Earthweb
Images Events Jobs Premium Services Media Kit Network Map E-mail Offers Vendor Solutions Webcasts
 SUBJECTS:
 FEATURES:
IT Management Webcasts:
The Role of Security in IT Service Management

Preparing for an IT Audit

More Webcasts


Search EarthWeb Network

internet.commerce
Be a Commerce Partner
Condos For Sale
Calling Cards
Holiday Gift Ideas
Shop Online
Best Price
Online Education
Cell Phones
Desktop Computers
KVM Switch over IP
Televisions
Build a Server Rack
Online Shopping
Promotional Gifts
Car Donations

Linked Data Planet Conference & Expo

IT Management : Columns : Executive Tech: Protect Your Company From 'Cache Bashing'

Heroes Happen Here Launch Events
Attend the upcoming launch of three powerful new products, take a test drive, meet the teams, and leave with promotional copies of Windows Server 2008, Microsoft SQL Server 2008, and Microsoft Visual Studio 2008. Register here. »

 
Install What You Need with Windows Server 2008
Windows Server 2008 is Microsoft's most full-featured server operating system yet, so it's ironic that one of its most exciting new features is an install option that cuts out most of the other features. Paul Rubens explores why a Server Core installation makes a great deal of sense in many instances. »

 
Simplify Big Business IT for Small and Midsize Companies
Windows Small Business Server 2008 and Windows Essential Business Server 2008 deliver all-in-one solutions to help fuel growth for customers and partners. »

 
Q&A with Bob Muglia: Senior VP, Server and Tools Division
Bob Muglia, senior vice president, Server and Tools Division, discusses Microsoft's new interoperability principles and the steps the company is taking to increase the openness of its products. »

 
Q&A with Lutz Ziob, GM of Microsoft Learning
Lutz Ziob, the general manager of Microsoft Learning, talks about how IT professionals can become certified heroes within their enterprises by getting trained and certified in Windows Server 2008. »

Related Articles
How Not to Let Users Search Your Site
Phish This, You Scum
- ITSMWatch Newsletter -
Tech Focus: Security

Cybersecurity: Laws Only Go So Far

Mozilla Firefox vs. Internet Explorer: Which is Safer?

Is Your Blog Leaking Trade Secrets?

The Las Vegas Counterfeiting Story: Is Your Privacy Worth More Than a Poker Chip?

Stopping Spammers at The Point of Sale

Product Watch
IOGEAR KVM - Includes Audio/Peripheral Sharing
Coverity Prevent / Coverity Thread Analyzer - Analyze Source Code For Defects, Security Vulnerabilities
USSD Series - SDRAM-Based Solid State Drives to 256 GB
UltraSMS - Send SMS From Your PC
Sentinel Sensors - Wi-Fi Based Temperature Monitoring Especially For Cold Storage

more products >>

Datamation Definitions
data mining
ERP
extranet
grid computing
intranet
network appliance
outsourcing
storage
VPN
virus
FREE Tech Newsletters

Whitepaper: An Architectural Blueprint for Autonomic Computing. A team of IBM experts provide a detailed discussion focused on planning & transforming IT infrastructures into self-managing systems.

Protect Your Company From 'Cache Bashing'
June 1, 2004
By Brian Livingston

Brian Livingston It's not enough that you have to install firewalls, antivirus programs, spam filters, and adware cleaners on all your PCs — now you have to guard against something called "cache bashing," too.

If it's important that your company be findable when potential customers look for your topic in search engines — and what company doesn't care about that these days? — you'll want to know how this works and how to protect yourself.

Allow me to explain.

Cache Bashing for Fun and Profit

The latest Internet threat was discovered during a new contest to see which Web sites could be forced into a top ranking in Google.com's search pages for a particular nonsense term. This little game is called Google bombing.

Google bombing requires the cooperation of a number of different Web pages. If they all link to a specific Web site using a particular set of words, Google will soon rank that site very highly on searches that use the exact same words.

This fact has given us searches like miserable failure, for which the first search result became the Web site of the White House. Turning the tables, conservative groups then created links so that the first search result for great president was a biography of George W. Bush.

That's all great fun. But the latest experiment has shown a much darker side to Google bombing. This problem can very negatively affect the search-engine rankings of your company.

Google Bombing for Prizes. Professionals who advise companies on search-engine positioning, which is known as search-engine optimization (SEO), were challenged to a duel on April 30 by SEO consultants at SearchGuild and Dark Blue. Whichever Web site showed up on June 7 in Google's No. 1 spot for a made-up search phrase would win an Apple Mini iPod. The No. 1 site 30 days later, after Google had presumably tweaked its ranking formula, would win a 17-inch Sony flat-panel LCD screen.

High Rankings for "Nigritude Ultramarine." These weren't especially luxurious prizes, to be sure. But they were enough to start a kind of feeding frenzy among a subculture of SEO hackers. The chosen phrase for optimization was "Nigritude Ultramarine," two words that mean "the state of being black" and "vivid, purplish blue." By last week, there were at least 377,000 Web pages containing that exact phrase, according to the search results page at Google. Before the contest started, there had been none.

The Dark Side Strikes Back. One of the highest-ranked Web pages for a time was a competition entry posted by Time2Dine.co.nz. This New Zealand-based restaurant reservation site has a sideline business in SEO consulting and entered the contest as a lark. Suddenly, the page's ranking in Google's listings plummeted from 3rd to 103rd in only three days, according to Garrett French, the editor of the e-commerce forum WebProNews.

What had caused such a sharp dive so quickly? French says that a programmer called BlueFalcon had found a way to use Google's own API (application programming interface) to sharply penalize his competitor's entry in Google's rankings.

Your Cache Can Be Used Against You

To accomplish cache bashing, the attacker uses a link at Google that leads to a cached copy of your company's Web page — as it looked when Google most recently indexed it. Your nemesis then posts the copy of your page somewhere on a site that has a higher "page rank" at Google than your site does. Because Google eliminates from its index any pages it finds that are simply duplicates of other pages, your company disappears from or is strongly penalized in Google's rankings.

This kind of black-hat optimization has been possible before. An attacker could simply copy any page of your site that he or she visits. But you were previously able to defend against this. When you detected the creation of duplicate pages, you could ban the offender from visiting your site again, using the IP address from which the original visit occurred.

Since a cache-bashing attacker gets copies of your pages by visiting Google's own cache — not your site — banning offending IP addresses no longer works.

Conclusion

How can your company protect your rankings in search engines from being destroyed by cache bashing? Since this kind of attack is new and still fairly rare, I wouldn't recommend that you take any action unless you detect that it's actually happening to you. If it is, the only defense at this time is to configure Google not to make cached copies of your Web pages available. This is simple to do, as explained in Google's help file.

Having a low ranking in search engines isn't the worst thing that can happen to your company. But now you know that it's one more Internet exploit you need to watch out for.

Brian Livingston is the editor of WindowsSecrets.com and the co-author of Windows Vista Secrets and 10 other books. Send story ideas to him via his contact page. To subscribe free and receive Executive Tech via e-mail, visit our signup page.

Tools:
Add itmanagement.earthweb.com to your favorites
Add itmanagement.earthweb.com to your browser search box
IE 7 | Firefox 2.0 | Firefox 1.5.x
Receive news via our XML/RSS feed

Executive Tech Archives



JupiterOnlineMedia

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers

Solutions
Whitepapers and eBooks
Microsoft Article: Will Hyper-V Make VMware This Decade's Netscape?
Microsoft Article: 7.0, Microsoft's Lucky Version?
Microsoft Article: Hyper-V--The Killer Feature in Windows Server 2008
Avaya Article: How to Feed Data into the Avaya Event Processor
Microsoft Article: Install What You Need with Windows Server 2008
HP eBook: Putting the Green into IT
Whitepaper: HP Integrated Citrix XenServer for HP ProLiant Servers
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 1
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 2--The Future of Concurrency
Avaya Article: Setting Up a SIP A/S Development Environment
IBM Article: How Cool Is Your Data Center?
Microsoft Article: Managing Virtual Machines with Microsoft System Center
HP eBook: Storage Networking , Part 1
Microsoft Article: Solving Data Center Complexity with Microsoft System Center Configuration Manager 2007
MORE WHITEPAPERS, EBOOKS, AND ARTICLES
Webcasts
Intel Video: Are Multi-core Processors Here to Stay?
On-Demand Webcast: Five Virtualization Trends to Watch
HP Video: Page Cost Calculator
Intel Video: APIs for Parallel Programming
HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind
Microsoft Silverlight Video: Creating Fading Controls with Expression Design and Expression Blend 2
MORE WEBCASTS, PODCASTS, AND VIDEOS
Downloads and eKits
Sun Download: Solaris 8 Migration Assistant
Sybase Download: SQL Anywhere Developer Edition
Red Gate Download: SQL Backup Pro and free DBA Best Practices eBook
Red Gate Download: SQL Compare Pro 6
Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS
Tutorials and Demos
How-to-Article: Preparing for Hyper-Threading Technology and Dual Core Technology
eTouch PDF: Conquering the Tyranny of E-Mail and Word Processors
IBM Article: Collaborating in the High-Performance Workplace
HP Demo: StorageWorks EVA4400
Intel Featured Algorhythm: Intel Threading Building Blocks--The Pipeline Class
Microsoft How-to Article: Get Going with Silverlight and Windows Live
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES