__/ [wd] on Thursday 13 October 2005 15:53 \__
> On Thu, 13 Oct 2005 12:23:25 +0100, Roy Schestowitz wrote:
>
>> I have just found in my logs a request for one hidden file. That request
>> was /not/ from an IP address that is mine. Made me very worried...
>>
>> I then proceeded to reverse DNS lookup and guess what? The
>> Alexa/Amazon/A9 toolbars are not only keeping track of traffic, but also
>> retain URL's of pages that you visit and /use/ them, i.e. visit them and
>> maybe crawling them. Knowing that the Web Archive, AKA Time Machine
>> belongs to Alexa, this is scary at the least. These visits from Alexa
>> might include hidden page that you may have on your fileserver and
>> occasionally access. Handle with care!
>>
>> Roy
>
> From what I've read (and experienced) if you put a page online you risk
> getting it indexed.
> There are a couple of ways the URLs can be discovered. You can put a
> robots.txt file but won't that just tell people where your
> hidden directories are? I've found my
> hidden directories in Yahoo's cache many months after I've deleted them.
> I don't have any hidden directories anymore :)
This reminds me of the time when I sought conversion scripts for Palm's TODO
module and stumbled upon somebody's entire Palm data. It turned out to have
been the data of a *nix sysadmin in MIT (you thought they would know their
way around, right?) and that contained all of his passwords along with some
very personal details. I contacted him and informed him about it
immediately. He had to contact Google to have their cache removed, but I
never heard about the end of that story.
Roy
--
Roy S. Schestowitz | Useless fact: the buttocks is the largest muscle
http://Schestowitz.com | SuSE Linux | PGP-Key: 74572E8E
4:40pm up 49 days 4:54, 3 users, load average: 0.48, 0.52, 0.48
http://iuron.com - next generation of search paradigms
|
|
