Free Tool Scans Sites For Threats - InformationWeek
02:06 PM

Free Tool Scans Sites For Threats

Users can enter in a URL, and LinkScanner will check the target page for any threats or exploits and report back on its findings.

A security start-up on Thursday unveiled a free tool that scans Web sites for malicious code and other exploits, giving users a chance to steer clear of dangerous URLs before they click on links.

The tool, dubbed "LinkScanner" by Exploit Prevention Labs, is the fruit of an earlier effort -- the Atlanta-based company's SocketShield -- and in later versions, will compete with better-known site raters such as McAfee's SiteAdvisor, Exploit's chief operating officer said Thursday.

"At some point, you'll be able to enter a search here and point it to a specific [search] engine, and we'll return pages with scan results," said Chris Weltzien.

SiteAdvisor, technology that security giant McAfee acquired in April, rates sites in search results posted by Google, Yahoo, and MSN, but uses a completely different methodology.

"SiteAdvisor is not immediate and not empirical," said Joe Chiarella, Exploit Prevention's product manager. "Its information is not necessarily very fresh; we're instantaneous."

When a user enters a URL in LinkScanner, the tool scans the requested page for threats and exploits, then reports back on what it found. "I think it's most useful for checking out links people send you in e-mail, Weltzien said. "Even though you've told them not to, they still do."

However, the tool doesn't warn users of all potentially risky sites. Several sites tested by TechWeb that were identified by Firefox 2.0 Beta 1 as likely spoofed phishing URLs, were passed by LinkScanner.

"We're not going terribly deep into the site," admitted Chiarella. "There are number of ways you can crawl a site, and we're doing it relatively superficially." LinkScanner scans only the page entered, not any secondary pages or sites linked to from the URL. "We could go to the entire depth of the site, but that would take some time," said Chiarella. "People have about a 30 second wait tolerance."

In TechWeb's tests, LinkScanner took about 10 seconds to return its findings.

LinkScanner is based on an SDK for SocketShield, a stand-alone exploit interceptor that the company released in final form last month. It's also tied to the same intelligence network Exploit Prevention uses to feed data to SocketShield.

The company wants to license the SDK to Web portals and sites so that others can add a LinkScanner-style tool to their domains, said Weltzien. "It would provide a real stickiness factor for portals," he said, if other sites gave users the option of pre-scanning a link to a third-party page.

LinkScanner is free to use, and will remain so, said Weltzien, since he hopes to convince users of the tool to upgrade to the $19.95-per-year SocketShield.

"There's a real need for users to look at emerging threats to unpatched machines," Weltzien said. "They need real-time protection against real-time threats."

LinkScanner can be accessed from here.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll