Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!


Using Google to search for security holes in websites

Save your company's valuable data with Proxy Sentinel™ from Internet Security. Click here for all the details.

January 11, 2005

SiteDigger 2.0 searches for information about a site's security features by sending specific queries to Google's database. Known as Google hacking, such queries can turn up easily exploitable security holes and some sensitive information, including such things as credit card numbers and user account information.

The free service should help Webmasters stay informed about what information is out there regarding their sites, said Chris Prosise, vice president of worldwide professional services for security technology company McAfee.

Montreal Web Design will build a great-looking site for your business
Montreal Web Design will build a professionally-looking website for your company, and do it at a really competitive price. Learn more by clicking here.

"We built this tool really as an awareness tool," Prosise said, adding that SiteDigger highlights problems that Webmasters might otherwise not know about. "As a victim, you would never really know that someone was using this information."

SiteDigger does not discern whether the person using it is an authorised administrator of the site or a potential attacker looking for weaknesses. Prosise agreed that this means the tool could be used against a site, but pointed out that Google requires that any user of an automated service sign up with its Web services development program.

Recently, the Santy worm used Google queries to find potentially vulnerable computers, which the program would then try to infect with its code. Several other tools have been created by other research groups to comb for flaws using Google's database.

Google could not immediately be reached for comment on SiteDigger. Johnny Long, a senior engineer at Computer Sciences Corp. and author of the book "Google Hacking for Penetration Testers," said such tools are necessary for Web administrators to keep their sites safe.

"There is no way for a security team to stay on top of Google without automation," he said. "They can't spend all the time trolling through Google."

Long maintains a site of more than 800 signatures of common security problems that can be searched for with Google. SiteDigger and other tools use the signatures to query the search engine for the problems.

Get the best Linux or Windows Web hosting plan for your website.
Get the lowest rate and the best tech support on any Linux or Windows hosting plan. Learn more by clicking here.

While stressing that SiteDigger benefits Web sites with knowledgeable security personnel--usually the larger sites--Long acknowledged that smaller, less security-conscious sites would likely be at a disadvantage against potential attackers. Such sites typically aren't aware of the threats posed by Google hacking.

"The little guys are going to lose whenever a new tool comes out," he said. "The smaller site you are, the more you have to worry about."

Source: Builder.au


Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.


Back to the top of the page.         

You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet Security.ca 2005    Terms of use    Privacy agreement    Legal disclaimer