Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Penetration Testing
RE: Website search engine is a hacking tool.. Jul 22 2004 10:01PM
Drew Copley (dcopley eEye com) (1 replies)
RE: Website search engine is a hacking tool.. Jul 24 2004 03:16AM
Charles Gillman (charles gillman ethertech com au) (2 replies)
RE: Website search engine is a hacking tool.. Jul 28 2004 05:27PM
Mark Curphey (mark curphey com)
RE: Website search engine is a hacking tool.. Jul 24 2004 04:46AM
Amal Mohammad Al Hajeri (amal nis etisalat ae) (1 replies)
RE: Website search engine is a hacking tool.. Jul 30 2004 02:15AM
Vinicius Moreira Mello (vinicius lineone net)
Hi,

>-- Original Message --
>Subject: RE: Website search engine is a hacking tool..
>From: Amal Mohammad Al Hajeri <amal (at) nis.etisalat (dot) ae [email concealed]>
>
> and how can we mitigate the risk of using such techniques? did anyone
succeed in using
>the local search engine as a proxy to attack other targets?

Try disabling indexing (apache: Option -Indexes) for as much directories
as possible and not using/protecting critical files under the webserver
(ch)root diretory.

Regards,
vmm.

__________________________________________________________________
Get Tiscali Broadband From £15:99
http://www.tiscali.co.uk/products/broadband

[ reply ]




 

Privacy Statement
Copyright 2009, SecurityFocus