Site Inspector... are you using it?

[Guest]

[Chiron]

What I would like to see is an available addon/extension for SiteInspector that automatically analyzes the pages you're visiting for active exploits. I think this would be very useful when run alongside WOT.

This way even if a safe site gets infected (which does happen) you'll still be protected. Of course SiteInspector only protects you from exploits, so WOT is still indispensable as well. The protection they offer is different, but complementary.

[Matty_R]

I wen`t to a site today which downloads a fake AV http://www.virustotal.com/file-scan/report.html?id=92d86f71991550763dedda5d09b3ba09c7add30fa30f44168c00507d1d6d7070-1297354632

If i enter the site via URL or IP address into SiteInspector it comes back as clean, does the site only check for exploits and not malicious downloads or does whatever is downloaded have to executed?

From the FAQ (text highlighted by me)

How does it work and what does it scan?
SiteInspector uses a instance of Internet Explorer running in a sandboxed environment ( a virtual machine) and browses the page at the URL that you submitted. If the browser performs a malicious activity, crashes, downloads a suspicious file, changes registry entries or exhibits behavior consistent with malware activity then its flagged as malicious. This allows regular Internet users to test the safety of a particular website and allows website operators to test the safety of their website from their customers point of view.

Matty

[BoredNow]

I can tell you straight off that any website with any moral standing is automatically blacklisted

100% true.
I remember a few years ago, I noticed that Greenpeace, PETA, and AlterNet all had that silly red "O".

It's also a perfect platform for 'corporate astro-turfing'.

As for SiteInspector, I've used it a few times, but 9 times out of 10 the only way to obtain the
full address is to actually visit the site - by then it's too late - or am I doing it wrong?
 

[Boris 3]

Till today i was unable to copy paste the URL of a site in Site Inspector. Now that works but I've to enbale javascript in the brownser.

By BoredNow:
"As for SiteInspector, I've used it a few times, but 9 times out of 10 the only way to obtain the
full address is to actually visit the site - by then it's too late - or am I doing it wrong?"

Yes, you can make a research with google, copy the URL of the site you want to visit, open a new tab, open Site Inspector, paste the URL and you'll have the verdict without entering the site.

[BoredNow]

Yes, you can make a research with google, copy the URL of the site you want to visit...

Thanks Boris, I forgot that I can rightclick to copy the links address...*embarrassed*

SiteInspector is now on my Bookmarks Bar.

I've been using Sandboxie so long that I don't really stress-out about 'compromised' sites.

Melih -- I love Comodo --

[morphiusz]

I wen`t to a site today which downloads a fake AV http://www.virustotal.com/file-scan/report.html?id=92d86f71991550763dedda5d09b3ba09c7add30fa30f44168c00507d1d6d7070-1297354632

If i enter the site via URL or IP address into SiteInspector it comes back as clean, does the site only check for exploits and not malicious downloads or does whatever is downloaded have to executed?

From the FAQ (text highlighted by me)

Matty

Unfortunetly only exploits :/
It would be nice when CAV scans download files....(si visits sites, some files are downloaded and then cav scan them - when they are a virus - site is unsafe).

[Matty_R]

Unfortunetly only exploits :/
It would be nice when CAV scans download files....(si visits sites, some files are downloaded and then cav scan them - when they are a virus - site is unsafe).

Cheers dude, thought as much.

Matty

[TirpitzITA]

http://siteinspector.comodo.com/taskreport/?uid=2247
this site is safe ? NO! This is a site find in Malware Domain List! 

[morphiusz]

http://siteinspector.Comodo.com/taskreport/?uid=2247
this site is safe ? NO! This is a site find in Malware Domain List! 

Yep, but that was exploit?
If yes then send me a message with this link.

[Chiron]

http://siteinspector.Comodo.com/taskreport/?uid=2247
this site is safe ? NO! This is a site find in Malware Domain List! 

I think it should just give a result like "No Exploit Detected".

Calling it safe when that's all it checks for isn't very accurate.

[jay2007tech]

I use it once in a while

[Jacob]

I rarely use it;

I know what websites i go to; if one of them do get hijack'd, It has to jump out of the sandbox and get passed D+ ...

Jake

[RossPH]

Unfortunetly only exploits :/
It would be nice when CAV scans download files....(si visits sites, some files are downloaded and then cav scan them - when they are a virus - site is unsafe).

We are implementing functionality to check hosted files for malware in a new and improved version of SI.

[RossPH]

I think it should just give a result like "No Exploit Detected".

Calling it safe when that's all it checks for isn't very accurate.

We'll be making changes to terminology so they are more accurate in the next version.

[morphiusz]

Great to hear !

[Tags:]