ftp> security >
Posted: Sun Jul 08, 2007 9:12 pm
if im uploading thigns to a file on my ftp server on isaacg.net can other search the file names so they can get them off via http://
Page 1 of 1
Posted: Sun Jul 08, 2007 9:16 pm
depends on how your webserver is setup
Posted: Mon Jul 09, 2007 11:56 am
well as far as a setup goes it dosen't seem like there would be a way to search for directories under [url removed]
Under google it looks like it only scans for things linked from the main index file.
Under google it looks like it only scans for things linked from the main index file.
Posted: Tue Jul 10, 2007 6:53 pm
Search engines generally only look for your main page, then follow all the links from there. So, if you upload a file to a directory, and there is no link to it search engines will not find it, unless it is named main or index, I believe. But you if you knew the name of a file, or are a very lucky guesser, you can certainly access any page, or file, (that is not protected... you can limit access by changing the file's properties in your FTP) by typing it into the browser. It's not impossible to imagine someone with nothing better to do, writing a script and trying every possible combinations to see what he could find, but rather unlikely... Still, nothing is truly safe on the web.
You might be suprised to see what is availible thru a 'who-is lookup'.
Edit:
Hmmm... Google did find an untitled page under your domain... begins with: \"How to make a tree in 3ds max 8 and 9\"
You might be suprised to see what is availible thru a 'who-is lookup'.
Edit:
Hmmm... Google did find an untitled page under your domain... begins with: \"How to make a tree in 3ds max 8 and 9\"
Re:
Posted: Tue Jul 10, 2007 10:06 pm
WillyP wrote:Search engines generally only look for your main page, then follow all the links from there. So, if you upload a file to a directory, and there is no link to it search engines will not find it, unless it is named main or index, I believe. But you if you knew the name of a file, or are a very lucky guesser, you can certainly access any page, or file, (that is not protected... you can limit access by changing the file's properties in your FTP) by typing it into the browser. It's not impossible to imagine someone with nothing better to do, writing a script and trying every possible combinations to see what he could find, but rather unlikely... Still, nothing is truly safe on the web.
You might be suprised to see what is availible thru a 'who-is lookup'.
Edit:
Hmmm... Google did find an untitled page under your domain... begins with: "How to make a tree in 3ds max 8 and 9"
Blast!! They've found my tree plans!!
Yeah im surprised at my company's web page on how if you had the correct link you could get EPP discounts tagged to services like nothing. Our only security is people don't post them online.
Posted: Fri Jul 27, 2007 2:53 pm
Depending on which webserver software you're running, you have several options available. Apache is the most prevalent one (because it's free and has a large following), and you can a) make sure httpd doesn't allow directory browsing, then at the very least set up a .htaccess file for whichever subdirectory you want restricted. They'll at least challenged for a generic username and password at that point. There are lots of better solutions out there, but that one's quick and dirty.