Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: phranque
Mass Injection Compromises More than Twenty-Thousand Web Sites
Threat Type: Malicious Web Site / Malicious Code
As posted at Websense:
More precisely I maintain a database of edits. I run dirs weekly and have code that compares edits to last update. If those do not match it is kicked out in a report (usually ZERO ITEMS). If there is a change I DID NOT MAKE I look at it. So far, so good!
What's the best way to monitor your sites for these sorts of attacks? Manually checking the source isn't a good way to be safe.