Lockstep software repairs hacked Web sites

Lockstep Systems Tuesday announced a new version of its WebAgain automated Web site repair software, with the new version adding detection and removal of trojans and backdoor programs, better support for virtual private networks, expanded protocol support and international language editions.

WebAgain allows Web sites that are compromised or modified by attackers to automatically be restored to their proper state, according to Mark Dixon, vice president of business development at Lockstep. The software does this by sitting on a server placed between Web designers and the Web servers they publish their work to, he said. Instead of publishing Web site changes to a test or production server, developers publish their changes to the WebAgain server, which immediately makes an archive of the site and then publishes the changes to the proper server, Dixon said.

The WebAgain server can then monitor the publicly available Web site for changes and if it finds any return them to the state saved on the WebAgain server, he said. The changed content is also saved for law enforcement or research purposes, he added. Monitoring can be done with varying degrees of thoroughness every minute, every hour or a few times a day depending on a user's needs.

The new version of WebAgain, Version 2.5, boosts the capabilities of the software by adding the ability to detect the unauthorized addition of files to a Web server, looking specifically for trojans and backdoors, Dixon said. Version 2.5 also adds support for VPN, FTP and Front Page extensions.

The software is also now available in Japanese, with future international versions to follow, Dixon said.

WebAgain is "a very smart product," according to Ken Pappas, president of the analyst firm Opal One. The product can do what Lockstep claims it can, and does it well, he said.

Pappas expects that the product could have mass appeal to business, and should be especially popular with e-tailers, companies with online catalogs and financial services firms. The automatic repair feature will be particularly compelling due to the time and money it will save, he said.

"If you don't need to put an IT guy on a particular problem, then you're ahead of the game," he said.

Despite his praise for the product, Pappas said he would like to see WebAgain be supported on more platforms and add the ability to monitor servers located on a network separate from the WebAgain server.

Despite these reservations, "I think it's a legitimate product," he said.

WebAgain runs on Windows NT/2000/XP. A license costs $995, with each Web site, or site subsection, as defined by where a Web designer has to log on to a new site, requiring a separate license. The software is immediately available worldwide.

The IDG News Service is a Network World affiliate.