Message Board

http:BL Use/Development

Older Posts ]   [ Newer Posts ]
 IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: M.Prince   (28 Apr 07 2:55pm)
One thing that would be great for http:BL plugin/module developers to consider is whether there's a way for the software they create to automatically distribute QuickLinks or URLs that point to honey pots. Http:BL only has value if we get a significant amount of traffic to honey pots from harvesters and comment spammers. If plugins could take this into account and help by distributing the hidden links it will make them more valuable to our community.

For example, all the code is going to have to include a place where users can enter their Access Key. At the same time, users could also enter the URL of a QuickLink or the honey pot they've installed on their site. The code could then help distribute these links on the content that is being protected by the http:BL service. Maybe even routing known bad robots directly to the honey pot.

There are a number of ways to hide a link from humans but still have it displayed to robots. You can see some suggestions on the Manage QuickLink page:

http://www.projecthoneypot.org/manage_quicklink.php

It wouldn't be hard to build in a number of these hiding methods for the links your software would develop. Be creative with your HTML/CSS/Javascript. The more ways in which we can hide links, the more difficult it is for robots to avoid them.

Again, the key to http:BL being successful is getting sufficient traffic to honey pots. That means we need to get as many honey pots installed and links to honey pots included on web pages throughout the Internet. Please keep this in mind as you are building software to take advantage of the http:BL service.
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: B.Engert   (28 Apr 07 10:32pm)
that's a really smart idea I'm working on a wordpress plug-in I'll look in to adding this too.
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: S.Enbom   (29 Apr 07 3:29am)
http://nedbatchelder.com/text/stopbots.html
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: M.Janssen   (29 Apr 07 7:58am)
The Drupal module has this implemented.

http://ceaseless.ws/httpbl/
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: O.Pacuraru   (3 May 07 5:42pm)
hello,

I want to use this wordpress plugin: http://stepien.com.pl/2007/04/28/httpbl_wordpress_plugin/

BUT I am no "real" wordpress user, I use wpmu which is the multiuser version of wordpress. I give away free blogs, but this is no huge service I have, currently its only hosting around 10 active blogs.

Would this be a problem? I mean I really don't have heavy traffic and I wouldn't cause trouble.

Any feedback on my request? I mean this service together with a wpmu compatible plugin would really help a lot of people using wpmu...
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: M.Prince   (3 May 07 6:30pm)
We're fine with you using one Access Key so long as it's all running on one server and it's not discoverable by the other users. In other words, if they install blogs and have the protection of http:BL, but they don't have any place to enter an Access Key or see what Access Key is protecting them, then that's fine.

If, on the other hand, they all setup their Access Key separately then we encourage you to have them all get their own. Make sense?

Matthew.
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: J.Yard2   (4 May 07 1:19am)
I like the Transparent Image method because there are no tell-tell signs without downloading and evaluating the image. Yet it is not visible on the page to humans.

<a href="/Honey_Pot_Link/"><img border="0" src="/Transparent.gif"></a>

Would be good addition to the quick links.

Could also use an image the same color as the page background, or containing several imperceptible shades off to make harder to programmatically detect if downloaded for evaluation.

Also what about using the z-index to hide a Honey Pot link image behind one of the ordinary visible images, yet bots would still see it. Or is z-index only available with client side scripts. Been awhile since I used a z-index I don't remember now.
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: M.Prince   (4 May 07 2:32am)
All good suggestions. The one reason we don't recommend the transparent image is that it requires people to create another file and put it somewhere. Hard to then make a copy-and-pasteable line of HTML that will reliably work. But it's a great way of hiding it. One of the best. Recommend it strongly. Maybe we should suggest it in the text.

Z-Index is an idea that hasn't been suggested before. A bit trickier since you'd need to make sure that whatever you used to cover it up had a opaque background. But it would work. Perfect for a lot of applications, though, again, a tough one to make cut-and-pasteable.

Thanks for the suggestions!!

Matthew.
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: O.Ozh   (4 May 07 4:56am)
Cut'n'pastable code for an invisible transparent gif :

<img border="0" width="0" height="0" src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7"/>

Clean, no need to upload a gif, doesnt generate any 404 in your logs, etc...

Note that a simple <img src="" border="0" width="0" height="0"/> would do the trick, too.
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: J.Yard2   (4 May 07 6:11pm)
If I was to run a spam bot though I'd ignore links with image width/height set to zero. Maybe even anything less than say 10 px. That's one of the things that makes the transparent gif so good, is that from the text of the link there is no way to distinguish it from any other legitimate gif link.
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: M.Prince   (4 May 07 7:05pm)
O.Ozh:
That's cool. I didn't know you could do that. Doesn't look like you need to include the height/width, so J.Yard2's concerns can be limited. Even looks like you can randomize the data that makes up the Base64 encoding a bit and not have it get too wonky. Having it exactly the same would be another thing robots could look for in order to avoid the links.

Neat stuff. We'll think about including it among the recommendations.

Matthew.
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: J.Yard2   (4 May 07 7:22pm)
I get red x's without width/height set to zero. :-(

Also how would you go about unique-ifying this "data:image/gif;base64". How many sites do you think use such a string in ligitimate links? Very easy for bots to learn about and avoid.

Post Edited (4 May 07 11:16pm)
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: J.Yard2   (4 May 07 11:43pm)
"The one reason we don't recommend the transparent image is that it requires people to create another file and put it somewhere. Hard to then make a copy-and-pasteable line of HTML that will reliably work."

Just give them a uniquely named small transparent gif and matching image link. Kind of like is done for the HoneyPot.PHP file.
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: O.Pacuraru   (5 May 07 2:45am)
me again :-)

another wpmu based question.

I used a trick to link to my honeypot on all blog sites. I have a plugin that is widely used in the community, which gets loaded on each and every blog page, for all blogs in the system. It puts an admin bar on top of all blogs. Thats where I linked to my honeypot.

Now to my question: the link to my honeypot looks like this: http://mydomain.com/honeypot.php so now every blog on my system has a link like this. but I could do more as each blog has a unique variable called blog_id which I could use to construct links to my honeypot like this: http://$blog_ID.mydomain.com/honeypot.php

remember: its not actually mydomain and neither is it called honeypot.php :-)
Would this work out with the honeypot? Or would it somehow give problems? If I could do this I think I would greatly contribute to the project as I would have different honeypots actually :-)

any thoughts?
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: M.Prince   (5 May 07 4:32am)
You're welcome to do that. The advantage is that you'll be able to track where harvesters/comment spammers come from on a blog-by-blog basis. The disadvantage is you'll have to install a different honey pot for each blog.

The way you have it now seems perfect. If you want more fine-grained stats, then you can install multiple honey pots.

Thanks for your help with the Project!!

Matthew.
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: O.Pacuraru   (5 May 07 7:43am)
I am not interested in anymore stats than I have right now :-)

the thing is me having my honeypot her: http://zice.ro/honeypot.php it can be accessed from any blog like: http://anyblog.zice.ro/honeypot.php without me having to setup more honeypots. this is the internal workings of the .htaccess file and wpmu.

All I have to do is change the included links inside my adminbar to include the blog_id in the link :-)
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: M.Prince   (5 May 07 1:17pm)
I don't think there's any benefit to having different domains point to your single honey pot. In our experience, the spambots aren't that discriminating. You can try it. The only caveat is that it may break the honey pot's validation. We expect the honey pot to be coming from a certain URL. Depending on how the redirect works, if we see it coming from somewhere else then our servers may not return content to it. I think the way you're describing should still work, but definitely try it out and make sure with one before you go through the effort to set it up with all of them.
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: O.Pacuraru   (5 May 07 3:31pm)
ok, I am not sure what to verify. you coudl try it yourself: h*p://sibiu.zice.ro/meaningful.php
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: M.Prince   (5 May 07 4:29pm)
You already did the verification (when you first installed it). It's working. No worries.
 
 Re: IMPORTANT: Automatic QuickLink/Honey Pot Linking
Author: C.Wilson6   (18 Jul 07 11:40am)
I run a guestbook service, so you can imagine the amount of harvesters and comments spammers that visit the 6000+ guestbooks.

I have included a honeypot in the code that dynamically generates each guestbook when a visitor wishes to view or sign the guestbooks. The honeypot script is installed in an excutable directory outside of the cgi-bin to prevent it from being blocked by a local spambot trap. I also include this directory in the robot.txt file so that real bots dont get blocked.

I have also create a perl subroutine that checks the httpBL for visitor to the service and routes bad bots to a page which explains why they are being denied access (just in case its a real person).

The use of Honeypots, httpBL, and our local bot trap has greatly improve the load on our dedicated server. Keep up the great work.

Chris



You may browse the discussion topics, but you must sign in to post. If you do not have an account, you can create one for free.

do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–24, Unspam Technologies, Inc. All rights reserved.

contact | wiki | email