Google API "Google Hacking" Detection
Low Nessus Network Monitor Plugin ID 2488
SynopsisThe remote host is running software that should be authorized with respect to corporate policy.
DescriptionThe remote host appears to be using the Google API to execute 'Google hacking' queries. Many vulnerabilities can be found by querying for the error string (or similar) coming from an incorrectly configured or broken web application. An attacker queries the Google cache for these error strings which then gives them a list of potential targets.
SolutionEnsure that this behavior is in accordance with corporate standards and policies.