What is blacklist monitoring?

SiteInspector blacklist monitoring is an automated, daily check to make sure that your website is not blacklisted by any major search engine or anti-malware organization.



Back to top

Why should I sign up for SiteInspector Pro?

• Free, automatic, daily malware scans on your website
• Daily checks that your website is not present on any Internet blacklists
• Full reports and mitigation advice if malware is found
• You are notified the instant a problem is detected
• Easy, web based interface means you can be up and running 5 minutes after sign up

Back to top

How should I subscribe for daily malware scanning?

Just visit click the 'Sign Up' button at the top of this page
Back to top

How does it work and what does it scan?

SiteInspector uses browser instance in sandboxed environment ( a virtual machine) and browses the page at the URL that you submitted. If the browser performs a malicious activity, crashes, downloads a suspicious file, changes registry entries or exhibits behavior consistent with malware activity then its flagged as malicious. This allows regular Internet users to test the safety of a particular website and allows website operators to test the safety of their website from their customers point of view.

Back to top

What does the online scan do?

SiteInspector Online Scan, is a on-demand service that scans a single web page for malware. To use the service, simply visit the online scan page, enter the URL of a web page and click 'Scan'. SiteInspector acts as a vulnerable customer by visiting the page and testing whether it launches an attack. If it does, then the scan results will warn you that the website contains malicious content. Each scan takes only a few seconds.



Each post-scan report contains the results of the latest scan along with a history of previous scans.
Back to top

What is Malware?

Malware (short for "malicious software") is any harmful program or file intended to secretly access a computer or steal confidential user data. The umbrella term 'Malware' covers computer viruses, worms, Trojan horses, spyware etc. Malware may be served as hidden codes within a website content, served content like banners, advertisements etc and used as a vehicle for hacking and other cyber-crime.

Traditionally, malware was only 'activated' as a result of the user proactively opening an infected file (for example, opening an email attachment or double clicking on an executable that had been downloaded from the Internet). Unfortunately, hackers have become much more sophisticated over recent years and this level of interaction is no longer required. Hackers can now launch attacks over the Internet – attacks that are triggered simply because the user visited the website. In some cases, these 'drive-by attacks' often use served ads as a vehicle for delivery.
Back to top

How can a website infect my PC?

There are many ways in which a website can attack your computer. Two of the most dangerous and widespread examples are:

The 'Drive-by-Download' Attack The 'drive-by-download' attacks occur when a visitor navigates to a site that injects malware onto the victim's PC. Crucially, these attacks are usually downloaded and run in the background in a manner that is invisible to the user - and without them taking any 'action steps' to initiate the attack ( for example, erroneously downloading a file that later transpires to be malware). Just the act of viewing a web-page that harbors this malicious code is enough for the attack to run. The downloaded malware often initiate a buffer-overflow attack.

Buffer-overflow attack occurs when the downloaded malicious program or script deliberately sends more data to a target applications memory buffer than the buffer can handle - which can be exploited to create a back door to the system though which a hacker can gain access. The goal of most attacks is to install malware onto the compromised PC whereby the hacker can reformat the hard drive, steal sensitive user information, or even install programs that transform the machine into a Zombie PC.

There are many types of buffer overflow attack, including stack attacks, heap attacks and ret2libc attacks. In each case, the goal is to destabilize or crash a computer system by deliberately causing a buffer overflow – creating the opportunity for the hacker to run malicious code and even gain control of the entire operating system. As would be expected, the applications most vulnerable to a buffer overflow attacks are those whose primary function involves Internet connectivity - such as web-browsers, e-mail clients and instant messaging applications.

Cross Site Scripting Attack The Cross Site Scripting (XSS) attack is initiated by Malicious attackers injecting client-side script into web-pages accessed by unsuspecting users. The injected scripts enable the attacker to steal sensitive page content, session cookies, and a variety of other information maintained by the browser on user's computer. There are two types of XSS attacks:

Non Persistent: The malicious script, passed by the attacker e.g. through the HTML forms, can place place hidden frames or deceptive links on unrelated sites in the web content of the legitimate server, and cause victims' browsers to navigate to a malicious site automatically - often completely in the background - and in such a case, the attacker can intrude into the security context and steal them from the victim's browser.

Persistent: The malicious script, passed by the attacker e.g. through the HTML forms, is saved in the server and displayed permanently in the normal pages rendered to the visitors. This enables the attackers to hijack the transactions through the legitimate server and can steal sensitive information like authentication passwords, credit card numbers, billing information etc.
Back to top

What should I do if I discover an infected site?

If you find a site with malicious content, please report your network administrator or your ISP along with the URL of the website. Also include the information that you discovered these threats by using Comodo SiteInspector scanning service, available in your report (Report as Malicious). This will enable the administrator or the ISP to rescan the reported website(s) and to take necessary actions based on the scan reports to safeguard the visitors of the website.
Back to top

Is this the only place I can find SiteInspector?

SiteInspector is also a part of Comodo's HackerProof vulnerability scanning service. HackerProof's Daily vulnerability scanning together with SiteInspector's innovative new scanning technique create a powerful combination for protecting your website and your customers like nothing else on the market today.
Back to top

How will I know that my website is blocked by search engines?

If we find that your site is blacklisted, we will immediately alert your via email, sent to the email address registered with us along with your account.
Back to top

How do you identify that malware has invaded into my site?

We scan all the files in your website with our award winning scanning engines and the very latest database of known malware in order to identify even zero-hour threats.
Back to top

Will you be able to identify invasion of malware before the search engines do?

Your website will be scanned for malware and malicious changes everyday, whereas the search engines do the same at longer intervals. Hence we could identify the malware before it could be seen by the eyes of scanning by the search engines.
Back to top

How will you notify me if you find malware in my site?

Immediately after finding malware we will alert you through email at the email address registered with us during account creation. This will enable you to take necessary remedial measures to disinfect your site and prevent being blacklisted by the search engines.
Back to top

How many websites/pages are covered by my Free License?

Your Free License covers one website (domain). You can enroll up to three pages from the domain for Daily Malware Scanning and Daily Blacklist monitoring.
Back to top