1:30 AM
secure your world
[1]
[title]Squid cache server reports
[description]These are squid server cache reports. Fairly benign, really except when you consider using them for evil purposes. For example, an institution stands up a proxy server for their internal users to get to the outside world. Then, the internal user surf all over to their hearts content (including intranet pages cuz well, the admins are stupid) Voila, intranet links show up in the external cache report. Want to make matters worse for yourself as an admin? OK, configure your external proxy server as a trusted internal host. Load up your web browser, set your proxy as their proxy and surf your way into their intranet. Not that I've noticed any examples of this in this google list. *COUGH* *COUGH* *COUGH* unresolved DNS lookups give clues *COUGH* *COUGH* ('scuse me. must be a furball) OK, lets say BEST CASE scenario. Let's say there's not security problems revealed in these logs. Best case scenario is that outsiders can see what your company/agency/workers are surfing.
"cacheserverreport for" "This analysis was produced by calamaris"
=================================================================================
[2]
[title]Ganglia Cluster Reports
[description]These are server cluster reports, great for info gathering. Lesse, what were those server names again?
intitle:"Ganglia" "Cluster Report for"
=================================================================================
[3]
[title]ICQ chat logs, please...
[description]ICQ (http://www.icq.com) allows you to store the contents of your online chats into a file. These folks have their entire ICQ directories online. On purpose?
intitle:"Index of" dbconvert.exe chats
=================================================================================
[4]
[title]Apache online documentation[
[description]When you install the Apache web server, you get a nice set of online documentation. When you learn how to use Apache, your supposed to delete these online Apache manuals. These sites didn't. If they're in such a hurry with Apache installs, I wonder what else they rushed through?
intitle:"Apache HTTP Server" intitle:"documentation"
=================================================================================
[5]
[title]Coldfusion Error Pages
[description]
"Error Diagnostic Information" intitle:"Error Occurred While"
=================================================================================
Posted in: Tips and Trick
0 komentar:
Post a Comment