Googling Up Passwords

Googling Up Passwords
Scott Granneman, 2004-03-09

Google is in many ways the most useful tool available to the bad guys, and the most dangerous Web site on the Internet for many, many thousands of individuals and organizations.

Expand all | Post comment

Googling Up Passwords... and copyrighted documents... 2004-03-09
Chris

Googling Up Passwords (and P2P networks) 2004-03-10
JD

Googling Up Passwords 2004-03-10
mwood

Googling Up Passwords 2004-03-10
BCat (1 replies)

Googling Up Passwords 2004-03-13
N.K.

Googling Up Passwords 2004-03-10
Anonymous (1 replies)

Googling Up Passwords 2004-03-11
ComSec

Googling Up Passwords 2004-03-11
Anonymous (1 replies)

Re: Googling Up Passwords 2006-03-31
Anonymous

Googling Up Passwords 2004-03-11
Anonymous

It should be noted here that all web servers should disallow viewing of directory indexes unless absolutely necessary.

This can be accomplished, for apache, by removing any instances of:
`Options Indexes' within your httpd.conf file.

The files within the directory will still exist and be publically available, but will not be indexed by search engines, robot.txt or not.

In this case an attacker would have to know the location/name of the file instead of browsing the directories.

Although, security via obfustication is still not secure.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/224/25333#25333

Googling Up Passwords 2004-03-11
Oscar (1 replies)

Googling Up Passwords 2004-03-11
Anonymous (1 replies)

Googling Up Passwords 2004-03-15
Anonymous

Googling Up Passwords 2004-03-11
Mrdee

Googling Up Passwords 2004-03-12
DRUIDSIX

Googling Up Passwords 2004-03-12
Anonymous

Google is searcher engine or spy !? 2004-03-13
CRKCHAT (1 replies)

Webmasters fools or clever? 2004-03-16
Anonymous

Googling Up Passwords 2005-08-24
Anonymous (1 replies)

Re: Googling Up Passwords 2006-04-06
Anonymous