So-called "Google hacking" is making it easier for would-be hackers to find vulnerable Internet sites.
According to Barry Cribb, MD of IS Digital Networks, a potential hacker can identify weaknesses in Web sites simply by building the correct queries in the advanced search criteria.
"Obviously these criteria have been designed to help the average Net user refine their searches, but as they say in the classics, what can be used for good can also be used for evil," he says.
"The real problem here is that the traffic is initially directed to the Google search engine cache, passing firewall or IDS detection mechanisms, so the victim is unaware a hacker has even discovered the vulnerability until it is too late."
He says that by using specific commands combined with wild card characters, it is possible to build queries capable of searching for specific vulnerabilities of Internet-facing devices, thus providing hackers with more targets faster than ever before.
"This is emerging more and more in the public domain, because as more people become aware of this, they are curious, so it may even be done by someone who is simply trying it simply to see how it works, rather than a dedicated hacker," says Cribb.
Cribb says entering a certain string into the Google search window "will get a list of about 38 000 sites with admin login pages".
"The recent Santy worm, as an example, used a flaw in the popular bulletin board phpBB to spread, as the worm simply searched Google for sites using the vulnerable version."
He claims that standard login pages and welcome messages, as well as the standard error messages are examples of weaknesses that may be exploited by hackers.
"The best way of protecting yourself from the possibility of Google hacking is to change your default welcome message; change default error messages; remove the site - or at least parts of it - from the Google list, using the robots.txt file; and remove sensitive information from the Web site.
"Another way is to test the Google cache yourself by effectively hacking your own site, to see your site vulnerabilities from the point of view of an attacker," says Cribb.
Google could not be reached for comment at the time of publication.
IS Digital Networks will host the first of a number of presentations explaining how Google hacking works and how to prevent it on 28 July. For more information, go to http://www.isdigital.co.za/google_hacking.html
Related stories:
Google service to rival PayPal
Hackers 'think small, score big`
Google offers personalised home page
Jackson suicide spam hides virus
Share