Happy Chinese New Year!
I’ve got a new version of Unmask Parasites. It’s a free online tool that helps site owners reveal hidden security problems. Hope you will like it.
The major new feature is the integration with Google’s Safe Browsing project. Now examined links and all referenced domains are checked against Google’s blacklist. It’s the same list that Firefox 3, Safari and Google Chrome use.
The results will clearly indicate whether a page links to suspicious sites (bad neighborhoods) or generates security warnings in Google’s search results and in popular modern web browsers.
All links in Unmask Parasites reports are now safe. It is safe to click even on suspicious links – they all now lead to intermediary “Link Details” pages where you can
In this version, results are cached for 2 hours only (the previous version cached results for 3 hours). Caching prevents abuse of the service, improves performance and decreases load on the target websites.
However, you might want to be able to re-check your site when you’re fixing reported security issues and cached results are not what you need. Now real time results will be available 1 hour earlier. (Of course, you can get real time results right away if you use the trick with alternative urls: i.e. while www.example.com is cached, you can still get real time results for example.com or www.example.com/index.html ;-)
During the last several months I examined hundreds of compromised web pages that Unmask Parasites didn’t detect as suspicious. I also consulted with a few researchers from security software companies and was able to identify new patterns of malicious scripts. As a result the new version of Unmask Parasites is much better at detection of suspicious scripts. Don’t expect miracles though. You still need to double-check HTML code if you want to be 100% sure that no alien scripts were injected in your files.
Since the very first release of Unmask Parasites I don’t display links from a few trusted popular domains (i.e. google.com, www.google-analytics.com, wordpress.org, wikipedia.org, etc.). This helps avoid excessive clutter and focuses the viewer on the rest links that have more chances to be suspicious.
Now I’ve expanded the list of trusted links with links to social media submission services. You know, many blogs contain links/buttons to add their articles to Digg, Delicios, Facebook, Technorati, StumbleUpon, Yahoo Buzz, etc. Sometimes such links occupy a whole screen in the list of External References. So I decided to get rid of them (so far 17 submit urls marked as trusted and thus removed from reports).
BTW, have you bookmarked Unmask Parasites? ;-))
I know, some of you use Unmask Parasites to help other people identify their sites’ security problems. I’ve seen copy-pasted reports on various forums. That’s great! However, as a result sometimes you expose direct links to malicious sites and need to remember to mangle them somehow. This happens mainly because Unmask Parasites is an AJAX web application and all security reports have the same URL in a browser’s address bar.
Now you will find links to individual reports in their “General” section. Just copy the link and paste it wherever you want.
It must be a coincidence, but today the counter of detected suspicious pages has reached the 1,000 mark.
So far Unmask Parasites averaged 5-7% of suspicious pages. (This number doesn’t include hundreds of checked pages with the bogus Antivirus 2009 redirects, since technically they were not marked as suspicious.)
Now with the integration of Google’s Safe Browsing API and the improved malicious script detection algorithm, I expect that 10-15% of checked web pages will be reported as suspicious. And I hope this will help more site owners identify what’s wrong with their sites.
So, this new version is officially released. Go check your sites, then check you friends’ sites, then sites that you regularly visit. Then click that blue feedback button on the left side of the report page and tell me what you think about the new version. It’s still a beta version and I need your comments, suggestions and bug reports. You can also leave your comments here or use one of my contact forms.
Let’s go and unmask the parasites!