How to Google hack Windows servers

In my previous tip, I discussed how Google.com can be used to perform security scans against your public-facing servers -- Windows, IIS, Apache and (heaven forbid) SQL Server. You can profile servers, find files containing sensitive information and detect "hidden" login pages, server log files and a whole lot more. In this tip, I will describe some neat Google tools and basic queries to help you ferret out the sensitive information that, although you may not realize it, is accessible to the public.

Use the following table of contents to navigate to each section of this tips series.

TABLE OF CONTENTS

  • Why use Google to scan for security vulnerabilities
  • Google tools for automated hacking tests
  • Google queries for manual hacking tests
  • Four steps to safeguard Windows data from Google hackers

    • About the author: Kevin Beaver is an independent information security consultant, author and speaker with Atlanta-based Principle Logic, LLC, where he specializes in information security assessments for those who take security seriously and incident response for those who don't. He is author of the book Hacking For Dummies and co-author of the upcoming book Hacking Wireless For Dummies, both by Wiley Publishing. Send your ethical hacking questions to Kevin today.

    More information from SearchWindowsSecurity.com

  • Tip: Get a sampling of the information you can find with Google
  • Tip: Learn how to scan Windows machines against specific patches
  • Topic: Research Windows product flaws and vulnerabilities


    • This was first published in May 2005

    Join the conversationComment

    Share
    Comments

      Results

      Contribute to the conversation

      All fields are required. Comments will appear at the bottom of the article.

      Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

      Back to top