Home > All, Security Issues > Information Security and Paranoia are synonyms

Information Security and Paranoia are synonyms

November 8, 2010 Leave a comment Go to comments

This blog, as you know, is hosted on WordPress.com. I like WordPress. One of the things I particularly like is the Site Stats page the blog owner can view. It tells me how many visits different pages receive, where they come from, what search terms are used to find me, and where visitors go if they click a link on the site.

I monitor this information out of vanity (how many visitors I get, and how high my pages appear on search engines), and simple curiosity (which of my topics get the most referrals from me).

But yesterday I noticed that someone had clicked a link I didn’t recognise. What’s more, I didn’t like the look of the link – it appeared to relate to a site in the Far East that raised a few concerns. Now I was worried. Had some innocent visitor clicked a link to a malicious site while on my site?

First thing was to check the linked site itself. Armed with NoScript blocking all scripts, I went there – and it certainly isn’t a security site. I used NoScript to invoke some page analysis tools. First I used WOT.

 

click for full size

The worrying link's WOT rating

 

The site comes out OK. But, with no disrespect to WOT, I don’t have total faith in community-based reputation systems. Reputations can be manipulated. So next I used Google’s Safe Browsing diagnostics.

 

click for full size

Google's Safe Browsing diagnostics for the suspect link

 

This is far more worrying. It was safe the last time Google checked – but it has certainly been used to host malware recently; and there was nothing to say that it wasn’t doing so again. So now I was getting really worried. Where is this link on my site? How did it get there? Who clicked it? And has that innocent visitor to a security site been infected through visiting my site?

And then it dawned on me. I checked the spam folder. And there was the link.

 

click for full size

The offending link - found in the spam folder

 

 

I asked around, and, yes, it appears that when a comment is made and held in moderation, both the site operator and the commenter can click any links contained. But, I discovered with a huge sense of relief, no-one else can.

So, since it wasn’t me who clicked the link, it must have been the spammer checking to see if his spamlink worked. All I can say is that I hope he got infected when he did.

Paranoia is bad for the heart – but good for your safety.

Categories: All, Security Issues
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s