Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Google Hacking Sting Is New Threat To Web Sites, Warns NTA Monitor

Feb 27, 2004 2:12AM PST

Crafty hackers are pinpointing popular Internet search engines such as Google, MSN or Yahoo in a new sting to mine confidential material from UK public and private sector web sites, Internet security specialist firm NTA Monitor has warned.

So-called Google hacking, named after the search engine, relies on a carefully crafted combination of search terms to unveil confidential documents, databases and images.

?Hackers are about to give UK web site owners a severe slap in the face.

This weakness is particularly scary because attacks are simple and completely anonymous. Web site owners must act to ensure that they close any holes in their web site security after conducting comprehensive testing,? said Roy Hills, technical director, NTA Monitor.

Search engine robots only index pages that are hyperlinked from a root directory or another site, but improperly configured servers, holes in security systems and human error mean that confidential material can be accessed via the web. Google hacking is deemed to be entirely legal, as any material accessible via a search engine is deemed to be in the public domain.

http://www.itsecurity.com/tecsnews/feb2004/feb240.htm

Discussion is locked