homepage Welcome to WebmasterWorld Guest from 54.211.97.242
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Search Engines / Search Engine Spider and User Agent Identification
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL

Search Engine Spider and User Agent Identification Forum

    
Whatzup?
BoneHeadicus

10+ Year Member



 
Msg#: 265 posted 7:23 pm on Jan 6, 2001 (gmt 0)

200.239.110.51

Can someone help with info on this?
This dude seems to know an awful lot about my directory structure..he request index/ of folder that noone knows about.

 

littleman

WebmasterWorld Senior Member littleman us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 265 posted 9:40 pm on Jan 6, 2001 (gmt 0)

Well, you probably did this already but here is the arin info:

RNP (Brazilian Research Network) (NETBLK-BRAZIL-BLK2)
Rua Pio XI, 1500
Sao Paulo, 05468-901
BR

I did a trace rout on the ip. Here are the last few hops:

11 ebt-P1-0-core03.rjo.embratel.net.br (200.255.197.98) 410.032 ms 410.016 ms 409.997 ms
12 ebt-A12-0-0-1-dist01.fla.embratel.net.br (200.255.153.45) 450.023 ms 450.033 ms 449.984 ms
13 pop-ce-rnp-S4-4-dist01.fla.embratel.net.br (200.253.191.226) 460.030 ms 439.998 ms 450.039 ms
14 canoa.pop-ce.rnp.br (200.129.0.74) 439.978 ms 439.994 ms 440.030 ms
15 200.239.110.94 (200.239.110.94) 589.996 ms 599.997 ms 580.029 ms
16 200.239.110.51 (200.239.110.51) 640.022 ms 589.994 ms 590.032 ms

So what is [rnp.br ]?
Check ou babelfish [babelfish.altavista.com].

BoneHeadicus

10+ Year Member



 
Msg#: 265 posted 10:55 pm on Jan 6, 2001 (gmt 0)

Think someone found an open proxy?

He seems to know the names of my ip delivery folders...on two separate domains....only my isp would be able to see that right?

littleman

WebmasterWorld Senior Member littleman us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 265 posted 12:29 am on Jan 7, 2001 (gmt 0)

Could be, you could test it with the regular ports (80, 8080, 3128) and see what happens. Man, that sucks, if you are on a unix system you could restrict access to that folder and still get you cloak to work properly.

BoneHeadicus

10+ Year Member



 
Msg#: 265 posted 12:30 am on Jan 7, 2001 (gmt 0)

How????

I'm all ears.....<frantic>

littleman

WebmasterWorld Senior Member littleman us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 265 posted 1:42 am on Jan 7, 2001 (gmt 0)

I think I posted a link for you the other day that got into password protecting files. But if you don't want to mess with that and your server has mod_rewrite you could put something like this in your .htaccess instead:

RewriteEngine on
RewriteBase /
RewriteRule ^$ get_the_hell_out_of_here.html
RewriteRule (.*) get_the_hell_out_of_here.html

What that will do is make everything in that folder default
get_the_hell_out_of_here.html

BoneHeadicus

10+ Year Member



 
Msg#: 265 posted 2:25 am on Jan 7, 2001 (gmt 0)

Cain't say I understand....

Can I just chmod permissions on the folders somehow?

Added: The method you described looks really cool...any links to?

littleman

WebmasterWorld Senior Member littleman us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 265 posted 2:57 am on Jan 7, 2001 (gmt 0)

Let's see if I could ado a decent job describing how to do this. You said all your cloaked pages are in one folder, right? So what you would do is make a file with the above code and name it '.htaccess', make sure you put in the '.' in there at the beginning. After that place it in the folder with your cloaking pages. Then, just make your get_the_hell_out_of_here.html page and stick it at the root file for your domain - the base '/" level.

Chmod changes may work, but be careful to test things out. You may accidentally restrict your cloaking script.

BoneHeadicus

10+ Year Member



 
Msg#: 265 posted 3:10 am on Jan 7, 2001 (gmt 0)

A mod rewrite function will work on all folders I .htacc?

So if'n sumbuddy types in the file name, even if its in there, they get a default page at root????

Marn

10+ Year Member



 
Msg#: 265 posted 3:27 am on Jan 7, 2001 (gmt 0)

Bone wrote: "Can someone help with info on this? This dude seems to know an awful lot about my directory structure..he request index/ of folder that noone knows about. "

What program/scripts would someone write to know hidden files and directories (ones which are not linked to the website or anywhere else for that matter?

I have always wondered HOW someone out there can get to hidden directories without stealing someone's password and FTPing into the site??

mousemoves

10+ Year Member



 
Msg#: 265 posted 4:01 am on Jan 7, 2001 (gmt 0)

get_the_hell_out_of_here.html

LOL!

Air

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 265 posted 5:02 am on Jan 7, 2001 (gmt 0)

BH,

Yeah that trick littleman suggests will make get_the_hell_out_of_here.html be served no matter what page is asked for. You'll want to place a new .htaccess in the cloaking directory so that it affects all directories below it and none of the directories above it.

BoneHeadicus

10+ Year Member



 
Msg#: 265 posted 5:36 am on Jan 7, 2001 (gmt 0)

Thats sounds like precisely wut I been lurking fer.

I needs to read sum more to grasp wut I gotta do here.

Let me understand here...
if I place .ht in folder named IPFire then all the subs inside will be covered from a browser trying to reach them but when the script sends a spider to one of the subfolders in IPFire it doesnt interfere?

littleman

WebmasterWorld Senior Member littleman us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 265 posted 7:34 am on Jan 7, 2001 (gmt 0)

>if I place .ht in folder named IPFire then all the subs inside will be covered from a browser trying to reach them but when the script sends a spider >to one of the subfolders in IPFire it doesnt interfere?

The cloaking script doesn't send the spider to the IPFire folder, but rather retrieves your html out of that folder for the spider. It is a subtle but very important difference.

littleman

WebmasterWorld Senior Member littleman us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 265 posted 7:51 am on Jan 7, 2001 (gmt 0)

Marn, I'm not a cracker so this isn't my aria of expertise. But I've ran across a couple of examples. One thing that happens is that people are sloppy with their site layout and leave behind a couple of trails. Like for instance they will have images being called from files that contain other documents and sub folders but do not have an index page. Another thing that is very common is when people install programs or cgi scripts without diverging from the standard file layout and names.

When I was just starting to mess around with some cgi scripts I was playing with a shopping cart script and I did a random search for the standard name of the file that is suppose to hold the orders and credit card information for that script. I was amazed at how many unprotected files were out there. One little search in altavista and I was able to view a few hundred CC numbers. Good thing I am not a thief.

BoneHeadicus

10+ Year Member



 
Msg#: 265 posted 5:37 pm on Jan 7, 2001 (gmt 0)

I tried your suggestion and it seems to work...it just sits there doesnt go to default page...but doesnt show the requested page either.

Man I wish I knew Linux better. If somebody wrote a book on basic webmaster server management I would be first in line to buy it.

I believe my situation has to be an inside job....nobody could figure some of the names I use and I always rename the directories ridiculous names...nothing common. This person knew not only one but two of them and specific file names within...but they were one directory short of being there and the .htaccess fix yall gave me last week redirected them to root. Apache Guardian told me so.

I think someones using a proxy in .br to hide their tracks but I sure would like to know how they know what they know.

littleman

WebmasterWorld Senior Member littleman us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 265 posted 6:53 pm on Jan 7, 2001 (gmt 0)

>I tried your suggestion and it seems to work...it just sits there doesnt go to default page...but doesnt show the requested page either.

Hmm, probably there is something wrong with your path to get_the_hell_out_of_here.html. Oh well, at least it fixed your problem.

>Man I wish I knew Linux better. If somebody wrote a book on basic webmaster server management I would be first in line to buy it.

I know what you mean, I haven't been messing with linux all that long either. To people who have been using *nix systems for years this stuff is second nature, but the learning cure is steep. One thing I did that has helped me a lot is to have a linux os computer at home. This way I can mess with things and do experimenting without jacking up my web servers.

>inside job
That is kind of scary.

BoneHeadicus

10+ Year Member



 
Msg#: 265 posted 12:10 am on Jan 8, 2001 (gmt 0)

>Scary

How else could someone know the EXACT folder names...I assure you they aren't common.

>Path
Would that have to be an absolute path on the server or just a relative path???

Air

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 265 posted 5:11 am on Jan 8, 2001 (gmt 0)

BH,
That's a relative path ...

BoneHeadicus

10+ Year Member



 
Msg#: 265 posted 6:03 am on Jan 8, 2001 (gmt 0)

Thanks Air,
I can now protect a directory so good I can't get in to turn it off.

han solo

10+ Year Member



 
Msg#: 265 posted 3:48 pm on Jan 8, 2001 (gmt 0)

Re: the linux thing...I'm just learning, too.

And I know that dummies books aren't favored in some corners of the cosmos, but if you pick up administering linux for dummies, that should do the trick.

It gives a lot of stuff, and doesn't bother with too much of explanation, at least, in the technical sense. Then after that you could pick up a regular book, and have plenty of background to understand the arcane stuff they are bound to get into.

Only reason I spoke up is I, too, am learning linux. Must fight the evil empire every way I can...

Cheers,
Han Solo

BoneHeadicus

10+ Year Member



 
Msg#: 265 posted 5:28 pm on Jan 8, 2001 (gmt 0)

Thanks Han Solo,

May the Force be with us in our quest for stability.

I have lots of dummy books ( you can see a few of them on my desk in the profile shot).

Sometimes you just get fried on looking thru all that stuff for the one little thing you just wanna get done.

That's why I like this here forum.

Say hi to the Princess for me.

mivox

WebmasterWorld Senior Member mivox us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 265 posted 11:11 pm on Jan 8, 2001 (gmt 0)

Turn off world read access to the folder... (chmod command)

A browser will still be able to access specific pages when they ask for a specific page title, but wouldn't be able to view the list of files in the directory.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Search Engines / Search Engine Spider and User Agent Identification
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved