Re: Is netcraft publishing URL of your intranet sites?

Are you sure t his isn't the result of  referer HTTP header field?

I'm not sure what criteria Netcraft uses to compile it's list but
Google, for example, will index Intranet sites through this method.

Obviously no content is cached, but like Netcraft, the FQDN is listed
and the same concerns apply.


Darren


On 9/13/05, Saqib Ali <docbook.xml@gmail.com> wrote:
> Hello All,
>
> Seems like netcraft is publishing URLs of the "IntrAnet" sites on
> their "Most Visited Web Sites"  webpage. For e.g. see
> http://toolbar.netcraft.com/stats/topsites?s=BC2835548233105D201D1B94E743#1440209
>
> It has listed IBM's secure intranet site: <
> https://w3esapp1.endicott.ibm.com > in the list, and also <
> http://nindsplus.ninds.nih.gov > . Both of these are intranet sites. I
> can list many others.
>
> This provides attackers/hacker an easy way to collect hostnames of
> your application servers that reside inside your firewall.
>
> This goes against the Netcraft's policy of collecting information
> about IntrAnet sites and publishing it on the internet. See "Will
> Netcraft know which pages I visit?" @
> http://toolbar.netcraft.com/help/faq/index.html#riskrating
>
> Verify that your intranet sites are not listed on this website. If
> they are contact Netcraft and complain.
>
> P.S. This information is collected by netcraft's anti-phishing
> toolbar. This is a good example of how a seemingly harmless browser
> plugin can cause security issues.
>
> --
> In Peace,
> Saqib Ali
> http://www.xml-dev.com/blog/
> Consensus is good, but informed dictatorship is better.


--

Thank you,
Darren Bounds