How to block Dir harvest?
Hello.
I just installed Apache on CentOS 7 x86_64 and with a tools like "DirBuster", I can find all directories and files. How can I block it? For example, I created a directory with the name "a" and "DirBuster" found it very fast. Is it because of directory permission? Code:
$ ll Code:
$ ll Thank you. |
So you installed Apache. Do you know what is this? Do you know how does it work? Did you configure it properly? Did you configure it at all? Uninstall it and that will solve your issue.
|
I had not known about Dirbuster, thanks for teaching me something new.
One thing puzzles me, though: How did you find out about it? If you used the internet, why did you not use the internet to find answers to your question? Search for block dirbuster and be rewarded with pages like this one. And many others. So, I suggest you use this great resource named “internet” and, if you still have questions, ask them here. |
I found something https://serverfault.com/questions/17...-file-w/377330 but is for a file or directory.
|
Quote:
Seriously, search the Apache documentation for Directory Options. See how to use the Indexes option. |
I use dirbuster every day at work (pen tester). You can't stop dirbuster from finding directories the server is meant to serve. What you CAN stop is the directories from being browsable. Keep in mind that blacklisting tools is useless because many of these can emulate different tools, rending blacklists moot. Can't remember if dirbuster does this, I never have had to make it appear as something else.
|
Quote:
|
no, it is not useless. But as usual you need to learn to use it.
As you need to learn how redirection works, how cron works, how apache works, how apt works, how search engines work and a lot of other things. We can't do that for you, I can't give you my experiences. Believe me, you will [can] progress much faster if you learn. But you know. Your last post itself is completely useless, will not help to solve your issues and even does not give us any information to be able to help you. https://www.linuxquestions.org/quest...4/#post5938205 |
Quote:
However, the internet also has specific answers, and you are in the unique position to know which specific answer fits your specific problem. I can't know that, because you don't explain your specific problem. Your comment "it is useless" is such an example. If you say that a given web page is useless, I can't help you. If you say which part of the web page doesn't work for you, I may help. If you say what you tried to do, what was the outcome, and what is the outcome that you desire, I may help. |
Quote:
|
All times are GMT -5. The time now is 09:27 PM. |