Tuesday, April 14, 2015

Make Sure Google Isn't Indexing Your External Hard Drive

There's a great article on CSO that highlights the danger of misconfigured "personal cloud" services, such as hard drives or routers that enable you to backup your documents, and access them anywhere remotely. Take a look at examples of personal documents that were out there on Google, in the public domain, free for the taking, all because someone inadvertently made their files available remotely without fully understanding the impact.

The article states:
The files were easily located on Google, using standard search operators.

allinurl:ftp:// XXXX filetype:txt | xls | doc | docx | jpg | jpeg | pdf

You can replace XXXX to match any host name you choose, such as:
  • comcast.net
  • bhn.net
  • mchsi.com
  • optonline.net
  • cox.net
  • rr.com
  • verizon.net
The bottom line: ensure that you don't inadvertently or knowingly enable public FTP access to your "personal cloud", and never store sensitive account or other information in an unencrypted document or text file.

No comments:

Post a Comment