[thelist] insecurity complex
Steve Cook
sck at biljettpoolen.se
Thu Sep 21 03:14:11 CDT 2000
Mike, you're right that they can't find anything that isn't listed. BUT,
sooner or later there's a chance that a link to it will be created! How many
people have access to the page? Is there a publicly accessible logs page on
the server that might list the page?
If nobody ever links to the page, or links from the page (referrer pages can
show up in other people's server logs), then it's pretty well hidden, but
it's not secure. It's a bit like the eternal debate about program code. If
you want your work to be securely encrypted, use an encryption method that
people have had a chance to bang against and that has stood up to all
attacks. If you use something that's simply obscure, sooner or later someone
will find a way around it.
.steve
----------------------------------
WapWarp - http://wapwarp.com
Wap-Dev - http://www.wap-dev.net
Cookstour - http://cookstour.org
----------------------------------
> -----Original Message-----
> From: Mike Migurski [mailto:mike at cloudfactory.org]
> Sent: den 21 september 2000 03:01
> To: thelist at lists.evolt.org
> Subject: RE: [thelist] insecurity complex
>
>
> how can they? I was under the assumption tha a search engine
> couldn't find
> any page that was referenced someplace else, right? Or is
> there a way for
> search engines to hit unlinked pages via some kind of
> guessing procedure?
>
> -mike.
>
More information about the thelist
mailing list