Website
Website Website is a basic unit of information in the Internet.

Website is a single resource of information in the Internet. Usually, it is realized through a set of web pages, devoted to some specific topic. The pages are written in special markup lenguages and may contain various types of data - applications, audio and video files, images etc. The site is hosted on a hardware server and can be found in the Internet by unique name due to DNS. The access to a website usually provided by HTTP (hyper text transfer protocol), or its secure version - HTTPS. This protocol provides possibility to deliver information from the server to a client, who is usually viewing the pages with the help of special application, called browser.

  • CM.Glossary.Uptime
  • CM.Glossary.Website Hosting
  • CM.Glossary.DNS
  • CM.Glossary.HTTP
  • CM.Glossary.WebsiteMonitoring
more glossary
"

Very useful for my company's website verification whether it's up or down and be notified immediately about it, even if using a free account!

"
- T.
Shellshock vulnerability online check

Considering the recently discovered Shellshock vulnerability, HostTracker has created a tool for testing it.

Check your server for vulnerability

How does it work?

It is developed for a Linux server with a web server installed on it. The algorithm is very simple. We consequently generate 4 http requests:

  • 1. Ordinary request
  • 2. The request tries, using vulneratility, post a "harmful" cookie which causes 2-seconds delay in respond to our special http request.
  • 3. The request tries, using vulneratility, post a "harmful" cookie which causes 4-seconds delay in respond to our special http request.
  • 4. Same as #3

How to understand the result?

We compare response time for all 4 requests. Three situation are possible:

  • 1. Vulnerability found. We may affirm that if the difference in responses is about 2 seconds for requests without cookie and with 2-second-delay cookie, as well as for requests with 2 and 4-second delay cookie. It means that our request was able to use the vulnerability and set these cookies.
  • 2. Vulnerability not found. All the requests have about the same response time. The cookies, likely, were not installed because there is no vulnerability.
  • 3. Uncertain situation. If the response time differs widely, without coincidence with preset by cookies delay, we can not say for sure. It could be if the server is under high load. To check this, we use two requests with same cookies (#3 and #4). If the response time for two same checks varies, we make a conclusion that the response time is not affected by cookies. At least, not only by them. So in this case our method can not detect vulnerability

Safety of checks

Our test can not damage your server. The risk consists of appearance of one extra-cookie, which is used only for our requests and can not affect normal work-flow of your site.

more blog
Thank you for feedback!
 
More
:
Home > Sign In

Forgot password?
Don't have an account?