I was setting up a Snort / Base / Barnyard box for a friend tonight. When looking in the root directory where Base was installed I didn’t see a robots.txt file. This got me thinking…I know…dangerous. Anyway, I did some Googling and in about 5 minutes I found:
5 Acid consoles
2 Base consoles
1 Open Aanval console
The power of Google’s cache…. All were wide open with no passwords. Someone with malicious intent could delete all alerts, alert groups, cache and probably more. Not to mention the topology info they could get. I didn’t make note of the versions but I remember both Acid and Base having security issues….Base I believe was affected by a cross-site scripting vulnerability at one point.
It’s not Google’s fault really, the spiders are just doing thier jobs. My recommendation to anyone delpoying Acid / Base, create a robots.txt file in the Acid / Base root directory. In that file put these lines:
User-agent: *
Disallow: /
This will tell any Search Engine spiders not to index that site. You could also put this on each php page as well:
–Chris
Technorati Tags: Snort, Base, Acid, Google, robots.txt
August 14th, 2006 at 11:34 pm
You should search for phpMyAdmin installs… oh my, plenty of them open.