Tag Archives: Search

Smile, You Just Have Been Indexed!

August 30, 2010 23:08 | 3 Comments |

Picture I’m certainly not addicted to web stats. This blog has a Google Analytics marker but I don’t follow the statistics on a regular base. After all, I’m blogging for fun and I don’t need to keep my audience at a certain amount or don’t need to attract more visitors – even if a growing audience is very rewarding. That’s a good opportunity to thank all my readers! ;-) Did you also notice that no commercial ads are displayed here? (Except for some specific security events or podcasts but they deserve!)

On the other side, I keep an eye on the server logs. I’m addicted to “logs”. They provide very useful information about your visitors and their behavior. Never forget: You need logs and you need to take care of them. Event if they contain non-critical information, the same details may get a very high value in the future when you’ll have to investigate a security incident. Think about this…

So, while reviewing the log file of the web server running this blog, I found something interesting. I published my last post yesterday at 18:40 GMT+2. Google fetched and indexed the data less than three minutes later:

   66.249.71.147 - - [29/Aug/2010:18:41:01 +0200] "GET /2010/08/29/back-online-2/ \
   HTTP/1.1" 200 15085 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; \
   +http://www.google.com/bot.html)"

Another statistic? Since the beginning of this month, the Google bot hit this blog 30056 times! Ok, honestly, blogs are not the best references. Lot of blogging platforms notify Google when new content has been published with messages such as “Hey, Google, I’ve something for you!“. But regular websites are also very often “crawled” by Google. A small forum maintained by myself (with a very low activity) has been visited by Google 3509 times this month.

What does it mean? If you publish some content on the Internet, don’t expect a chance to bring your data off-line. The time to read this post, they already have been indexed! Bots like the Google one have powerful algorithms and know where to find relevant information. “CTRL-Z does not work on the Internet”

Posted in: Net | Tagged: , , ,

SHODAN, The Computer Search Engine

November 27, 2009 17:40 | 1 Comment |
(Source: shodan.surtri.com)

(Source: shodan.surtri.com)

Search engines are well-known on-line tools. But not only websites can be indexed. They are plenty of search engines to find multimedia content, news and more. A new one is born: SHODAN. From the quick guide: “SHODAN lets you find servers/ routers/ etc. by using the simple search bar up above. Most of the data in the index covers web servers at the moment, but there is some data on FTP, Telnet and SSH services as well.

Using SHODAN, you can search for computers (or potentially any device connected via an IP address) and software versions. It could be seen as a big index of port scanners results. As port scanning is prohibited in lot of countries, it’s a perfect tool for hackers who are looking for targets. Like Google, it’s possible to restrict your queries. The examples below will help you to estimate the real value of this search engine:

  • To search for devices in a specific country, use: “country:2-letter country code
  • To search for hostnames, use: “hostname:full or partial host name
  • To search into specific IP ranges, use: “net:a.b.c.d/n
  • To search for specific ports, use: “port:21, 22, 23 or 80

Otherwise you use the search engine just like Google: by typing keywords. You are looking for Apache servers? (Test) or printers? (Test).

Other nice examples:

SHODAN is available only for a few days and will for sure grow with new features. Or course, it can be used for malicious activity: The “net:” filtering has been disabled today to mitigate enumeration attempts. Other project already started to use SHODAN like a Firefox search add-on.

Congrats to HD Moore and Thierry Zoller for this tool!

Posted in: Security, Websites | Tagged: , , , ,