[TOOL] Google Hack Honeypot

From: SecuriTeam (support_at_securiteam.com)
Date: 02/15/05

  • Next message: SecuriTeam: "[TOOL] Cisco Torch - Mass Cisco Vulnerability Scanner" 
    To: list@securiteam.com
Date: 15 Feb 2005 14:53:38 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    The SecuriTeam alerts list - Free, Accurate, Independent.

    Get your security news from a reliable source.
    http://www.securiteam.com/mailinglist.html

    - - - - - - - - -

      Google Hack Honeypot
    ------------------------------------------------------------------------

    SUMMARY

    DETAILS

    The Google Hack Honeypot (GHH) is a reaction to a new type of malicious
    web traffic: search engine hackers. GHH is designed to provide
    reconaissance against attackers that use search engines as a hacking tool
    against your resources. GHH implements honeypot theory to provide
    additional security to your web presence. Coded in PHP and released under
    the GNU General Public License - GHH is Free Open Source Software.

    Google has developed a powerful tool. The search engine that Google has
    implemented allows for searching on an immense amount of information. The
    Google index has swelled past 8 billion pages [February 2005] and
    continues to grow daily. Mirroring the growth of the Google index, the
    spread of web-based applications such as message boards and remote
    administrative tools has resulted in an increase in the number of
    misconfigured and vulnerable web apps available on the Internet.

    These insecure tools, when combined with the power of a search engine and
    index which Google provides, results in a convenient attack vector for
    malicious users. It is in your best interest to be knowledgable of, and
    protect yourself from this threat.

    The Google Hack phenomenon has caught the attention of a broad audience.
    While there are many practical uses for Google Hacks, there are also
    devious and possibly harmful uses of the same technology. An emerging
    community of malicous Google Hackers has formed up and a response has
    become necessary. GHH allows administrators to track malicious hosts:
    observe who is perpetrating the attack and how it is being executed via
    log file. The data generated by this, or any other honeypot can be used to
    deny future access to attackers, notify service providers of attacks
    originating from their networks or act as an input for statistical
    analysis.

    ADDITIONAL INFORMATION

    The information has been provided by
    <mailto:rmcgeeha@students.depaul.edu> Ryan McGeehan.
    The original article can be found at:
    <http://ghh.sourceforge.net/news.htm> http://ghh.sourceforge.net/news.htm
    To keep updated with the tool visit the project's homepage at:
    <http://ghh.sourceforge.net/> http://ghh.sourceforge.net/

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

  • Next message: SecuriTeam: "[TOOL] Cisco Torch - Mass Cisco Vulnerability Scanner"

    Relevant Pages