This ComputerWorld Blog post by Martin McKeay shows how powerful the Google search engine really is, when hackers use it to detect and attack vulnerable databases.
ComputerWorld’s Blog post is reprinted below —
The concept isn’t new: use Google and the other search engines to find vulnerable systems and attack them. What seems to be new is the sheer volume of attacks currently being performed , up by a factor of forty or more in the last couple months alone. And it shouldn’t come as a surprise to anyone.
The search engines are doing their job; they’re indexing every site exposed to the Internet. They reveal the good as well as the bad about these sites and report it without any filtering. All we have to do is type in the right query string and we get the information we want. The crackers are just taking the right search queries, plugging them into bots or other programs and letting them run over night. Next morning they have a nice listing of vulnerable targets just waiting to be attacked.
So what can we do about this? Some people want to make the search engines stop indexing sites with known vulnerabilities. The information is already out there and any filtering by the search engines is going to make their results suspect for all queries. Besides which, the bad guys would simply create their own web crawlers and no one else would have access to the information. Another suggestion is to remove the information of how to create these search queries from the Internet, but the information is already out there and the genie can’t be put back in the bottle. The real answer is much harder than either of those; systems administrators need to pay more attention to how they’re securing their databases. Once again, there is no easy answer to the problem with security.