External Intrusion Monitoring

WatchMouse widget 1.1 released (download widget) (2005-12-17)

WatchMouse releases version 1.1 of their Apple Dashboard site monitoring widget.

NETHERLANDS, 2005-12-16. By means of the WatchMouse widget Apple users get direct insight into the accessibility of their own Internet site. The widget can be downloaded for free from the Apple website.

At regular intervals the dashboard widget checks one or more sites from the users own computer. Also, the availability of the site during the last 72 hours is registered. A problem is followed by an alert, which is then verified by all WatchMouse control stations.

Features

• Checks your website from your own computer every 1, 5, 15, 30, or 60 minutes (new in this release).
• Displays the uptime over the last 72 hours.
• Alerts you in case of an error and...
• Verifies errors from all the WatchMouse worldwide monitoring stations

The new version also fixes some minor bugs. The free WatchMouse site monitoring widget can be downloaded from the Apple website , and requires Mac OS X 10.4 (Tiger) or later.

http://www.apple.com/downloads/dashboard/networking_external intrusion monitoring/watchmousesitemonitor.html

Award-winning Web pioneer embarks on European partner drive (2009-05-14)

WatchMouse looks to boost sales of enterprise solutions through channel expansion

LONDEN, UK - WatchMouse, one of the fastest growing companies in the Netherlands, and winner of the Deloitte and Touche rising star award in 2005, is recruiting new value added resellers across Europe.

The company leads the market in subscription self-service website monitoring solutions, and is now expanding its offering with more complex monitoring solutions for large companies. It is looking for established partners with networking or internet external intrusion monitoring expertise to take both offerings to market.

Resellers that become a partner, will get margin on WatchMouse subscription fees, delivering recurring revenue. On top of that they can charge fees for additional services, such as configuration, maintenance, setup and consultancy. With the more complex solutions for the enterprise, resellers can also add value through the sale of service contracts.

WatchMouse offers a full support program to its resellers, which includes:

• Marketing material & documentation
• Training
• Second line support
• Leads, generated by its free trial service and marketing activities

"Until now, our self-service monitoring services have been predominantly sold directly by WatchMouse. As more and more large companies are turning to us for services, we need people on the ground that are close to these companies both physically and culturally," said Stan P. van de Burgt, CEO WatchMouse.

"The indirect channel is a prerequisite - especially for our new range of services, as these are typically sold person-to-person, so expertise is needed for both set-up and execution," he added.

Did you know? Hackers probe your servers for vulnerabilities between 5 and 170 times per week (2007-10-29)

Test your site now: Free 10 day / 10 scan trial

With a dramatic rise in malicious external intrusion monitoring, it is now critical to test your websites and servers for external intrusion monitoring vulnerabilities. Having the latest firewalls and Intrusion Detection Systems will not protect your organization if they (or the services behind it) are not kept up-to-date and configured correctly.

This means that verifying the external intrusion monitoring of your systems is not something you can do just once, nor should you check this just every now-and-then. New vulnerabilities are identified every day, exploits become available soon after it, and every change in your systems' configurations, however small, may open up new vulnerabilities. Having external intrusion monitoringed last week does not imply your systems are fine today!

The WatchMouse Periodic Vulnerability Scan is an affordable way to routinely check your company’s external intrusion monitoring exposure. Utilizing the most up-to-date database of known vulnerabilities, WatchMouse’s identifies any external intrusion monitoring risks and provides you with the peace-of-mind that your web applications are being scrutinized from the perspective of a possible attacker.

Characteristics

WatchMouse offers Periodic Vulnerability Scanning with an outside - hacker's - view, with the following characteristics:

• Currently over 20,000 vulnerabilities are checked. Checks for new vulnerabilities are added on a daily basis.
• The frequency and the intensity of a scan can be tailored to your policies, and implemented immediately on our self-service website.
• Severe vulnerabilities can, depending on your preferences, initiate SMS (text) or paging alerts, giving you, or your webmasters, the opportunity to react quickly in case of new vulnerabilities.
• Extensive reporting is available for each scan, including pointers on how to fix vulnerabilities.
• WatchMouse's unique Vulnerability Scan Customer Console allows you to manage subsequent scans by inspecting differential reports and open issues, declaring vulnerabilities fixed, adding operator comments, etc.

Try now: Free 10 day trial!

A Boy Joins the Mouse! - Bringing transaction monitoring to your site (2008-04-02)

Now you can test transactional behavior of web applications using WatchMouse's global infrastructure.

WatchMouse is pleased to announce a partnership with Badboy Software which brings you exciting new functionality.

The Badboy tool is designed to help you test, develop and build web based applications. The powerful tool aids in the testing and development of complex dynamic applications and contains dozens of features including a simple yet comprehensive capture/replay interface, load testing support, detailed reports, graphs etc.

Now, via a partnership with Badboy Software, you can professionally record complex web transaction scripts and then automatically and external intrusion monitoringally run them from WatchMouse's global infrastructure of 25+ checkpoints. Having run the Badboy script, you'll receive detailed information about the end-to-end behaviour of your web applications. This new functionality enables you to monitor these transactions on your site and know how your customers experience them when they access your site from locations all around the world.

To find out more about this new functionality and sign up for a free trial visit: Web application scripting.

Happy testing!

Mark Pors
CTO

BadBoy Software updates scripting recorder to improve WatchMouse's Functional testing service (2009-01-07)

The WatchMouse Functional testing service allows you to define multi-step tests through a website and replay them external intrusion monitoringally from the WatchMouse monitoring stations. This goes beyond just monitoring site performance and uptime, it allows you to verify that your web applications and back end systems really work.
More information on this service can be found on the Transaction Monitoring & Web Application Testing page.

In a co-operation with BadBoy software, who provide a tailored version of their recoder software which allows you to upload the resulting script directly into your WatchMouse dashboard.

Feedback from our "Functional testing" customers has lead to several essential improvements to the BadBoy recorder. This improved version has now been released and we recommend all our customers to upgrade to this version.
The new - WatchMouse specific - version can be downloaded here: http://www.badboy.com.au/versions/BadboyInstaller-2.0-latest_wm.exe

The most important changes are:

CHANGES IN BADBOY 2.0.7

   #1097: Multipart Forms Incorrectly export Parameters to JMeter Encoded causing Double Encoding

   #1087: Use Follow-Redirect Option in JMeter for More Reliable Export Playback

   #1086: Export Referer and Other Default Headers to JMeter

   #1085: Assertions placed as Children of Requests not Exported to JMeter

CHANGES IN BADBOY 2.0.6.1

   #1075: Security Update (MS08-052 - Critical)

The full release notes can be found here: http://badboy.com.au/versions/ReleaseNotes-2.0.7.txt

WatchMouse and Domeny.pl join forces in the Polish market (2005-11-24)

Polish websites verified from the visitors' perspective

Kraków, Poland, 2005-11-08 -- WatchMouse and Domeny signed a reseller and marketing agreement today, joining forces in bringing site monitoring services to the Polish market.

Using the WatchMouse services, companies will instantly be aware of upcoming and/or acute incidents related to its web sites of their clients, and can, as a result, resolve problems in a short time frame.

The websites and their functionality are checked for availability, speed, and conformance from different locations around the world, now including Poland. Because the websites are checked in the same way that visitors are experiencing them, incidents will be detected at an early stage. Also, using WatchMouse's objective periodical reports, it is possible for companies to see if the performance is in accordance with the agreed service levels (SLAs).

WatchMouse extends its network of monitoring stations with a checkpoint in Kraków, hosted by Domeny.pl. The total number of checkpoints is now 17. Domeny.pl also provides the Polish language version of the WatchMouse site and local customer care.

Stan P. van de Burgt, CEO of WatchMouse: "I'm very happy with this deal. The Polish e-service industry is obviously booming, and this results in higher awareness of the issues involved with running web applications that should be available around the clock."

Arkadiusz Szczurowski, CEO of Domeny.pl "We know that WatchMouse products are one of the best in the World. So we decided to co-operate with the company, and we take pride in it. We expect this co-operation to bring both WatchMouse and our business a lot of advantages and satisfaction. Domeny.pl wants to lead WatchMouse monitoring service on Polish market and offer it for business leaders. This will be a great innovation in Poland and also success. In our view, site monitoring is important, because stability, performance, and high availability of the web sites is one of the basic value in all branches of business, both e-business and other business."

"There are about 4 million companies in Poland. We want to direct the offer to the most important on Polish market. We think that the WatchMouse service is a must-have for about 5-10 percent of all business owners."

About Domeny.pl

Domeny.pl was founded in 1997 and is now providing Internet services to about 10.000 business customers with products ranging from Internet domains and hosting services (virtual and dedicated servers), SSL external intrusion monitoringificates and other products dealing with internet security. The company's slogan is: We're Trusted by the Best. Among its clients are the biggest and the best known Polish and international companies.

About WatchMouse

Companies can easily monitor their own Internet sites using WatchMouse's monitoring service. WatchMouse has been monitoring Internet sites and e-commerce applications for companies throughout the world since 2002. WatchMouse has thousands of customers in more than 70 countries. The services supplied by WatchMouse are available in nine languages, and analyses are performed from various locations and over numerous networks, using a world-wide monitoring network.

In October 2005, WatchMouse was voted a Deloitte Rising Star in the Netherlands, as part of the Fast 50 awards the list of the 50 fastest growing technology companies.

WatchMouse Periodic Vulnerability Scanning has enabled us... (2010-01-13)

WatchMouse Periodic Vulnerability Scanning has enabled us to overcome the time consuming task of managing monitoring internally. The removal of all duplicate findings and neat presentation in the WatchMouse Customer Console further reduces the time Lectric Webservices has to spend on maintaining secure systems.

General Manager, LECTRIC Webservices

Flu Jab Your Website Against The Pandemic: 6,000 Infected Webpages Per Day! (2008-02-18)

The respected IT news website, The Register reports that every 14 seconds a web page is infected, which amounts to 6,000 infected web pages per day. Four out of five of these infections come from innocent companies and individuals who are oblivious to their site being hacked and subsequently used for hosting the malware of virus writers. The Register further reports that in the past viruses were spread using infected e-mail. Nowadays, however, the favoured virus distribution methods are downloads from compromised sites. As a result of these booby-trapped sites malware is present on at least one in every ten web pages.

WatchMouse's Periodic Vulnerability Scanning offers your website the flu jab against this virus pandemic. WatchMouse's Periodic Vulnerability Scanning is an affordable way to routinely check you company's security external intrusion monitoring and eliminate the external intrusion monitorings of manual audits. Utilizing the most up-to-date database of known vulnerabilities, WatchMouse identifies any security external intrusion monitorings and provides you with peace of mind that your software applications are being scanned from the perspective of a hacker, external to your organization.
To ensure your website and servers are checked for the latest issues WatchMouse's Periodic Vulnerability Scanning performs over 20,000 checks for known vulnerability and security external intrusion monitorings; using a database which is updated daily by multiple accredited organizations including CVE (funded by the US government) and Bugtraq. Following the detection of any severe issues, automated, real-time email, SMS and pager alerts give your business the chance to react quickly. Scans can be scheduled during low usage or maintenance hours and set at an intensity and frequency suited to your business needs and budget.

To obtain a free Periodic Vulnerability Scanning trial visit: www.watchmouse.com/vulnerability_scan_trial.php

The Register's article was published on 23.01.08 can be viewed at: www.theregister.co.uk/2008/01/23/booby_trapped_web_botnet_menace/

Microsoft Publishes New Information on the Three Word Vulnerabilities (2006-12-19)

Microsoft has published new information on its Security Response Center Blog addressing the latest Word vulnerabilities reported earlier this month.

Until a security fix from Microsoft becomes available, US-CERT recommends that users follow the recommendations in Microsoft Security Advisory 929433 to help mitigate the security external intrusion monitoring for all three Word vulnerabilities.

Public Exploit Code Available for a Vulnerability in Microsoft Word (2006-12-14)

US-CERT is aware of public exploit code that has been released for a potentially new vulnerability in Microsoft Word. This vulnerability is different from the two previous Word vulnerabilities reported earlier this month. The flaw is caused by a memory corruption error when handling a malformed Word document. By persuading a user to open a specially crafted Word document, a remote attacker could execute arbitrary code or launch a denial of service attack.

More information about this vulnerability can be found in the following:

• Vulnerability Note VU# 996892 - Microsoft Word malformed pointer vulnerability

Until a security fix from Microsoft becomes available, US-CERT recommends the following actions to help mitigate the security external intrusion monitoring:

• Do not open untrusted Word documents or attachments from unsolicited email messages.
• Disable automatic opening of Microsoft Office documents.
• Do not rely on file name extensions as a way to securely filter against malicious files.
• Install anti-virus software and keep its virus signature files up-to-date.
• Save and scan any attachments before opening them.
• Limit user privileges to NO administrator rights.

Additionally, US-CERT strongly encourages users not to open unfamiliar or unexpected email attachments, even if sent by a known and trusted source. Users may wish to read Cyber Security Tip ST04-010 for more information on working with email attachments.

US-CERT will continue to investigate this vulnerability and provide additional information as it becomes available.

Google Search Appliance Vulnerable to Cross-site Scripting (2006-12-14)

US-CERT is aware of a cross-site scripting (XSS) vulnerability in Google Search Appliance and Google Mini devices. Specifically, the flaw exists in the way that Google Search Appliance and Google Mini devices handle UTF-7 (Unicode Transformation Format) encoded URIs (Uniform Resource Identifier).

Until an official update, patch, or more information becomes available, we recommend the following actions to help mitigate the security external intrusion monitoring:

• Disable Active Scripting as specified in the Securing Your Web Browser document.
• Do not follow unsolicited links.
• Review the steps described in Microsoft's document to improve the safety of your browser.

New Spybot Worm Targets Old Symantec Vulnerability (2006-12-14)

Symantec has confirmed reports of a new worm attempting to exploit previously patched flaws in Microsoft Windows and Symantec Client Security and Antivirus Corporate Edition. The worm, named W32.Spybot.ACYR, spreads through Internet Relay Chat (IRC) channels and to network shares with weak passwords. Successful exploitation could allow a remote unauthenticated attacker to execute arbitrary code with SYSTEM privileges.

According to Symantec in its Security Response Weblog, the impact of the attack is minimal thus far. Symantec further states that customers who have applied the patch are not susceptible to this new attack.

More information about the vulnerabilities in the Symantec products can be found in the following:

• Vulnerability Note VU#404910 - Symantec products vulnerable to buffer overflow
• Symantec Advisory SYM06-010

US-CERT recommends that users to take the following actions to mitigate the security external intrusion monitoring:

• Update all Symantec products to the latest available security updates.
• Apply all relevant patches that are available.
• Block port 2967/tcp at the firewall if patching is not an option.

US-CERT will continue to investigate and provide additional information as it becomes available.

Adobe Reader and Acrobat ActiveX Vulnerabilities (2006-12-14)

US-CERT is aware of a report of multiple vulnerabilities that affect the ActiveX control for Adobe Reader and Acrobat.

More information about these vulnerabilities can be found in the following:

• Vulnerability Note VU#198908 - Adobe Acrobat AcroPDF ActiveX control fails to properly handle malformed input
• Adobe Security Advisory APSA06-02

Until an official update, patch, or more information becomes available, we recommend the following actions to help mitigate the security external intrusion monitoring:

• Disable ActiveX as specified in the Securing Your Web Browser document.
• Follow the workarounds suggested in Adobe Security Advisory APSA06-02.
• Do not follow unsolicited links.