07-24-2014 12:15 PM
Visit many sites and in the list of visitors logged on you will see a googlebot crawling through the data. Well it was only a matter of time before this would get taken advantage of by hackers.
by Michael Mimoso July 24, 2014
"Even an enterprise with the harshest, strictest blocking rules in place is likely to leave the door ajar for Google’s search bot software known as a Googlebot.
Googlebots crawl websites collecting data along the way in order to build a searchable index that assures a site will be listed and ranked on the search engine.
Hackers have taken notice of the access afforded to these crawlers and are using spoofed Googlebots to launch application-layer distributed denial of service attacks with greater frequency.
Research released today from web security firm Incapsula identifies this as a growing trend among attackers; for every 25 Googlebot visits, companies are likely to visited by a fake one. Almost a quarter of those phony Googlebots are used in DDoS attacks, elevating it to the third most popular DDoS bot in circulation, according to product evangelist Igal Zeifman."
07-24-2014 12:17 PM
07-24-2014 01:01 PM - edited 07-25-2014 05:35 AM
The only solution as I see it is ban the search bots.
BUT then if you want to research something, how would you find the answer - no search bots = no information stored on the search engines. A different search engine will make no difference as an example I have just taken a look at the site Calendar of Updates and in the list of viewers were the following "AhrefsBot, Bing, Google, Yahoo". My point is that whichever search engine you use they are all granted permission to view the data on that site so hackers see them as an "easy" way in so that they can trawl through and collect data.
I notice that on the Start Page search engine you are given the details of why it is safer (see below) and OK it protects YOUR own personal data BUT it still uses Google to trawl the sites so although StartPage is in itself safer, the more users a search engine (such as Google) has the bigger a target it becomes.
"Startpage offers you Web search results from Google in complete privacy!
When you search with Startpage, we remove all identifying information from your query and submit it anonymously to Google ourselves. We get the results and return them to you in total privacy.
07-25-2014 05:40 AM
This article goes into it with a lot more info and diagrams to explain it a bit better.
by paganinip on July 25th, 2014
"Application-layer attacks are today the most insidious DDoS attacks due to frequency and the volume of malicious traffic they generate, these attacks have grown dramatically in the last months as attackers exploit capabilities of huge botnets to overwhelm victim’s resources.
“You don’t have to create a big flood to generate 5,000 visits per second,”“It’s easy to generate 5,000 per second. Layer 7 attacks are more common for sure than Layer 3 or 4 events. The reason is that it’s easier to execute and more dangerous, even in low volumes.” Zeifman said."