server security.Servers are mission critical. Server security is a the key job of IT professionals in the new century. Server Security depends on the latest information. Server security means business.

Friday, January 14, 2005

Google Hack

Last year two high profile worms used Google and other search engines to find potential targets. In August, a MyDoom variant used Google to find email addresses and a few months later the Santy worm found vulnerable bulletin board applications using various search engines. Security experts expect to see a lot more this year and advise enterprises to minimise their exposure to such attacks.

Andrew Collins, security manager in Asia/Pacific for CyberTrust, said that enterprises can avoid many of the potential dangers by ensuring that network resources -- such as Web cams -- are not indexed by search engines.

"We expect to see further automated attacks using Google searches to select potential targets as well as a continuing increase in the discovery of search strings that return unintended information such as error codes, Web-based cameras and restricted/private documents and Web pages. Network enabled physical security systems, such as Web cams and digital video capture systems, should be moved onto private networks that are not addressable from the Internet," said Collins.
znet uk
The Google bot is relentless. Once it starts in on your site it will index every page. Even pages you don't realize you are publishing such as web cam feeds. It will squeeze through any careless link to your private pages.

Whole websites are devoted to porn "open directory" situations where someone has found a back door into pics of naked girls or what have you.

Bots don't know your private network is private...if they can find a link they'll index the pages and people will be able to direct link in.