Using Online tools to detect malware

When running a web site, it is important to realize that malware can ruin a site’s reputation, harm your long time and new customers, and generally make your site a problem. Because of this, a number of major web service providers have jumped on the bandwagon of providing services for webmasters that want to ensure their site is free of malware, and clean it up if any malicious code is found. Yahoo!, Google, and Microsoft all have entries in this market with different capabilities.

Yahoo!’s offering is known as SearchScan, and it provides anyone making a search on yahoo.com with warnings about sites. This is an extension of McAfee’s SiteAdvisor system, allowing Yahoo! to detect malware while spydering a site. There are 3 different classification for sites, Browser Exploints, which result in a site being banned from the search engine, Dangerous Downloads, ranging from viruses to trojans, and Unsolicted email, where sites scanned are known to practice spamming. If your site appears with either of the two later warnings, and if it is banned from Yahoo! do to browser exploits, you need to do a full scan of your site for malware, because otherwise you will risk losing a great deal of traffic. The service does not provide any corrective tools of its own.

Google provides users with a similar service, Safe Browsing Diagnostic. To use this tool, simply check your URL in the following format: http://www.google.com/safebrowsing/diagnostic?site=http://yoururl.com. This allows you to get a report on your site, whether it is suspicious, how recently it was flagged, and when the last malicious code was seen. This provides you with the opportunity to learn more about what could have flagged Google, providing you with more details than the Yahoo! system. The software also knows whether you have simply executed malicious code or whether you hosted malware, allowing you to know whether a user uploaded a virus or you hosted one by accident. These details are useful because they tell you whether your site is currently a risk to browsers, whether you should put tighter controls on how users interact with your site, etc. Unfortunately the system doesn’t give you any more detail, so if you want to remove infected files, you will need a standalone, server class anti virus application.

Finally, the most recent addition to this field has been Microsoft’s Live Search webmaster tool. This application provides you with the ability to search URLs for malware and links to malware. This is important because it means it will detect if somewhere you send your customers to contains viruses. This additonal layer of security is extremely useful, and its couple with a detailed reporting system, letting you know what pages contain malicious code and download these reports to your computer. While this system is perhaps the most detailed, they do not integrate it with the actual Live Search service, and as such this means you will not be flagged for having such content. And, while the report may tell you what files are infected, only antivirus software can reliably purge malicious code from your site.

In the end, it is a combination of these search engines that will reap you the greatest benefit while looking into the security and safety of data and visitors on your site. By using all three options, you will have a good idea what is wrong, where it is located, and that will help you determine what tool you use to solve the problem. Diligence in protecting your customers is important because if you get a reputation for being dangerous, you will drive away site visitors quickly.


Posted by Ian Logsdon.
Did you enjoy this article? If so, then subscribe to my RSS feed.
There are more resources available at our On-line Webmaster Resource Center.

Free guide on how to market your ecommerce store

Click here to subscribe to this blog