Monthly Archives: January 2006

PhpWebChecksum to be released soon

Posted on by
1

The first version of my php script to monitor changes in your website will be released soon. I already set up a sourceforge account for PhpWebChecksum which will be mainly used for bugtracking, and maybe source code management (CVS) and file storage for releases for now. The projects homepage will be hosted on techbits.de under /projects/phpwebchecksum which is already available as well. At this point I have to make sure I can use Keith Devens’ PHP XML Library which I included in my php script and figure out how I’ll solve the pass-by-reference issue when switching between PHP4 und PHP5.

Here is another teaser screenshot of the main form with header, footer and some design improvements:

main form with some design improvements

Checking websites for intrusions

Posted on by
Reply

When I recently installed this blog a thought about how you could monitor a website for intrusions. Almost all sites use some kind of content management system, blog or other portal software. Unfortunately we all know that software does have flaws an that there are script kiddies out there who do not hesitate to exploit them as soon as they are found. Since most of the small sites and blogs are hosted on simple PHP/MySQL webspace it is not as easy to monitor the integrity of your site when the web application has hundreds of files buried deep in a directory hierarchy and you only have FTP access to browse through it.

I googled for tools that create checksums for websites but I didn’t find much, so I started on creating a PHP application for that that purpose. My prototype has the following functionality:

  • generating an xml list with checksums (SHA1) and file dates for a complete directory tree
  • the xml list can be downloaded to be stored locally
  • the xml checksum list can later be uploaded to be compared against the current state of the website
  • a comparison is computed and display showing all modified, new and missing files with the information what (date, size, checksum) has been modified.

Here are two screenshots that show the current development version:

Main Form - generate and compare checksumsChecksum Comparison View

I will continue working on this tool and make it available as open source when it’s fairly stable.

Extending the blog

Posted on by
3

I have just installed the tagging plugin Ultimate Tag Warrior for WordPress to easily add some technorati tags to this blog. It provides a tag editor within WordPress’ Write Post page to associate tags with the post and it even suggests tags for the post you have written. The tags for each post can be displayed as links to different services like technorati or flickr (and more) and build up to a tag cloud that can be used to dig through your post archive. A Very useful plugin.

I’ve been playing around with the recent K2 Beta Two in the last few days – it supports Ultimate Tag Warrior out of the box by the way. The Beta Two looks really nice, the new icons and the ajaxified comments dialog are particularly noteworthy. I still have some image editing and css hacking to do until I’ll update the theme here, maybe with the next (beta?, rc?) release of K2.