This is cache of http://networking.ittoolbox.com/r/rss.asp?url=http://it.toolbox.com/blogs/adventuresinsecurity/robotstxt-is-not-a-security-control-27422. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.
robots.txt is NOT a security control
2008-09-30 07:24:56 by Editor in Adventures in Security
 
Sitting in a meeting the other day, my mind hoisted a little red flag when I heard someone say the robot.txt file was a good security control. Not only is it not a security control, it also doesn’t add much value beyond helping control which search engines get to index your Web sites and what they get to index. In other words, they have no value when attempting to stop an attacker from retrieving information during target reconnaissance activities.
 
Tags: security control, control, target reconnaissance activities, web sites, index, txt file, red flag, engines, stop
 
 
 
 
 
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia