March 2024 | ||||||
---|---|---|---|---|---|---|
Sun | Mon | Tue | Wed | Thu | Fri | Sat |
1 | 2 | |||||
3 | 4 | 5 | 6 | 7 | 8 | 9 |
10 | 11 | 12 | 13 | 14 | 15 | 16 |
17 | 18 | 19 | 20 | 21 | 22 | 23 |
24 | 25 | 26 | 27 | 28 | 29 | 30 |
31 |
Sat, 23 Aug 2008
Google hacking myselfReading "The Google Hacker’s Guide" (by Johnny Long; available for download as a PDF) and trying out a few searches, I found an open directory listing on my website, which gave away not just the names and details of all the files in that directory but also the version number of my remote webserver and similar information. Immediately closed this security hole by uploading a (basically) empty index.html file to that directory.
All directories on the Ai De website which at first glance seemed to be open were, in fact, safe: clicking on the relevant Google search result led to a "You don't have permission to access ..." plus "404 Not Found error" message.
Posted on 23 Aug 2008 at 18:53 in /technology/internet. -- Permalink
RSS feed: /index.rss