Google and your website. Blind Alliance
Suppose you have an “online shopper.com” website and when you search for it on Google through the words “online shopper website” you will find the results of your website pages and your keywords. You may have to sneak peek at other websites related to This is absolutely universal because we all insist that our websites be searched and accounted for by Google. This is common to all e-commerce websites.
- Your website “OnlineShopper.com” is in direct alliance with Google.
- Your website and your web server (where your usernames and passwords are stored) are directly connected to each other.
- Clearly, Google is indirectly connected to your web server.
You can be sure that this is normal and you cannot expect a phishing attack using Google to retrieve any information from your web server. Now, according to the second thought, instead of searching for “online shopper website” on Google, if I search for “online shopper website username and password”, what is the username and password of Google online shopper website? Will be able to list the word? As a security consultant, the answer is “maybe, SOMETIMES!” Yes, but if you employ Google Docs (the appropriate keywords to access Google), the solution may be a resounding “yes”. If your website ends up with the wrong security settings.
Google Darkness can be scary.
Google stands as a servant until you see the other side of it. Google may have the answers to all your questions, but you need to fix your questions properly and that’s where Google Darkness comes in. Installing, performing, and waiting for results is not complicated software, but rather it is the keywords (compound, unorthodox, site, intex, eNormal, etc.) that give you access to Google so that whatever you do Can get.
For example, if your goal is to download PDF documents related to Java, the usual Google search would be “Java PDF document free download” (free is a mandatory keyword without which no Google search is complete). Is). But when you use Google Docs, your search will be “file type: pdf intact: java”. Now with these keywords, Google will understand exactly what you are looking for compared to your previous search. Also, you will get more accurate results. This seems to promise a more efficient Google search.
However, attackers can use their keyword search for a very different purpose – stealing / extracting information from your website / server. Now assuming I need a username and password that is stored on the servers, I can use a simple query like this. “File type: xls passwords site: in”, this will give you Google results for content saved from various websites in India with username and password protected. It’s that simple. Concerning the online shopper website, if I use the query “file type: xls passwords inurl:
onlineshopper.com” the results can scare anyone. Simply put, your private or sensitive information will be available on the Internet, not because someone hacked into your information, but because Google was able to retrieve it for free.
How to prevent it?
The file called “robot.tax” (often called web robots, wanderers, crawlers, spiders) is a program that can automatically navigate the web. Many search engines such as Google, Bing, and Yahoo use robot.tts to scan websites and extract information.
Robot.tax is a file that allows search engines to decide what to access from a website and what not. This is the kind of control over which your search engines are dominant. Creating Google Darkness is not rocket science, you need to know what information is allowed in search engines and what is not. This is what the robot.tst modeling will look like.
Allow: / website contents
License: / User Details
License: / admin details
Unfortunately, these robots.tts configurations are often missed or misplaced by website designers. Surprisingly, most government and college websites in India are under attack and all sensitive information about their websites comes to light. With high-risk malware, remote attacks, botnets, and other types flooding the Internet, Google Dark may become more vulnerable, as any device requires a working Internet connection to retrieve sensitive information. It does not end with just retrieving sensitive information, any weak CCTV camera, modem, mail username, password and online order details using Google can be found just by searching Google.