NoID Posted March 17, 2010 Share Posted March 17, 2010 Hello, i have read some forums, and getting an answer to use or not. http://addons.oscommerce.com/info/7211 any help will be nice. well its according to this site. www.oscmax.com/forums/new-oscommerce-contributions/21754-tims-oscommerce-solutions-oscommerce-threat-scanner.html Link to comment Share on other sites More sharing options...
spooks Posted March 17, 2010 Share Posted March 17, 2010 It been said b4, I advise against using any add-ons that are un-supported, especially one by some-one that never comes here to post, ever! What he seems to say in that, I`ve created this, now will some-one else support it!! I feel you would be better off using SiteMonitor http://addons.oscommerce.com/info/4441 Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
pctekcomponents Posted August 10, 2010 Share Posted August 10, 2010 Just for info...... I was gonna have a look at this contrib but when I try to Download it my ESET Security drops the conection as it's saying the file is infected with.... HTML/Iframe.B.Gen.virus Link to comment Share on other sites More sharing options...
Jan Zonjee Posted August 10, 2010 Share Posted August 10, 2010 Just for info...... I was gonna have a look at this contrib but when I try to Download it my ESET Security drops the conection as it's saying the file is infected with.... HTML/Iframe.B.Gen.virus Just downloaded the August 9, 2010 upload but I can't find any evidence of a virus (the zip is only 6 KB large...). Link to comment Share on other sites More sharing options...
germ Posted August 11, 2010 Share Posted August 11, 2010 Just for info...... I was gonna have a look at this contrib but when I try to Download it my ESET Security drops the conection as it's saying the file is infected with.... HTML/Iframe.B.Gen.virus My Avast antivirus acts the same way no matter what version I try to download. My hunch is that since it scans files for some infections it has "sample code" of some infections present and this is what the problem is. It's kind of almost a "false positive" I think. :) If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
hetmana Posted September 8, 2010 Share Posted September 8, 2010 This script seems to be hunting for very SPECIFIC fixes. I tried to XSS-secure my contact page four different ways. The "Checking for "Contact_us" XSS vulnerability..." did not return as [OK] until I FOUND and added the following fix: <td><?php echo tep_draw_textarea_field('enquiry', 'soft', 50, 15); ?></td> CHANGE TO: <td><?php echo tep_draw_textarea_field('enquiry', 'soft', 50, 15, tep_sanitize_string($_POST['enquiry']), '', false); ?></td> Now all 13 threat checks are finally displaying [OK] It would be really nice if fix-suggestion-links went to actual fix suggestions instead of 8-page discussion threads that have numerous potential fixes - many of which create brand new errors - and a whole lot of discussion on what DOESN'T fix squat. The one thing that really kills my eyes with this script is that I have to scan through 28 screens of 1316 files that all say [if possible, chmod 644] just to see if there are any REAL threat notes ... even though all of the [if poss...] files are ALREADY 644 or lower. Looks like it is simply scanning for the existence of specific file types, NOT actually checking the chmod status. I chock this contrib. as DEFINITELY USEFUL, but nothing I would write Shakespearean sonnets about. I've already installed other security add-ons since battening down the 13 big hatches this script looks for. Link to comment Share on other sites More sharing options...
timint Posted November 16, 2010 Share Posted November 16, 2010 Whee, I'm posting. Spooks prolly falls off his chair. ;b Don't find my stuff useful. Just ignore it. My threat scanner is not invented by Einstein. It scans through scripts to find known threat code, or possible threat code. As for the vulnerabilities it tries to identfiy the vulnerable code itself, or in some cases it tries to identify the fix itself instead. I've had some customers with pretty bad infections. And as for the latest versions out of the threat scanner, I've managed to find 100% of the threats via the Threat Scanner in 4 cases out of 5. Dunno about you guys, but this has saved me a lot of time. The scanner does not protect you from future badware, it tries to find current ones. Im usually active in another forum, thats why I leave the option possible in my profile to email me. Link to comment Share on other sites More sharing options...
timint Posted November 16, 2010 Share Posted November 16, 2010 hetmana: I agree direct links to fixes rather than forum threads would be a lot better. But there are several different solutions out there for the same vulnerabilities. I just rather didn't wanna stick out as a smarta*s telling everyone what fixes were better than others. Writables have been moved to the extra selectable tools instead. Many web hotels run the webserver with same privileges as the FTP user. Making it unuseful to write protect the files. The writables are detected by is_writable(), not fileperms(). Any suggestions are always welcome. Link to comment Share on other sites More sharing options...
timint Posted November 16, 2010 Share Posted November 16, 2010 germ: My Avast 5 does not detect threat_scanner.php as a virus, but Ad-aware did. This is because fragments of threat code is in the source of this script for being able to find such code in your scripts. The threat scanner itself is of course clean. Link to comment Share on other sites More sharing options...
germ Posted November 16, 2010 Share Posted November 16, 2010 germ: My Avast 5 does not detect threat_scanner.php as a virus, but Ad-aware did. This is because fragments of threat code is in the source of this script for being able to find such code in your scripts. The threat scanner itself is of course clean. Now tell me something I didn't alreasdy know. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
timint Posted November 16, 2010 Share Posted November 16, 2010 And that was necessary I suppose...? Link to comment Share on other sites More sharing options...
germ Posted November 16, 2010 Share Posted November 16, 2010 Just as necesasary as yours. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there > Link to comment Share on other sites More sharing options...
bibleman Posted December 5, 2010 Share Posted December 5, 2010 Hi Thanks for a GREAT contribution. I am working fixing all the problems it brings up. BUT I am getting an error. Warning: parse_url() expects exactly 1 parameter, 2 given in /home/httpd/vhosts/mysite.com/httpdocs/admin/threat_scanner.php on line 439 Line 439 is: . "<input type=\"button\" value=\"StopBadware\" onclick=\"window.open('http://stopbadware.org/home/reportsearch')\" /> <input type=\"button\" value=\"Google's Safe Browsing Diagnostics\" onclick=\"window.open('http://www.google.com/safebrowsing/diagnostic?site=mysite.com". parse_url(HTTP_SERVER, PHP_URL_HOST) ."')\" /> <input type=\"button\" value=\"Unmask Parasites Report\" onclick=\"window.open('http://www.unmaskparasites.com/security-report/?page=mysite.com". parse_url(HTTP_SERVER, PHP_URL_HOST) ."')\" /><br />\r\n"; Got any idea why I am getting this error? Thanks Leon I'm having a great Day - hope you are too! Leon Link to comment Share on other sites More sharing options...
timint Posted December 5, 2010 Share Posted December 5, 2010 Hello bibleman, Im happy you like it. The warning you get means your PHP version is below 5.1.2. See http://se.php.net/manual/en/function.parse-url.php Nothing to be worried about. Hi Thanks for a GREAT contribution. I am working fixing all the problems it brings up. BUT I am getting an error. Line 439 is: Got any idea why I am getting this error? Thanks Leon Link to comment Share on other sites More sharing options...
bibleman Posted December 6, 2010 Share Posted December 6, 2010 Hello bibleman, Im happy you like it. The warning you get means your PHP version is below 5.1.2. See http://se.php.net/manual/en/function.parse-url.php Nothing to be worried about. THANKS Tim for your quick reply! I'm having a great Day - hope you are too! Leon Link to comment Share on other sites More sharing options...
JosephB Posted January 12, 2011 Share Posted January 12, 2011 Tim - I like the concept but can't test it. I got a missing database table error. There was no SQL included with the zip file I downloaded. Did I miss something? Steep learning curve? Hell, I don't even know enough to formulate a stupid question!! Link to comment Share on other sites More sharing options...
timint Posted January 16, 2011 Share Posted January 16, 2011 jbennette: That doesn't sound right. The scanner is read only, and does not need any additional sql tables. Could you tell me the exact error message? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.