Issue No. 10 - October (2001 vol. 34)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/2.955094
<p>Search engines index a huge number of Web pages and other resources. Hackers can use these engines to make anonymous attacks, find easy victims, and gain the knowledge necessary to mount a powerful attack against a network.</p><p>Further, search engines can help hackers avoid identification. One reason so few hacking attempts get reported is that there are so many of them. Tracerouting a hacker's IP address to its source often ends at a hop completely unrelated to the hacker's actual ISP or local network, which makes reporting the hacker to the upstream provider difficult.</p><p>Search engines are dangerous largely because users are careless. In the age of DSL and broadband cable accounts, users often keep their machines turned on and connected to the Internet for days. Most of them would be shocked to find that potential hackers target their machines up to several times a minute. Most home-machine hack attempts seek to make their targets zombies in a distributed denial-of-service attack. Search engines make discovering candidate machines almost effortless.</p><p>It isn't possible to secure all channels against hackers trying to penetrate a vulnerable system. But search engines needn't be wide-open channels that continue to help hackers find and penetrate weak systems.</p>
J. C. Hernández, B. Ramos, A. Ribagorda and J. M. Sierra, "Search Engines as a Security Threat," in Computer, vol. 34, no. , pp. 25-30, 2001.