How hackers are using Google to pwn our sites

Anyone who keeps copies of their source files (SVNs, or compressed archives) should read this article. Google code has become a go-to place for hackers looking to search for exploits:
http://www.shoemoney.com/2006/12/26/how-hackers-are-using-google-to-pwn-your-site/
There is a very easy way to prevent Google Code search from finding your source code using robots.txt:
Also, it seems that the Vanilla SVN and the Vanilla releases are being indexed by Google Code. I can see this being a good thing for developers, but I suppose it could be abused as well.
http://www.shoemoney.com/2006/12/26/how-hackers-are-using-google-to-pwn-your-site/
There is a very easy way to prevent Google Code search from finding your source code using robots.txt:
Also, it seems that the Vanilla SVN and the Vanilla releases are being indexed by Google Code. I can see this being a good thing for developers, but I suppose it could be abused as well.
0
This discussion has been closed.
Comments