 |
 |
Home > Step 1: Identify what could be Google hacked |
 |
 |
 |
Step 1: Identify what could be Google hacked |
 |
| 20 Oct 2005 | SearchWindowsSecurity.com |
 |


|
Most Websites of any size at all contain both public data and private data, but we're not worried about public data. The concern is the private data that is stored on a hidden backend page or in a backend database and is not intended to be seen by the public. For example, most often, the really dangerous private data consists of information about customers who have placed orders over the company's Web site, like addresses or credit card numbers. But the concept of private data extends beyond a virtual storefront, your site's private data is anything that resides on your Web site or that is connected to your Web site (through a backend application) that you do not wish to be disclosed to the public.
You need to make a determination as to what on your Web site might be considered private. For the sake of example, I will assume that your site contains an online ordering system and that your customer information needs to remain private. I will therefore focus the rest
To continue reading for free, register below or login
To read more you must become a member of SearchEnterpriseDesktop.com
');
// -->

of this article around sniffing out and protecting customer information. If your site has some other type of private information that needs to be protected, then you can adapt these same techniques to your own individual situation.
If customer information is what you want to protect, then you need to have some specific information on hand that you can search for. I recommend going through your customer database and pulling out a few names, phone numbers, addresses etc. See my previous article on Google hack Honeypots for how to search credit card number ranges.
I recommend using data from older orders if possible because Google does not index Web sites in real time, and if your site does contain a design flaw, Google may not have indexed the data from newer orders yet. You will never find the problem if you are searching for data that hasn't been indexed.
[TABLE]

|
 |
|
 |
 |
 |
| TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of . |
|
| |
All Rights Reserved, , TechTarget |
|
|
|
|
|