Bing has an interesting feature to tell which other domains are hosted on a webserver.
Via: http://www.labnol.org/internet/domains-hosted-on-web-server/9424/ |
Sites hosted on the same address as ghs.google.com (so all are Google Apps or App Engine based websites)
http://www.bing.com/search?q=ip:74.125.47.121
This is very nifty. |
Oh, or blogger, looks like. |
MSN/Live.com has supported this for years – it is just a carry over from live.com search. |
Maybe it's time to block msn/live/bing to index my websites?
okay it might be an old feature but this information makes you an easier victim for hacker :( |
![[put at-character here]](image/at.gif) Olaf: How does it make you more vulnerable to hacking?
|
Because the hacker only needs to find one vulnerable site to get on to your machine. This makes the process of enumerating all the sites, prior to attempt to exploit them, that much easier. (Of course, the IP == machine rule doesn't always hold, but it's still very common, and a reasonable assumption in most cases).
It's a feature I've often wanted, but I'm struggling to think of a legitimate use for it. |
(Thanks Lokkju, I added an update.) |
Actually it seems to be all cached historical data showing all sites that have been on that IP ever. |
Legitimate uses:
* reporting malicious use to the authorities – it can help if you can give them a full report
* buying shared hosting – check that what is already on the server matches with what the sales guy has told you.
* competitor analysis – what else have they got cooking. If it's already in Bing it's just a matter of time. |
As an investigative journalist I will find this very useful. It makes me wonder what other operators exist on Bing. Anyone have a list or link?
I think i dismissed Bing to quickly. |
