Step 2: Understand your Web applications

Make sure your Web site is not vulnerable to Google hacking. Use this step-by-step guide by contributor and Microsoft MVP Brien Posey to test your site.

I recommend getting with whoever developed your Web site and getting a crash course in how the site works. Every...

Web application is different. Depending on the language that the site was coded in and on the skill of the person who built your site, the site may contain hidden links to pages that are not intended to be seen by the public. It's these hidden links that pose the biggest threat from Google hacks. Since your Web guy isn't likely to tell you about potentially damaging hidden links, it's best to get a list of every page in the site that the public should never see. Don't worry too much about backend pages that contain nothing but functions. Instead, focus your efforts on things like administrative consoles, mailing list interfaces, report generators, and things like that.


Google hacking to test your security

 Home: Introduction
 Step 1: Identify what could be Google hacked
 Step 2: Understand your Web applications
 Step 3: Queries to Google hack your site -- Simple stuff
 Step 4: More complicated Google queries
 Step 5: Harden your Web site against Google hacks


More information from SearchWindowsSecurity.com

  • Learning Center: Google hack Windows servers
  • Tip: Google your Windows security vulnerabilities

  • ABOUT THE AUTHOR:
    Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit his personal Web site at www.brienposey.com.
    Copyright 2005 TechTarget
    This was first published in October 2005

    Dig Deeper

    PRO+

    Content

    Find more PRO+ content and other member only offers, here.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchVirtualDesktop

    • Virtual desktop security guide

      To secure virtual desktops, consider antivirus, certificates and network vulnerabilities. Just remember, VDI doesn't always ...

    • Guide to low-cost desktop virtualization

      In this guide, learn to virtualize desktops without spending more than you would when deploying PCs, and what VDI vendors are ...

    • VDI pilot project guide

      A VDI pilot project should start with a VDI project plan. Know what pitfalls to avoid and test product options to achieve a ...

    SearchWindowsServer

    SearchExchange

    Close