The following tip is one of a series on why and how to perform security scans against your public-facing servers using Google. Return to the main series page for the complete list of tips.
If you perform information security assessments -- penetration tests, vulnerability assessments or broader ethical hacking tests -- there's one testing tool you must not be without. Although it may be hard to be "without" a Web site, Google (yes, www.google.com) is one of the hottest tools you can use on a regular basis to test Windows systems for security holes. Given that its functionality and power can even be used against you, it's a good tool to get to know and use on your systems before malicious attackers do it for you.
Aside from all the neat things you can do with Google, one of its greatest qualities is its non-existent price. Google can be considered the poor man's vulnerability assessment tool or the tool for security administrators with little or no IT budget (i.e. most everyone). I'm a big advocate of commercial security tools, which tend to offer more thorough testing features, superior reporting capabilities and other utilities that can make your life easier. However, the adage 'you get what you pay for' doesn't ring true with them. Google provides a hacker's eye view in doing things you never imagined, or were able, to do with any security testing tool (commercial, freeware or open source) – all for free!
Like many external testing tools, Google is great for seeing what you're currently serving up to the world. However, it also crawls, caches, pokes and prods to dig up information you never new existed, much less knew was available for the taking on the Internet. You have several options to perform your security assessment queries. There's the Google home page, the Advanced Search page and you can even write your own custom Web applications using the Google API.
When conducting information security tests on your systems, ideally you want to look at things from a hacker's eye view -- which is where Google excels. Here's just a sampling of information Google can find during your ethical hacking tests:
1. credit card information, social security numbers and other confidential information embedded in publicly-accessible Web applications and databases
2. network cameras (webcams)
3. word processing documents, spreadsheets and presentation files
4. Outlook Web Access-related files
5. default (and often insecure) IIS files and custom IIS error messages
6. supposedly "hidden" Web site login pages
7. rogue hosts that don't belong on your network
8. news group postings containing sensitive information
As an example related to that last item, when performing a basic search of Google Groups, I came across support group information posted by a network administrator for a telecom vendor I was considering. The posting divulged details about the vendor's internal network configuration, including network layout, internal IP addresses and host names. He revealed a little too much information, giving me the gut feeling that I shouldn't trust that company with my sensitive corporate information. I found this information with a simple search of the company name and a few keywords – just the beginning of what can be found using advanced Google queries!
In today's world of high-priced vulnerability assessment tools, Google is a breath of fresh air and its security testing queries are unmatched. To stay on top of security vulnerabilities, you not only have to think like a hacker, but you also have to use new and innovative methods for testing. Google allows you to do just that.
In the near future, I'll talk about the types of Windows-centric tests you can perform against your systems along with actual Google queries you can use to help make sure your Windows systems' security is the best it can be.
Click for the next tip in this series, Google tools for automated hacking tests, or go to the main series page.
About the author: Kevin Beaver is an independent information security consultant, author, and speaker with Atlanta-based Principle Logic, LLC, where he specializes in information security assessments for those who take security seriously and incident response for those who don't. He is author of the book Hacking For Dummies and co-author of the upcoming book Hacking Wireless For Dummies, both by Wiley Publishing. Send your ethical hacking questions to Kevin today.
More information from SearchWindowsSecurity.com
This was first published in April 2005