Trusted Security Services

link and website audit tools

Following is a list of trusted sources we use to audit website safety.

You don't need to be a guru to use them, but do use them before visiting a site you don't already trust.  You don't need to be road-kill on the information superhighway.

Quick Overviews

Get Link Info
Redirect Detective
Where Goes?
A shortened link in your e-mail or Twitter looks tempting; but how many unknown and possibly malicious pages does it traverse to arrive at the promised destination (IF it actually does)?  Copy and paste the link into one of these services to see all the redirections and transformations that happen on the way to the final landing page - without them happening to you.

Analyzes suspicious files and checks domains and URLs against 60+ security services.

Checks domains against 20+ security services, and provides additional analytical tools.

Sucuri SiteCheck
Scans domains and directories for malware, checks domains against black-lists, and excels at checking for outdated CMS platforms (e.g. Joomla, WordPress) vulnerable to attack.

McAfee Threat Intelligence
McAfee offers its own unique view, including external affiliations based on traffic flow.

Web of Trust
Rates domains based on multiple trusted sources and a meritocracy of trusted human observers who also check numerous sources.  Simply paste a domain name into the top-right box on most WOT pages.  Provides a lightweight browser add-on to inform you of ratings as you browse and search.  More...

Extended Checks

Websense CSI
Assesses potential malware, detects the OpenSSL HeartBleed vulnerability (CVE-2014-0160), and attempts to classify content:  news, social, tech, etc.

From MalwareBytes, classifies bad domains and IP addresses, and may detect problems that other sources overlook.

Analyzes requests and scripts executed in loading a web page, and shows calls to external sites.  Bet you didn't know that CharityX sends your funds to PoliticianY and your personal info to SpammerZ.  (Actually, you would need more research to verify it; but these clues can help.)

Trend Micro
Another unique malware perspective.

This OpenDNS project reports domains cited for "phishing":  impersonating a legitimate website or page for malicious purposes.

Qualys SSL Labs
If a site claims to be secure and this SSL scanner reports grade "C" or less, don't shop there.  If a site is not secure (address begins with "http", not "https"), don't shop there.  If you see fake trust seals - BBB, VeriSign, etc, images which are not live links to the trust authority - don't shop there.  And don't enter any credentials.  Just.  Don't.

Norton Safe Web
Malware reporting which tends to be a bit too optimistic, but may detect real problems overlooked by others.

Another unique malware perspective.  Take it with a grain of salt:  it's not as accurate on either side of the fence but may detect real problems overlooked by others.

A central registry for spamming domains and IP addresses.

A heuristic and statistical approach to domain and IP threat analysis.

Dumpster Diving

If a domain has a checkered past, or present, you'll probably find it here.  The data is very dense with record-keeping.

A unique "Swiss Army Knife" of domain and IP associations, categories, mappings, and histories.
Yesterday, some site was the Face of Evil; but somebody tipped off the crook, and today the evidence is gone.  Or maybe not.

DomainTools WhoIs
The standard for domain record and IP address lookups and research.

Hurricane Electric BGP
Domain record and IP address lookups with its own tool-set and more flexibility than the free version of DomainTools, but the results may lag somewhat.

now reading: Trusted Security Services
© 2010-2018 Lauver Systems • Edwardsburg, MI • 269 635-0721
 Print this frame ...