software for Secure Computing: Exploit Prevention Labs Link Scanner



Posted by: Ken Harthun
Security, Secure Computing, Exploits, Vulnerabilities, Anti-malware, Malware, Cybercrime

With cybercriminals now actively poisoning search results and legitimate websites–unbeknownst to the webmasters–you can’t be too careful when clicking on links. Take a look at this video library presented by Exploit Prevention Labs (XPL) CTO and Chief Researcher Roger Thompson and you’ll see why. The videos show a number of recent exploits.  The bad thing about these exploits is that you never see them coming. From the XPL Threat Center:

Exploits deliver their malcode through driveby downloads that happen silently and can be delivered through any kind of site. Most site owners don’t know themselves when their site has been poisoned - it’s happened to every kind of site, from global businesses to individual MySpace pages.

That’s why you should be using XPL’s LinkScanner. This nifty utility integrates with the search engines to check for a variety of threats, so you’ll know whether a site is safe (or not) before you click the link. Take a look at the screenshot of my Google search on “warez.” The red X’s are the LinkScanner results: those sites are dangerous. The green checkmark on the Wikipedia entry indicates that it’s safe to surf.

LinkScanner allows you to check any link on demand by right-clicking on the link and selecting “Quick Scan with LinkScanner.” This is great for checking links in sites you’re surfing. You can also open a console and paste an address for scanning.

You may wonder how LinkScanner compares with McAfee’s SiteAdvisor. So did I. XPL gives an in-depth comparison on their LinkScanner vs SiteAdvisor page. Here’s an excerpt:

LinkScanner’s SearchShield technology actually does a live scan on Google, Yahoo and MSN search results and with no delay in search engine results delivery. This enables LinkScanner to definitively state whether the page behind any link is or is not safe at the only time that matters – the time you plan to visit it.

In contrast, SiteAdvisor “crawls” entire sites over a period of weeks and/or months and renders opinions about entire sites, which are then stored in a central database.

Download LinkScanner Lite it for yourself and you just may find, as I did, that it’s an indispensible tool for secure computing.

AddThis Social Bookmark Button     Comment     RSS Feed     Email a friend

Comment on this Post


You must be logged-in to post a comment. Log-in/Register

DeborahS  |   Jan 19 2009   12:59PM GMT

Another alternative, which is slightly different from LinkScanner and SiteAdvisor, is Web of Trust. WOT warns Internet users about risky websites to help avoid spyware, browser hijacking, identity theft, phishing and other Internet scams.

Website rating information is updated continuously by our user community and trusted sources, such as listings of malware and phishing sites. People who have used WOT have noticed that the user driven approach often gives more accurate ratings than automated ones like SA and LinkScanner. Furthermore, WOT provides reputation regarding “vendor reliability” and “child safety”, where human input is crucial. Many of our users even use WOT side-by-side with other systems for a layered approach to Internet safety.

It would be interesting for you to try out all three and compare each one.

Safe surfing,
Deborah

Supporting Facts of WOT
• WOT has been downloaded by 3 million users
• Information on 21 million websites
• 1 in every 20 websites is harmful
• WOT users can contribute by rating and commenting on websites
• WOT also receives information from a large number of trusted sources, such as PhishTank, hpHosts, DNS-BH Malware Domain list and Artists Against 419.