Mad_Radhu: Even more troubling is that a book was dropped off on my door step that listed the names, addresses, and phone numbers of everyone in town. Is no one concerned with privacy anymore?
HK-MP5-SD: For anyone who is curious, I will explain what they are talking about. Generally when you do a google search the results are drawn from data google has amassed in the past. By adding codes to your search you can tell google not to use this historical data but instead have its servers examine sites as they are right now. Using Google rather than your own computers has several benefits. First, the requests cannot be tracked back to you. Second, it might not be detected at all because Google has hundreds of thousands of servers all over the world and they are sneaky about how they look for data. Even the worst network admin will notice 10,000,000 hits from a single IP in 5 minutes, but many won't notice 100 hits from each of 100,000 computers.Google doesn't just search the website, it searches the HTML code, and if the website is not set up properly it can even read databases which are loaded on the web-server. Because this uses a lot of resources Google limits both how often you can do it and the number of results it will return.Several years ago a couple of security researchers built a tool which uses these abilities to help detect vulnerabilities. They allow you to do your own searches, but also built in a few hundred predefined searches that allow you to quickly search for well known vulnerabilities, hard coded usernames and passwords, or exposed confidential data such as SSNs or Credit Card numbers on computers connected to the internet. It also avoids some of the limitations that google places on both the number of searches you can perform and number of results that are returned.In an actual penetration test, this tool is often used to look for starting points. You have to go back and confirm any results that it reports, but it is pretty accurate. In general, the more results it finds the more likely that the results are accurate. If it reports that there are 2 SSNs that areaccessible, chances are it is a false positive. If it says there are 30,0 ...
If you like these links, you'll love
$5 a month since 19 aught diddly.
Sign up for the Fark NotNewsletter!
Links are submitted by members of the Fark community.
When community members submit a link, they also write a custom headline for the story.
Other Farkers comment on the links. This is the number of comments. Click here to read them.
You need to create an account to submit links or post comments.
Click here to submit a link.
Also on Fark
Submit a Link »
Copyright © 1999 - 2017 Fark, Inc | Last updated: Oct 22 2017 14:28:05
Runtime: 0.208 sec (208 ms)