[Intrusions] Google security concern?
Ben Nelson
lists at venom600.org
Wed Dec 29 23:31:24 GMT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Empty Floatbag wrote:
| The search-bots are not picking up on the fact that
| these servers have no "real" content. I am guessing
| that they are using some sort of scripting to generate
| thousands of fake pages with fake content on dozens of
| hostile servers. What content I have seen is very
| similar to the SPAM language, where it is randomly
| coherent, yet still gibberish - as well as what looks
| to be common search phrases/terms, with mis-spellings
| included (the worst ones).
|
This could be accomplished fairly easily with a php page that detects
the user-agent of the search bot and spits out legitimate looking
content for it. Then, turn around and spit out malicious content for
everyone else.
Another (somewhat) related thought: Increasing your link count could be
accomplished by simply releasing a Santy variant which places links to
your site on vulnerable sites.
- --Ben
GCFW
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
iD8DBQFB0z5M3cL8qXKvzcwRAoUHAKDM8cGWQ2lkt1wi1Mu0HdfD/aXjjACg2MCB
40eoNhkqTrXlVxie+6yV5TI=
=ZY6V
-----END PGP SIGNATURE-----
More information about the Intrusions
mailing list