Can you trust it ?by Joaquin F. Telco CEO Let me start this article with a quick question:
Would you buy a hair save miracle product from a bald guy ?
I continuously get offers for promote my site, to get extra cash, to participate in a new social media, etc, etc
But when I go an step ahead and let me be skeptical , I discover the non trust offers.
Last one I got was for a site, who is few month older, have not enough Google indexed pages, and has not RDNS
offering me viral solutions to promote my webs.
First doubt, why they don't use his fantastic services to do a self-promotion ?
Then I decide, tired of these offers , I am not telling you all are fakes or scams, but just take care and
do a little research before you give them even your email address, to write this article.
Others are like very nice new social media ( Xenzuu ), where they are using a mail server for email validation
that has come blacklisted in DNBLS https://www.dnsbl.info so I am not able to get that email from kunderserver.de
SMTP and of course I am not going to add them to my SMTP white lists !!!
Here is a resume of things you can check by your self:
1. Check RDNS ( Reverse Domain Name )
Open in you computer some Xterm, MS-DOS Console or similary and type:
You will se his IP address, even they don't allow ICMP traffic.
If they have RDNS you will see a name related with his domain name.
If they lack or RDNS you will see his provider name, arbitrary name or even worst EMPTY value.
2. Check how old is the domain name:
Check the Creation Date value
3. Check who and where is hosted
Is a cheap provider ? is an USA company hosted in China ?
Has his own IP address or are sharing cheap service providers IP's ?
4. Check how much popular is:
Open your browser and go to Google.
Now search "site:DOMAIN_TO_INVESTIGATE.xxx"
You will get back how much pages they have indexed.
Opppp they have no more than few ones ? Bad
Next, go to SEMRUSH, Majestic, Alexa and other metrics on-line tools and check for the same domain name.
May be you discover they said was a viral site and really are getting very little traffic.
5. Has SSL Public Certificate ? What class of Certificate ?
If the web site has HTTPS in front of it, they are using SSL Certificate.
If in your web browser the SSL icon appears ok, then seems is a Public CA validated Certificate.
But you can get a cheap DV ( Domain Validation ) or more expensive OV ( Organization Validation ) or even more expensive one EV certificate class.
As you already assume, DV just say that is the domain, nothing about to Certificate his owner, company or who is behind that domain name.
Click on the SSL icon of your browser and then click on "View Certificate" and you will see who are who.
If your are on a Shell, you can also issue this command:
openssl s_client -showcerts -connect DOMAIN_NAME:443
to collect the full Certificate information.
Of course for sites offering you buy little value things you can accept one DV, but in general doing e-commerce at least OV must be required in a way you know they are who they say.
6. Check his server "health".
May novice people mount a server from a tipical Ubuntu, or other Linux
Distributions, but no just they don't care on be regulations compliance, even they don't take a meassure for security.
Probably these sites also are collecting info from you, even only your email.
I faced cases where for just pre-signin ( and never confirmed my email later ) I got spam to that email. Notice I created this email just to check this, so is not possible other spam already know it in just 2 days.
One excellent tool is NMAP.
Go to https://nmap.org/ and download it if you already not have it.
Then you can scan all ports and services in the target server just doing:
Novice and cheap people will provide you all his server info, even with very interesting opened ports to try an attack.
Next thing you can check if the server UPTIME, that is the time of the server since last reboot.
Is normal sites need a reboot some times, but as long UPTIME then best stable site.
Don't come in panic if you see an uptime of just 2 days, where the average uptime for that site is 1 year !!!
All these 6 checks are the MOST IMPORTANT, failing in just ONE of them may be enough to don't trust the site.
If you need more checks to do, don't hesitate ask me and I will expand on how the site is build ( are they using frameworks for non-skills or are they using really programming a site , check on network performance, even install tcpdump, WireShark, Suricata, Snort and other traffic analizer to show you if a site is injecting you traffic from other, may be maliciosus sites or sending traffic from you to them , etc )
Hope this article help you choosing who to trust and who to blame.
Created on Feb 10th 2018 13:53. Viewed 1,048 times.
No comment, be the first to comment.