Jump to content


Photo
- - - - -

How Do You Find Out Which Website A Computer Virus/trojan Came From?


  • Please log in to reply
1 reply to this topic

#1 Joker37

Joker37

    Advanced Member

  • Members
  • PipPipPip
  • 32 posts

Posted 14 April 2011 - 05:42 PM

How does a computer get an infection from internet usage?

And iff you did get a virus, trojan etc...would you be able to know which website the virus/trojan came from?

How would I do this if I wanted to find out? Is there a way?

#2 alexander

alexander

    Dedicated Smart-ass

  • Members
  • 5,722 posts

Posted 14 April 2011 - 10:14 PM

Do you have network logs? If yes then grep, if no then, do you have a friend judge? if yes then you can get him to grant you a subpoena to get your network logs from your ISP and then grep. Much more less reliably, you could pull your browsing history and try to match the time stamps on the virus files (not that those are hard to fake or browsing history is hard to modify).

But let me ask you this, how do you know it was a website? Various viruses and trojans use various means of transmitting themselves, network or not, some may exploit a vulnerability or a service to get onto your machine from other places, some can come on an oem cd or an ipod or a usb thumb drive from your mate. And the ever-so-dangerous public wifi only makes it worse, because i can have a legitimate website feed you a face full of exploits, and you didnt even have to have visited it from the wifi access point. It could even be a legit-ish webiste that doesnt know its owned, that fed you the file through a flash player exploit or something... How do you know the penetration vector until you check the network logs...?