Step 4: More complicated Google queries

OK, enough of the amateur stuff. If the random searches that I described in the last paragraph didn't turn up anything, then it's time to use a more focused search. A lot of people don't realize it, but there are a lot of different mechanisms built into Google that you can use to fine tune your search. There isn't one single page that lists all of the Google search mechanisms, but you can read about most of them at: http://www.google.com/help/refinesearch.html and at http://www.google.com/help/operators.html.

The first Google search mechanism that I want to introduce you to is the site query. Let's pretend that I had bought something from your Web site and that my name was therefore included on your customer list. That being the case, you decided to do a Google search against my name; Brien Posey. I have developed a fair amount of content for the Web, and when I performed a Google query against my own name, I received 407,000 results. There is no way that I am going to take the time to scroll through 407,000 results to see if any of the results come from a specific Web site. Fortunately, Google can do this for you. The site query tool allows you to filter the results based on domain. Let's say for example that I only wanted to see pages containing my name that came from the techtarget.com domain. To do so, I would enter my name followed by the word site, a colon, and the domain of choice (in this case techtarget.com). When I run the query, I go from receiving 408,000 results to a mere 748 results.

Brien Posey site:techtarget.com

Of course I am getting 748 results because I have written a whole lot of articles for TechTarget. If I was one of your customers and you were trying to s

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Microsoft Windows security tools Using System Center Essentials as a patch management tool Troubleshooting Microsoft WSUS connectivity issues Windows security tools for the busy desktop administrator Four Internet Explorer 8 group policy security settings Microsoft Stirling security console delayed for more integration Why should Windows shops use Microsoft Baseline Security Analyzer? Using Sysinternals tools in security management scenarios Sysinternals tools: A must-have for every Windows security toolbox Windows security tools roundup Top Windows client security tools for end users Microsoft Internet Explorer management Four Internet Explorer 8 group policy security settings Safe enterprise Web browsing: Five tips in five minutes Top client security tips of 2006 Phishing filter: Step 2 General security configuration: Step 1 Windows Vista and IE7: Step 5 ActiveX opt-ins, information bar and cross-domain protection: Step 4 Protection against international domain names, URL handling: Step 3 IE8 brings focus to cross-browser compatibility and Web standards Cross-site Scripting 102: How to defend against cross-site scripting

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary ActiveX  (SearchEnterpriseDesktop.com) ActiveX control  (SearchEnterpriseDesktop.com) Internet Explorer  (SearchEnterpriseDesktop.com) Internet Explorer Administration Kit  (SearchEnterpriseDesktop.com) tabbed browsing  (SearchEnterpriseDesktop.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

ee if my name showed up on your Web site, then hopefully you wouldn't get any results. If you don't get any results, then I don't recommend just stopping and assuming that your site is safe after performing a single query though. Try searching on other items from your customer list or from Web pages that customers should never see, just to see if anything comes up.

Earlier, I mentioned that you may have pages within your site that the public should never see, and that you should get a list of those pages. Hopefully, you have the filenames that make up those pages. If you have a list of the filenames of the pages that should never be seen by the public, you can do a search to see if Google has any knowledge of those pages within your site. The easiest way to do this is to use the INURL tool in conjunction with the SITE tool.

The INURL tool allows you to find pages that contain the search term in the page's URL. Let's say for example that you decided that your site's administrative console should never be seen by the public, and that the console's filename was ADMIN.ASP. You could do an INURL search against the word admin. This would show you pages that have the word admin in the URL. Of course you will still want to use the SITE tool as well so that you are only looking at results from your domain. After all, Google lists almost 50,000 results for pages that have the word admin in the URL.

So let's say that you wanted to search for pages with the word admin in the URL on a site named yoursite.com. That Google query would look something like this:

Inurl: admin site:yoursite.com

[TABLE]