Hackers love search engines
June 27, 2006 – 7:15 amIf you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
I know most people love search engines, and hackers are no exception. They use search engines to make nice lists of targets. This is quite a common thing, with signatures from certain websites targeted:
“Search engines crawl sites, and some information that you don’t want exposed is also exposed because of lack of knowledge of what is on the systems,” Bhalla explained.
The more information that is left publicly accessible on the web server, the more vulnerable the website is to attack. It’s probably true that many people would never even think of something as subtle as how much info the crawlers have made available about your website.
The best part for a hacker using a search engine to find victims is that they can go unnoticed. They aren’t scanning ports or doing anything intrusive enough to set off detection traps. They can quickly find machines that are vulnerable, while raising few suspicions.
Bhalla also pointed out using a robots.txt might help, but:
- It can be read by a human
- Certain crawlers don’t follow it, so you aren’t protected
Awareness of the situation is half the battle.
If you enjoyed this post, subscribe to the Web's Best RSS feed!. See if your website's meta tags are optimized
Subscribe to RSS Feed
Subscribe to Updates via Email