7 Jun
2009
7 Jun
'09
3:51 p.m.
On Sun, 2009-06-07 at 12:39 +0100, Richard Lewis wrote:
Please take a moment to consider the security implications of http allowing users to do things like directory listing, file renaming, indiscriminate PUTting, etc. ...
There is a tool in BackTrack that does a sort of brute force search for files over HTTP, I forget it's name but it found a scary amount of "hidden" stuff I had stuck on my hosting at various times for specific people to download.
Although the webmaster of the site in question won't thank you for running it.
Needless to say I am more careful about what I put up now :)