I don't mean to sound redundant but yes search engines have been used by hackers since their inception to passively obtain information about vulnerable servers. When combined with resources like alldas.org's nmap and banner results of previously hacked websites, netcraft.com's "What's that site running", archived mailing lists (for those lovely mail server version strings), etc. one might find that very little active scanning is required to validate the profile obtained from passive sources. Passive sources allow an attacker to choose victims without being detected however the issue is really that the victim was vulnerable. Not that the vulnerable state was exposed by a passive source. peace, core Kurt Seifried wrote: >>Let me first say that I do now know if this issue has been brought to >>light before or in what detail it might have been discussed. On to the >>show... > > > It's been brought to light, though not much publicly (like many things). > > >>The problem I have found is that google may be archiving too much >>information on sites. By carefully crafting search strings you can > > > It gets much worse. We alerted customers to: > > http://www.codito.de/prog/mass-scan.gz. > > on June 13, it's been out a while, and I'm betting it's not the only one. > > The best though is google's cached data, you don't even have to visit the > website half the time to view the sensitive information. It's a great way > for avoiding paysites (well.. avoiding paying for the content on the > paysites that is ;). > > Kurt Seifried, kurtat_private > A15B BEE5 B391 B9AD B0EF > AEB0 AD63 0B4E AD56 E574 > http://seifried.org/security/ > http://www.iDefense.com/ > > > > > > > >
This archive was generated by hypermail 2b30 : Sat Jul 06 2002 - 10:55:14 PDT