External Vulnerability Checking

Secure site (https) checking (2005-01-31)

The access to secure sites (https) and the verification of the server external vulnerability checkingificates of these sites is now possible in the Gold and Platinum packages.

New tags, new reports (2006-10-03)

Reports are no longer limited to groups of rules! From now on, it is possible to receive cross-group reports through the introduction of tags in the monitoring settings.

Reporting by rule or group of rules. This is how it was done until now. The introduction of tags in the monitor settings means we are now able to satisfy clients that need another type of reporting – reporting that transcends any particular group. For example, the multi-media company Lost Boys has grouped rules by client, but wants to receive reports on external vulnerability checkingain type of servers from all of its clients, e.g. an overview of all its clients’ mail servers. By means of tags, Lost Boys is able to state which rules should be shown at the same time. In this case, all of the rules from the mail servers. The tag feature therefore makes it possible to arrive at a different form of reporting, whereby it is possible for you to analyse the information in different ways.

Easy issue updates to your team or customers (2007-10-10)

In the event of an issue with your site, wouldn't it be convenient to update your team or customers and let them know you are working on it, or send them a note that you solved the issue?
Other examples:

• Inform your customer that maintenance will start in 5 minutes, and then again when completed.
• Ping your team that you're working on an issue that WatchMouse signalled to all.
• Update management on what the status of an emergency issue is.

The WatchMouse Messaging tool lets you do exactly that: type a short message, select the group of contacts to send the message to, and click 'send'. The message will be sent to all contacts of the group, and can be sent over SMS, email, pagers, and instant message (MSN, ICQ, jabber). And in case of sms, you can even see who received it in the Message log (if supported by the respective GSM provider).

Tip: Do you find yourself typing external vulnerability checkingain texts all the time? Then just save it as a template so you can reuse it the next time. You can define as many contact groups as you like using the Contacts page.

Did you know? Hackers probe your servers for vulnerabilities between 5 and 170 times per week (2007-10-29)

Test your site now: Free 10 day / 10 scan trial

With a dramatic rise in malicious attacks, it is now critical to test your websites and servers for security vulnerabilities. Having the latest firewalls and Intrusion Detection Systems will not protect your organization if they (or the services behind it) are not kept up-to-date and configured correctly.

This means that verifying the security of your systems is not something you can do just once, nor should you check this just every now-and-then. New vulnerabilities are identified every day, exploits become available soon after it, and every change in your systems' configurations, however small, may open up new vulnerabilities. Having audited last week does not imply your systems are fine today!

The WatchMouse Periodic Vulnerability Scan is an affordable way to routinely check your company’s security external vulnerability checking. Utilizing the most up-to-date database of known vulnerabilities, WatchMouse’s identifies any security external vulnerability checking and provides you with the peace-of-mind that your web applications are being scrutinized from the perspective of a possible attacker.

Characteristics

WatchMouse offers Periodic Vulnerability Scanning with an outside - hacker's - view, with the following characteristics:

• Currently over 20,000 vulnerabilities are checked. Checks for new vulnerabilities are added on a daily basis.
• The frequency and the intensity of a scan can be tailored to your policies, and implemented immediately on our self-service website.
• Severe vulnerabilities can, depending on your preferences, initiate SMS (text) or paging alerts, giving you, or your webmasters, the opportunity to react quickly in case of new vulnerabilities.
• Extensive reporting is available for each scan, including pointers on how to fix vulnerabilities.
• WatchMouse's unique Vulnerability Scan Customer Console allows you to manage subsequent scans by inspecting differential reports and open issues, declaring vulnerabilities fixed, adding operator comments, etc.

Try now: Free 10 day trial!

A Boy Joins the Mouse! - Bringing transaction monitoring to your site (2008-04-02)

Now you can test transactional behavior of web applications using WatchMouse's global infrastructure.

WatchMouse is pleased to announce a partnership with Badboy Software which brings you exciting new functionality.

The Badboy tool is designed to help you test, develop and build web based applications. The powerful tool aids in the testing and development of complex dynamic applications and contains dozens of features including a simple yet comprehensive capture/replay interface, load testing support, detailed reports, graphs etc.

Now, via a partnership with Badboy Software, you can professionally record complex web transaction scripts and then automatically and external vulnerability checkingally run them from WatchMouse's global infrastructure of 25+ checkpoints. Having run the Badboy script, you'll receive detailed information about the end-to-end behaviour of your web applications. This new functionality enables you to monitor these transactions on your site and know how your customers experience them when they access your site from locations all around the world.

To find out more about this new functionality and sign up for a free trial visit: Web application scripting.

Happy testing!

Mark Pors
CTO

WatchMouse Launches API-status.com (2010-01-20)

New Site Monitors and Measures Uptime of 26 Popular API and Cloud Services Websites; Report Reveals Amazon, Google and Yahoo Among the Best and Vimeo, foursquare and Yammer Among the Worst Performers

WatchMouse, a global industry leader in self-service website and application performance monitoring, announced the launch today of API-status.com, a new dedicated website for monitoring and measuring the real time availability and performance of the public APIs of 26 heavily trafficked, popular “cloud computing” mega web services including: Google Search, Google Maps, Bing, Facebook, Twitter, SalesForce, YouTube, Amazon, eBay, PayPal, Wikipedia and others.

API-status.com does a call and check for a valid result on each of the APIs, and if the result is wrong or is received after four seconds, it is noted as an error and unavailable. The percentage of availability or uptime is based on the number of errors reported; details on API-status.com include a seven-day history along with a 24-hour glance and performance indication by country.

"Nearly all websites nowadays include information from external vulnerability checking sources such as maps or social media feeds. It impacts millions of websites worldwide if these services and systems are slow or down and can invoke a global domino effect of breakages and slowness," states Mark Pors, CTO and co-founder of WatchMouse. "The four-second limit on the response time may seem strict, but it is actually a long time, especially when the (mash-up) sites need to do multiple API calls to present a complete page to the visitor."

According to a recent report produced by Forrester Research and Akamai, two seconds was revealed as the new threshold of acceptability for e-commerce web page response times.

30-Day Report Card and Methodology

WatchMouse monitored the availability of 26 API/cloud web services during the period of December 16, 2009 to January 16, 2010. The results found that Yammer API had the lowest availability with 96.06 percent uptime and Amazon, Google Maps, Google Search, last.fm, and Yahoo Maps with the highest availability with 100 percent uptime. In accordance with industry standards, availability of greater than or equal to 99.9 percent is regarded as "good" while anything below 99 percent is regarded as "poor" site uptime. The methodology for testing the sites includes one simple API call and check for a valid result. This typically means an authentication action for most APIs, including a login, followed by a search or listing action, plus a check of the expected result action. The expected result can immediately return as an error or if the expected result action is reported after four seconds, it is also logged as an error. These errors are used to create the percentage of availability or uptime for each of the sites. Each site is checked in real time using the WatchMouse Public Status Pages tool, which can be used to measure and report the availability of any public website. Companies use the tool, which is hosted on the Amazon platform to inform customers and report publicly on the status of their services.

Click here to read the full report of all 26 website services uptime or visit www.API-status.com for real time status and statistical data on each website.

About APIs

An application programming interface (API) is a set of data structures, protocols, routines and tools for accessing a web-based software application. The practice of publishing APIs allows web communities to create an open architecture for sharing content and data between communities and applications. Content that is created in one place can then be dynamically retreived, posted and/or updated in multiple locations on the Web.

About WatchMouse

Founded in 2002, WatchMouse is a global industry leader in self-service website and application performance monitoring. WatchMouse product tests the behavior and availability of websites, services and applications utilizing an infrastructure that includes 42 worldwide remote monitoring stations in 26 countries. Advanced remote monitoring helps eliminate website downtime, allows issues to be identified and resolved quickly and guarantees peace of mind that your website has been thoroughly and externally tested from the user’s perspective. WatchMouse’s web-based products are easily deployed and offer many features including: extensive reporting tools, root cause analysis, automated email and text/SMS alerts. WatchMouse supports Philips, ING, VeriSign and other leading global companies who depend on WatchMouse to provide independent confirmation of both in-house and suppliers’ website performance. WatchMouse is a privately held company headquartered in Utrecht, The Netherlands. Learn more at http://www.watchmouse.com.

Very impressive feature set and has a real commitment to client care (2010-01-13)

With many hundreds of business clients who expect and deserve over 99.99% uptime, in the instances where we do have service external vulnerability checking, WatchMouse alerts us promptly - every time. This allows us to minimize the impact of downtime and interruptions to our clients. WatchMouse isn't just another monitoring service, the team is dedicated to building on an already very impressive feature set and has a real commitment to client care

Michael Bloch, Business Operations Manager, ThinkHost, Inc.

WatchMouse's Website Performance Benchmark enables us... (2010-01-13)

WatchMouse's Website Performance Benchmark enables us to confirm on behalf of our clients, any suspected access external vulnerability checking in addition to showing the overall performance compared to the benchmark in our client's sector.

Managing Director, Red Dog Communications

What do you want to check with a service such as Watchmouse? (2005-01-31)

As I explained in my previous column, you can use a monitoring service in a number of roles. Common to all these roles is the fact that you are keeping alive some services for the benefit of your customers, suppliers, employees or partners. These users are, in the end, all that counts.

What are the objects that you should be checking? Obviously, the least you want to do is check the service that is most visible to these users. This could be the webserver, or a POP or FTP server for example. You would start by setting up a rule to check the server and a URL. The frequency with which you can monitor (that is: the elapsed time between checks) is typically limited by the type of subscription that you have. Only in specific cases would you not check as often as your subscription allows.

Note that there is a difference between a CONNECT on port 80 rule and a HTTP rule. The first just connects to the port that the webserver is supposed to use. The HTTP rule also checks whether the webserver can produce a valid HTTP response, and whether the document can be found. You probably want the latter check.
Similar reasoning applies to POP and FTP checks. If you set up two different rules on the same host, this allows you to distinguish for example between a broken webserver and a host that is down. If you want even more content oriented checks, have a look at the so-called PLUG-IN rules. Additionally, you can set up checks to make sure that your users are actually using the services that you intend them to. The whole Internet depends heavily on the domain name system(DNS) functioning correctly. If it does not work properly your users may be directed to another site than you intended. This could be a configuration error, but it could also be a defamation hack. In either case, you want to know.
First of all you want to check whether the root servers of the Internet accurately find the DNS that is serving you. This can be checked with a DNSNS rule. What you are checking with this rule is whether the registrar's databases are correct. Second, you want to check if that DNS server (and its slaves) are serving up the proper IP address for the server. For this you can use the DNSA rule, and it will warn you if the DNS server is not working or serves up the wrong address. (Note that the hosting party can change that address at its discretion, as part of a renumbering operation for example.)

Who should you notify of rule failures? Again, different roles have different information requirements. You want to notify the person who can fix things as soon as possible. Mail or SMS/text them directly, you do not want to be in the loop. You might set up an escalation chain, which fires off after a external vulnerability checkingain amount of errors. Note: make sure that you send the message on a channel that is not affected by the outage: if your e-mail system does not work, delivering a message to that effect should not depend on that e-mail system.
The people in charge of overseeing somebody else's service levels should only get escalation messages, if at all. Rather, they should get the weekly or monthly service reports.

Peter van Eijk is a management consultant specialized in management of network infrastructures. He can be reached via his contact page.

Flu Jab Your Website Against The Pandemic: 6,000 Infected Webpages Per Day! (2008-02-18)

The respected IT news website, The Register reports that every 14 seconds a web page is infected, which amounts to 6,000 infected web pages per day. Four out of five of these infections come from innocent companies and individuals who are oblivious to their site being hacked and subsequently used for hosting the malware of virus writers. The Register further reports that in the past viruses were spread using infected e-mail. Nowadays, however, the favoured virus distribution methods are downloads from compromised sites. As a result of these booby-trapped sites malware is present on at least one in every ten web pages.

WatchMouse's Periodic Vulnerability Scanning offers your website the flu jab against this virus pandemic. WatchMouse's Periodic Vulnerability Scanning is an affordable way to routinely check you company's security external vulnerability checking and eliminate the risks of manual audits. Utilizing the most up-to-date database of known vulnerabilities, WatchMouse identifies any security risks and provides you with peace of mind that your software applications are being scanned from the perspective of a hacker, external to your organization.
To ensure your website and servers are checked for the latest issues WatchMouse's Periodic Vulnerability Scanning performs over 20,000 checks for known external vulnerability checking and security external vulnerability checkings; using a database which is updated daily by multiple accredited organizations including CVE (funded by the US government) and Bugtraq. Following the detection of any severe issues, automated, real-time email, SMS and pager alerts give your business the chance to react quickly. Scans can be scheduled during low usage or maintenance hours and set at an intensity and frequency suited to your business needs and budget.

To obtain a free Periodic Vulnerability Scanning trial visit: www.watchmouse.com/external vulnerability checking_scan_trial.php

The Register's article was published on 23.01.08 can be viewed at: www.theregister.co.uk/2008/01/23/booby_trapped_web_botnet_menace/

phpDirectorySource SQL Injection and Cross Site Scripting Vulnerabilities (2009-07-24)

phpDirectorySource is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues could allow an external vulnerability checkinger to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Mozilla Firefox/Thunderbird Double Frame Construction Memory Corruption Vulnerabilities (2009-07-24)

Mozilla Firefox and Thunderbird are prone to multiple remote memory-corruption vulnerabilities.

An external vulnerability checkinger can exploit these issues to corrupt memory on the external vulnerability checking computer and run arbitrary code in the context of the user running the external vulnerability checking application. Failed exploit attempts will cause denial-of-service conditions.

These vulnerabilities were previously covered in BID 35758 (Mozilla Firefox MFSA 2009-34, -35, -36, -37, -39, -40 Multiple Vulnerabilities) but have been assigned this record to better document them.

IBM Tivoli Identity Manager Session Fixation Vulnerability (2009-07-24)

IBM Tivoli Identity Manager is prone to a session-fixation vulnerability.

Attackers can exploit this issue to hijack a user's session and gain unauthorized access to the external vulnerability checking application.

Tivoli Identity Manager 5.0 is external vulnerability checking.

Mozilla Firefox/Thunderbird JavaScript Engine Memory Corruption Vulnerabilities (2009-07-24)

Mozilla Firefox and Thunderbird are prone to multiple remote memory-corruption vulnerabilities that affect the JavaScript engine.

An external vulnerability checkinger can exploit these issues to corrupt memory on the external vulnerability checking computer and run arbitrary code in the context of the user running the external vulnerability checking application. Failed exploit attempts will cause denial-of-service conditions.

These vulnerabilities were previously covered in BID 35758 (Mozilla Firefox MFSA 2009-34, -35, -36, -37, -39, -40 Multiple Vulnerabilities) but have been assigned this record to better document the issues.

RaidenHTTPD Cross Site Scripting and Local File Include Vulnerabilities (2009-07-24)

RaidenHTTPD is prone to local file-include and cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. These issues affect the WebAdmin component.

An external vulnerability checkinger may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the external vulnerability checking site. This may allow the external vulnerability checkinger to steal cookie-based authentication credentials and to launch other external vulnerability checkings.

Exploiting the local file-include issue allows remote external vulnerability checkingers to view and subsequently execute local files within the context of the webserver process.

RaidenHTTPD 2.0 build 26 and prior versions are external vulnerability checking.