This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to safely check if a website is malicious

Hi guys,

After watching the following video of CNN how easy it is to hack companies I forwarded it to my IT administration team.

They all had a good laugh on how stupid these guys were and continued with their job.

During my daily check of the SOPHOS central alerts I found one which was caused by one of my IT colleagues who tested a website which was blocked by intercept X on another colleagues computer.

I highly thank Sophos for protecting us against this threat but how can my IT admin check if a website is malicious or not in a safe way?

There are several websites who pretend to check websites safely but in my paranoid IT world I’m not sure if I can trust these sites. Is there a SOPHOS way to perform such a test safely?

Thanks a lot and best regards

Matt



This thread was automatically locked due to age.
Parents
  • Another way is to simply pay for another internet drop, my last job we had one, when you think about it the cost is not much.  Basically we had a 60.00 dollar a month internet cost, on a desktop that had our OS Image & AV Running.  It did not have our firewall but the goal was to test the AV, but it also did provide a nice setup to test potentially malicious links, emails & other stuff.  It also gave the us a great way to pentest our own setup since we were essentially coming from the outside in this way.  Worked great for setting up FTP's or anything else, honestly it was probably the most used piece of tech we had for the cost we spent on it.

    Depending on the size of your company you could also buy a smaller version of a Sophos firewall for the test drop as well, especially if you tell your Sophos Rep what its for, I worked closely with ours and got a good deal on one for my home use, I know I could have installed home for free but honestly for 3 years and what I paid it was comparable to a new router for home anyway.

     

     

     

    Respectfully, 

     

    Badrobot

     

Reply
  • Another way is to simply pay for another internet drop, my last job we had one, when you think about it the cost is not much.  Basically we had a 60.00 dollar a month internet cost, on a desktop that had our OS Image & AV Running.  It did not have our firewall but the goal was to test the AV, but it also did provide a nice setup to test potentially malicious links, emails & other stuff.  It also gave the us a great way to pentest our own setup since we were essentially coming from the outside in this way.  Worked great for setting up FTP's or anything else, honestly it was probably the most used piece of tech we had for the cost we spent on it.

    Depending on the size of your company you could also buy a smaller version of a Sophos firewall for the test drop as well, especially if you tell your Sophos Rep what its for, I worked closely with ours and got a good deal on one for my home use, I know I could have installed home for free but honestly for 3 years and what I paid it was comparable to a new router for home anyway.

     

     

     

    Respectfully, 

     

    Badrobot

     

Children
  • Since Sophos doesn't really have a way or a kind of test program in its portfolio to separately test URLs we used our friend Google.

    There we found a website called https://rescan.pro/. They offer a free version where you can check up to 3 URLs per day on malicious code or other threats.

    We tested several websites the past two days to see if it's able to detect issues like Sophos and it looks pretty good so far.

    Maybe this helps other guys here out, too.
    And hopefully there will be a new feature in Sophos Central to test URLs, soon :)

    Cheers,

    Matt

  • Yes these are great too!  Really there are a lot of testing methods out there, it all comes down to budget in my book, I would encourage you to try multiple paths, thanks for the link!

     

    I should also add Alien Vault is a good one- www.alienvault.com/open-threat-exchange

    Respectfully, 

     

    Badrobot

     

  • Fully agree!
    The good thing is, that budget is not really a big issue as long as it helps to get our enterprise network more secure.

    Thanks for the alienvault link! 

    Cheers,

    Matt