educational

Watch Your Websites!

Some recent activity on the hacker front prompts me to write this warning. One of the latest trends for malware proliferation is to hack legitimate websites, load their evil wares and leverage the site's popularity to spread infections.

Websense, a web security company, said in a recent report called the State of Internet Security, that 70 percent of the top 100 sites had been hacked to serve malware to unsuspecting users. Some of the most recent examples include the websites of Paris Hilton, Paul McCartney, Anti Virus vendors Kaspersky and F-Secure, Facebook, MSN, Twitter along with many, many others.

Even if your site isn't among the web's top 100, you still need to be very vigilant. IBM recently reported that 450,000 web sites EVERY DAY are being hit by cyber criminals attempting to hack them. How sure are you that your site is clean and not being used by criminal elements to deliver malware? In this column I will show you some basic tools and show you how to use them to perform a quick check.

The first tool that we're going to use is a great program called Sandboxie. After you install the program, go ahead and run an Internet browser inside it. After the program starts, open the program's main window. From there, choose the "View" drop down menu and then "Files and Folders." Running your web browser connected to a safe site should not give you any error messages.

Then I went looking for trouble. In fact, all I did was open my SPAM filter and start clicking links. At least one of the sites installed some very suspicious software on my computer. Be VERY suspicious of any site that downloads files to your computer without your knowledge or if the site says it needs to load a program in order for you to be able to see its content.

Our next tool was written by Microsoft and works with Internet Explorer. It's called Fiddler and can be downloaded for free. This program is a bit more technical than Sandboxie but it also provides more information. Fiddler is a program used to debug web pages by monitoring all traffic between a web page and a browser and its output is more detailed.

Every time the web sends information to a browser it is logged along with the type of communication protocol used (HTTP), exactly who was sending the information (useful to make sure that only those sites that you allow are accessing your customers), and the type of content being transferred. Fiddler is a very powerful tool and you can dive into it as far as your technical skills allow. Simply be careful when using the Auto Responder and Request Builder tools.

The last tool we will explore is an add-on to the Firefox browser. Security Compass is the software company that wrote the add-on and actually has three tools worth trying: XSS Me, Access Me and SQL Inject me. As the names imply, each add-on tests for different vulnerabilities. This set of tools, unlike the previous two, actively sends information to a website looking for vulnerabilities and should be used only against sites that you own or control. The tools produce an easy to read report which summarizes any problems that it finds (make sure to disable any other add-ons that you may have running) and even test input fields for database vulnerabilities such as SQL injection attacks.

Remember though that the tools in this article are free may not be as comprehensive or thorough as tools that cost thousands of dollars.

With these pieces of software you have a basic toolbox for testing your web pages. Check your sites often and make sure that you have a clean restore disk image just in case you should ever need it.

Related:  

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

profile

WIA Profile: Reba Rocket

As chief operating officer and chief marketing officer of Takedown Piracy, long at the forefront of intellectual property protection in adult entertainment, Rocket is dedicated to safeguarding the livelihoods of content creators and producers while fostering a more ethical and sustainable industry.

Women In Adult ·
opinion

Protecting Content Ownership Rights When Using AI

In today’s digital age, content producers have more tools at their disposal than ever before. Among these tools, artificial intelligence (AI) content generation has emerged as a game changer, enabling creators to produce high-quality content quickly and efficiently.

Corey D. Silverstein ·
opinion

How Payment Orchestration Can Help Your Business

An emerging payment solution is making waves in the merchant world: the payment orchestration platform (POP). It’s quickly gaining traction as a powerful tool for managing online payments — but questions abound.

Cathy Beardsley ·
opinion

Fine-Tuning Refund and Cancellation Policies

For adult websites, managing refunds and cancellations isn’t just about customer service. It’s a crucial factor in maintaining compliance with the regulations of payment processors and payment networks such as Visa and Mastercard.

Jonathan Corona ·
profile

WIA Profile: Laurel Bencomo

Born in Cambridge, England but raised in Spain, Laurel Bencomo initially chose to study business at the University of Barcelona simply because it felt familiar — both of her parents are entrepreneurs. She went on to earn a master’s degree in sales and marketing management at the EADA Business School, while working in events for a group of restaurants in Barcelona.

Women In Adult ·
profile

Gregory Dorcel on Building Upon His Brand's Signature Legacy

“Whether reflected in the storyline or the cast or even the locations, the entertainment we deliver is based on fantasy,” he elaborates. “Our business is not, and never has been, reality. People who are buying our content aren’t expecting reality, or direct contact with stars like you can have with OnlyFans,” he says.

Jeff Dana ·
opinion

How to Turn Card Brand Compliance Into Effective Marketing

In the adult sector, compliance is often treated as a gauntlet of mandatory checkboxes. While it’s true that those boxes need to be ticked and regulations must be followed, sites that view compliance strictly as a chore risk missing out on a bigger opportunity.

Jonathan Corona ·
opinion

A Look at the Latest AI Tools for Online Safety

One of the defining challenges for adult businesses is helping to combat the proliferation of illegal or nonconsensual content, as well as preventing minors from accessing inappropriate or harmful material — all the more so because companies or sites unable or unwilling to do so may expose themselves to significant penalties and put their users at risk.

Gavin Worrall ·
opinion

Know When to Drop Domains You Don't Need

Do you own too many domains? If so, you’re not alone. Like other things we accumulate, every registered domain means something to us. Sometimes a domain represents a dream project we have always wanted to do but have never quite gotten around to.

Juicy Jay ·
opinion

Understanding 'Indemnification' in Business Contracts

Clients frequently tell me that they didn’t understand — or sometimes, even read — certain portions of a contract because those sections appeared to be just “standard legalese.” They are referring, of course, to the specialized language used in legal documents, including contracts.

Corey D. Silverstein ·
Show More