Message Board

Newbie/Basic Questions

Older Posts ]   [ Newer Posts ]
 PHP logging
Author: B.Abreu   (21 Dec 16 2:31pm)
Noob.

I have some other pages/directories on my site, besides the honey pots, which should be invisible to legitimate visitors. My server has AWSTATS but I was wondering if there is some free or low cost php script that I could use to log more data for any visitors to files in these directories? For the most part these simulate administrative type folders for popular software and they get hit a lot but the data I get is pretty basic.

Secondly would there be any benefit (or allowed) to redirect people attempting to hack these admin files to a honey pot? Would this help them be identified in any way? Or is there some similar 'hacker honey pot' to Project Honey Pot that could be used to log these types of attempts?

I'm not interested in blocking these IPs, just logging and identifying them.

 
 Re: PHP logging
Author: H.User1325   (21 Dec 16 2:51pm)
Even with a script the only information available is the basic information that you can see in log files, you just don't have to dig it out. Some script can take that information (the IP address) and check other databases for additional info, for example WHOIS, project Honey Pot, etc.

I would assume that inserted in your "admin" HTML files are hidden links to you honey pot so that harvesters can follow them, but legitimate visitors can't "see" them and won't follow the link. If the bots (hackers) snooping around your files don't collect an email address from the honey pot, AND then spam is received at that address, there is no point.

Post Edited (21 Dec 16 2:54pm)
 
 Re: PHP logging
Author: B.Abreu   (21 Dec 16 3:07pm)
> If the bots (hackers) snooping around your files don't collect an email address from the honey pot, AND then spam is received at that address, there is no point.

Ah, thanks. I see them attempting to get into all of these 'admin' files and logins and was hoping there was some way to identify and blacklist them based on that activity. For now I've noted the activities of a few of the worse offenders in the IP comments section of Project Honey Pot but that is manual sleuthing.

Thanks for the info.



do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–17, Unspam Technologies, Inc. All rights reserved.

contact | wiki | email