Hopefully by now, you have collected a sample of customer data and a list of pages within your Web site that should never been seen by the public. The first thing that I recommend doing is to just try some casual Google searches against your customer data. If one of your customers has an unusual name, you might try searching on that name. You might also try searching against a couple of phone numbers or credit card numbers. Don't be surprised if you happen to get some results from these searches. The Web is filled with poorly written applications. You just need to make sure that your site isn't listed among the results.
Google hacking to test your security
Step 1: Identify what could be Google hacked
Step 2: Understand your Web applications
Step 3: Queries to Google hack your site -- Simple stuff
Step 4: More complicated Google queries
Step 5: Harden your Web site against Google hacks
More information from SearchWindowsSecurity.com
Learning Center: Google hack Windows servers Tip: Google your Windows security vulnerabilities
|ABOUT THE AUTHOR:|
| Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit his personal Web site at www.brienposey.com.
Copyright 2005 TechTarget