[hcs-d] hcs also hits a less graceful prime time

Theodore Pak tpak at fas.harvard.edu
Fri Sep 1 23:27:33 EDT 2006


Reading slashdot today, I came across this article on 0day exploits and 
google hacking...

http://portal.spidynamics.com/blogs/msutton/archive/2006/09/01/222.aspx

which mentions the use of Yahoo/Google to weed out servers running 
versions of software (like MediaWiki or PHP) that are vulnerable to 
exploits (i.e. not patched with the latest updates).  So he FUD's a lot 
about how many servers are out there that can be found like this, and to 
show off the importance of such servers he says he's found, among many 
others, "One Ivy League school (on a site hosted by the computer society 
no less)".  We run a MediaWiki, so just to make sure it wasn't us, I 
used his search terms and looked for myself...

http://search.yahoo.com/search?_adv_prop=web&x=op&ei=UTF-8&fr=FP-tab-web-t500&fr2=op&va=%221.5%22+%22This+wiki+is+powered+by+MediaWiki%22&va_vt=any&vp_vt=any&vo_vt=any&ve_vt=any&vd=all&vst=.edu&vs=.edu&vf=all&vm=i&fl=0&n=10

and it is us (we haven't updated since 1.5.0).  Shame, shame.  Oh well, 
at least he didn't link directly to us right?

Ted



More information about the hcs-discuss mailing list