Web Pages that Show Up Everywhere
Speaking of web search engines, yet another web-related security issue is similar to the issue of email retention. Once a piece of information is out on the web, it really DOES seem to consciously WANT to be free.
For example, documents get picked up by random surfers and reposted to other sites (with or without the original webmasters permission), or a search service like Google snares a copy of it for indexing purposes, kindly, squirreling it away in its cache for searchers convenience later. After all, its quite an inconvenience to an attacker when he sees the memo about the default password policy for new system accounts, which he found through Google, is no longer on-line at its original site. Google empathizes with the attacker, and provides him a cached copy of the document, as originally indexed, from its own terabytes (petabytes?) of disk upon request. One of your authors discovered the default password policy for a state government division this way, during an audit.
Also, to ensure that no bad site design ever goes unremembered by history, theres the Internet Archive Wayback Machine213. This is a time-based web archiving service that takes snapshots of web pages periodically allowing it to serve as a history of the evolution of web sites throughout the months and years. As with the Google cache, in addition to providing a look at what the site was like at a certain time, it could also provide access to data that the site has since thought to remove from public view.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.