Check_website_fingerprint ?

[Jon Angliss]

On Mon, 13 Oct 2008 13:38:34 -0400 (EDT), "Brian A. Seklecki"
<lavalamp at spiritual-machines.org> wrote:

>
>All:
>
>Anyone have a nice plugin to valid a website's contents against a 
>cryptographic fingerprint (e.g., defamation/content manipulation check)?

tripwire, or some such app?  I think here is a nagios plugin for
tripwire.

>nagiosexchange.org says no.
>
>I was thinking something simple with PHP+SimpleXML+mhash. Take the 
>expected fingerprint as $argv[1] and the URL as $argv[0].
>
>The tricky part is exempting dynamically generated content from the 
>checksum.

If you're working with dynamic content, I'd give up trying to test it
through the web server, and test the files themselves.

A slight alternative is something like this:

http://members.aol.com/EJNBell/pgp-www.html

You can pgp sign your html portions of the code, and blank out the
dynamic stuff... That becomes quite complex sometimes.

-- 
Jon Angliss


-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null