Website Monitoring:Plans & Pricing Learn More Compare Plans Product Features Free Trial Public Status

External Intrusion Scanning

WatchMouse advantages

WatchMouse's Vulnerability Scanning provides the following unique advantages:

Pay for what you need and adjust your settings at any time
Immediate results via an outsourced solution - no software installation or hardware purchase needed
Peace of mind that your website and servers are being scanned against an expert database of 30,000+ known vulnerabilities
Access to an Industry Leading Customer Console to check results, leave comments, adjust scans, set alerts, and view full details
Routine, professional scanning from the hacker's perspective, external to your organisation
Real-time e-mail, SMS & pager alerts when severe vulnerabilities are found
Confidence that your scanning is outsourced to industry experts so you don't need expensive in-house resources

Click to enlarge.

News

Did you know? Hackers probe your servers for vulnerabilities between 5 and 170 times per week (2007-10-29)

Test your site now: Free 10 day / 10 scan trial

With a dramatic rise in malicious external intrusion scanning, it is now critical to test your websites and servers for security vulnerabilities. Having the latest firewalls and Intrusion Detection Systems will not protect your organization if they (or the services behind it) are not kept up-to-date and configured correctly.

This means that verifying the security of your systems is not something you can do just once, nor should you check this just every now-and-then. New vulnerabilities are identified every day, exploits become available soon after it, and every change in your systems' configurations, however small, may open up new vulnerabilities. Having audited last week does not imply your systems are fine today!

The WatchMouse Periodic Vulnerability Scan is an affordable way to routinely check your company’s security exposure. Utilizing the most up-to-date database of known vulnerabilities, WatchMouse’s identifies any security risks and provides you with the peace-of-mind that your web applications are being scrutinized from the perspective of a possible attacker.

Characteristics

WatchMouse offers Periodic Vulnerability Scanning with an outside - hacker's - view, with the following characteristics:

Currently over 20,000 vulnerabilities are checked. Checks for new vulnerabilities are added on a daily basis.
The frequency and the intensity of a scan can be tailored to your external intrusion external intrusion scanning, and implemented immediately on our self-service website.
Severe vulnerabilities can, depending on your preferences, initiate SMS (text) or paging alerts, giving you, or your webmasters, the opportunity to react quickly in case of new vulnerabilities.
Extensive reporting is available for each scan, including pointers on how to fix vulnerabilities.
WatchMouse's unique Vulnerability Scan Customer Console allows you to manage subsequent scans by inspecting differential reports and open issues, declaring vulnerabilities fixed, adding operator comments, etc.

Try now: Free 10 day trial!

Press releases

Rapidly growing WatchMouse wins Deloitte’s Rising Star award (2005-09-23)

WatchMouse is one of the three winners of Deloitte’s Rising Star award. This award is presented annually to rapidly expanding technology companies less than five years old. WatchMouse has been active worldwide for three years in the area of site and server monitoring. With 16 monitoring stations throughout the world, WatchMouse monitors the availability of customers’ websites, immediately sounding the alarm in the event of problems.

The Rising Stars are presented as part of the Deloitte Technology Fast 50 ceremony, the fifty most rapidly expanding technology businesses. The Rising Stars have the potential to lead the Technology Fast 50 in the near future. Stan van de Burgt (42), Niels Eijsbroek (40) and Mark Pors (38) first came up with the idea for WatchMouse in 2001. The concept was as unique as it was clear: to monitor the availability of sites and servers by constantly simulating web traffic. If a site is not responding or an error is found, the customer is notified immediately by SMS, pager, IM or e-mail. From the moment the concept went 'live', in 2002, the pace has been frenetic: turnover doubled each year. Web sites are now monitored from sixteen monitoring stations worldwide 24 hours a day, seven days a week.

The WatchMouse application is entirely web-based: customers do not have to install software or hardware at their site, and the application excels in its self-service aspects while staying easy to use. This allows WatchMouse to operate with a small core of permanent employees, supplemented by external support. Prospective customers can specify their requirements in detail on the WatchMouse site. A range of starter packages is available, priced from € 17.50 per month up to € 450 per month. 400 paying customers in 40 countries worldwide now make use of WatchMouse’s services. These include hosting companies, government bodies, and companies such as LB Icon, Scania, Siemens, Orange, ING, GeoTrust, Citibank, and Postbank.

Self-service as a success factor

Mark Pors, Chief Technology Officer, says he was “pleasantly surprised by the award”. “I am very happy that the jury shares our vision of self-service and our market approach." Pors sees WatchMouse as “the right initiative at the right moment. Companies are increasingly looking to outsource non-core tasks. However, they want to be able to guide and control this themselves and from their own workplace. Web-based services make this possible." Stan van de Burgt, CEO, sees the simplicity of the WatchMouse site and the various languages in which it is available as the major success factors. "Monitoring websites was an idea that already existed in essence, but had not been worked out in this form. We are geared tightly to 'self service', whereby customers can set up everything themselves and retain total control. Which also means we are able to offer the service at a more attractive price than other players in the market.”

The Rising Star awards were presented on Thursday, 22 September.

WatchMouse

WatchMouse assesses your website and e-commerce applications just like your customers experience them. The checks are carried out from 16 monitoring stations worldwide, and recorded in regular reports. In the event of errors or availability problems, the right people within your organisation will be alerted.

www.watchmouse.com

Columns

What do you want to check with a service such as Watchmouse? (2005-01-31)

As I explained in my previous column, you can use a monitoring service in a number of roles. Common to all these roles is the fact that you are keeping alive some services for the benefit of your customers, suppliers, employees or partners. These users are, in the end, all that counts.

What are the objects that you should be checking? Obviously, the least you want to do is check the service that is most visible to these users. This could be the webserver, or a POP or FTP server for example. You would start by setting up a rule to check the server and a URL. The frequency with which you can monitor (that is: the elapsed time between checks) is typically limited by the type of subscription that you have. Only in specific cases would you not check as often as your subscription allows.

Note that there is a difference between a CONNECT on port 80 rule and a HTTP rule. The first just connects to the port that the webserver is supposed to use. The HTTP rule also checks whether the webserver can produce a valid HTTP response, and whether the document can be found. You probably want the latter check.
Similar reasoning applies to POP and FTP checks. If you set up two different rules on the same host, this allows you to distinguish for example between a broken webserver and a host that is down. If you want even more content oriented checks, have a look at the so-called PLUG-IN rules. Additionally, you can set up checks to make sure that your users are actually using the services that you intend them to. The whole Internet depends heavily on the domain name system(DNS) functioning correctly. If it does not work properly your users may be directed to another site than you intended. This could be a configuration error, but it could also be a defamation hack. In either case, you want to know.
First of all you want to check whether the root servers of the Internet accurately find the DNS that is serving you. This can be checked with a DNSNS rule. What you are checking with this rule is whether the registrar's databases are correct. Second, you want to check if that DNS server (and its slaves) are serving up the proper IP address for the server. For this you can use the DNSA rule, and it will warn you if the DNS server is not working or serves up the wrong address. (Note that the hosting party can change that address at its discretion, as part of a renumbering operation for example.)

Who should you notify of rule failures? Again, different roles have different information requirements. You want to notify the person who can fix things as soon as possible. Mail or SMS/text them directly, you do not want to be in the loop. You might set up an escalation chain, which fires off after a certain amount of errors. Note: make sure that you send the message on a channel that is not external intrusion scanning by the outage: if your e-mail system does not work, delivering a message to that effect should not depend on that e-mail system.
The people in charge of overseeing somebody else's service levels should only get escalation messages, if at all. Rather, they should get the weekly or monthly service reports.

Peter van Eijk is a management consultant specialized in management of network infrastructures. He can be reached via his contact page.

Security news

Ignite Realtime Openfire Unspecified Privilege Escalation Vulnerability (2007-05-29)

Openfire is prone to an unspecified privilege-escalation vulnerability.

An attacker can exploit this issue to obtain escalated privileges. A successful attack can result in a compromise in the context of the affected application.

Openfire 3.3.0 and prior are external intrusion scanning to this issue.

GraphicsMagick PALM DCM Buffer Overflow Vulnerabilities (2007-01-08)

GraphicsMagick is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers.

Successful exploits may allow an attacker to execute arbitrary machine code to compromise an affected computer or to cause denial-of-service conditions.

GraphicsMagick 1.1.7 and prior versions are external intrusion scanning.

Cisco Secure Access Control Server Multiple Remote Vulnerabilities (2007-01-08)

Cisco Secure Access Control Server (ACS) is prone to multiple remote vulnerabilities, including multiple stack-based buffer-overflow issues and denial-of-service issues.

An attacker can exploit these issues to execute arbitrary code within the context of the affected server or to crash the affected server, denying service to legitimate users.

Versions prior to 4.1 are external intrusion scanning to these issues.

FFmpeg Image File Multiple Buffer Overflow Vulnerabilities (2006-12-15)

FFmpeg is prone to multiple remote buffer-overflow vulnerabilities because the application using this library fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

These issues allow attackers to execute arbitrary machine code within the context of the affected application.

Versions prior to 0.4.9_p20060530 are external intrusion scanning to this issue.

Wzdftpd SITE Command Arbitrary Command Execution Vulnerability (2006-12-15)

The 'wzdftpd' utility is affected by a remote arbitrary command-execution vulnerability.

This issue can allow an attacker to execute commands in the context of an affected server and potentially gain unauthorized access.

Version 0.5.4 of wzdftpd is reported to be external intrusion scanning. Other versions may be affected as well.

You might find this interesting

Online intrusion monitor • External security checking • Online security assessment • Remote intrusion monitor • External security monitoring • Website intrusion scanning • Periodic security monitor • Remote security monitoring • Remote vulnerability monitoring • Online security scan • Hacker safe assessment • External intrusion testing • Online security monitor • Online intrusion scan • External intrusion scanning • Periodic intrusion monitoring • Remote intrusion testing • Remote vulnerability assessment • Periodic vulnerability scanning • External vulnerability monitoring • Server vulnerability testing • Server security assessment • Server vulnerability assessment • External vulnerability checking • External intrusion monitoring • Periodic security testing • Online intrusion scanning • Website intrusion assessment • Server vulnerability monitor • External vulnerability scanning • Hacker safe testing • Periodic vulnerability checking • Server intrusion monitor • Server vulnerability scan • Periodic intrusion checking • Website intrusion checking • Server security scanning • Periodic intrusion scanning • Online intrusion assessment • External intrusion monitor • Website intrusion monitoring • Server intrusion monitoring • Remote intrusion scanning • External vulnerability scan • Hacker safe monitor • Periodic vulnerability testing • Remote intrusion checking • External security scanning • Periodic vulnerability monitoring • Periodic security monitoring