Slashdot Mirror

← Back to Stories (view on slashdot.org)

The "Google Hack" Honeypot

Posted by CmdrTaco on from the so-many-malicious-robots-hitting-us-every-day dept.

An anonymous reader writes "On the heels of Google Hacking for Penetration Testers, and Johnny Long's talks at Blackhat/Defcon over the weekend, comes the "Google Hack" Honeypot, a honeypot designed to lure in malicious search engine activity. They had a second release of their tools on monday, according to their site."

2 of 108 comments (clear)

  1. Re:Huh? Not all of these... by BluhDeBluh · · Score: 5, Insightful

    From what I can gather, SquirrelMail 1.4.4 contains a vunerability enabling you to do nasty things. By adding honeypot sites, it makes real sites to hack slightly more difficult if you're trying to find them via Google.

  2. Re:OK, I'll admit my density. by wowbagger · · Score: 5, Insightful

    OK, simply:

    Tool creates fake web pages that look like vulnerable Web apps.

    Google indexes fake pages.

    Bad Guy searches Google for likely victims.

    Google returns indexes of pages created by tool.

    Bad Guy follows links.

    Tool logs Bad Guy's IP and other information.

    No Profit for Bad Guy.

    Good Guys watch Bad Guy try to |-|@><0r the page, and log everything his does.

    Good Guys contact Law Enforcement, present evidence.

    Good Guys contact Bad Guy's ISP, present evidence.

    (now, there are 2 possible outcomes - the ideal and the real.)

    Ideal outcome

    Law Enforcement goes after Bad Guy.

    Bad Guy's ISP shuts Bad Guy down.

    Bad Guy gets caught, convicted, and spends several years playing "Hide The Sausage" with his new friend Benjamin Dover the Serial Sodomist.

    Real outcome

    Law Enforcement ignores evidence as no money was lost.

    Bad Guy's ISP ignores evidence as there is no Law Enforcement involvement, and Good Guys are not ISP's customers.

    Bad Guy is distracted for a while and doesn't get to |-|@><0r as many systems.

    --
    www.eFax.com are spammers