Using google to attack on your personal web server
According to this document Google can be utilized to attack on your personal web server.
Google can be utilized to hack into websites - actively exploiting them (not information gathering by the use of Google hacking, although that is how most of the sites vulnerable to RFI attacks are found).
By placing a URL on any web page, Google will find it, visit it and then index it. With this mechanism, it is possible to anonymize attacks on third party web sites through Google by the use of its crawler.
Read more at securiteam.com blog... (found via slashdot)
Solution is quite simple put a web server in chrooted jail
Or use OpenBSD which runs Apache out of box in chrooted jail.
Want to stay up to date with the latest Linux tips, news and announcements? Subscribe to our free e-mail newsletter or RSS feed to get all updates.
You can Email this page to a friend.
You may also be interested in other helpful articles:
- Cracking Wireless WEP-104 in record time
- Howto: Protect account against a password cracking attack
- Running Google earth on Linux (upcoming Google port)
- Build your positive self-image or brand with Google
- DDoS attack on Blue Security Blog takes down Typepad, LiveJournal Offline
Discussion on This Article:
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!


Some example hot to use Google to hack some websites, just for fun:
http://www.google.com/search?q=localhost+site%3A.com%2Fconfig.inc