Detecting Google hacking against your Website

Google or other search engines have been used for many purposes such as finding useful information, important websites and latest news on different topics, Google index a huge number of web pages that are growing daily. From the security prospective these indexed pages may contain different sensitive information.

Google hack involves using advance operators in the Google search engine to locate specific strings of text within search results. Some of the more popular examples are finding specific versions of vulnerable Web applications.

GHH is a “Google Hack” honeypot. GHH is designed to provide reconnaissance against attackers that use search engines as a hacking tool against your resources so it implements honeypot theory to provide additional security to your web presence.

To install the Google Honeypot on your website you follow the install instructions. This allows you to monitor attempts by malicious attackers to compromise your security. The logging functions that GHH implements allows you, the administrator, to do what you like with the information. You can use the attack database to gather statistics on would-be-attackers, report activities to appropriate authorities and temporarily or permanently deny access to resources.

make sure you subscribe to my RSS feed!

Share
  • Pingback: Tweets that mention Detecting Google hacking against your Website | SecTechno -- Topsy.com()

  • Pingback: The Google Hack Honeypot! GHH | dancing packet on the data line()

  • http://twitter.com/cxunix cxunix

    Great.

  • Pingback: Ro0t Block3r()

  • Pingback: AURIATIC()

  • Pingback: Syhunt()

  • Pingback: Mourad Ben Lakhoua()

  • Pingback: Inforc Ecuador()

  • http://hype-free.blogspot.com/ cdman

    A similar project would be the webhoneypot from SANS: http://code.google.com/p/webhoneypot/

    (Disclaimer: I’m a committer on that project).

    Best regards and happy new year!

  • Pingback: alex knorr()

  • Pingback: catch_down()

  • http://sectechno.com Mourad

    Thank you very much for your input and link, I will be looking to start installing webhoneypot to see the difference.

  • Pingback: Andrés()

  • Pingback: Lee()

  • Pingback: Ray Foo()

  • Pingback: Dancing packet on the data line()