Message Board

Bugs & Development

Older Posts ]   [ Newer Posts ]
 BUG - HoneyPot captures Webmaster/Owner IP as Malicious
Author: S.Metler2   (25 Feb 13 10:09am)

Project Honey Pot has a substantial bug in it's 'IP behavior' statistics gathering logic.

I installed a Honey Pot on *my own* website to contribute to this project. This is a website that I developed and administrate.

I recently scanned *my own* website using N-Stalker Free Edition (N-Stalker is designed to scan a website for Web Vulnerabilities like XSS, Code Injection, Atypical Form Submissions, etc.)

Unfortunately, Project Honey Pot does not (cannot) distinguish a website's owner/administrator from the general public, even though I created and activated the Honey Pot using this same IP address.

Project Honey Pot logged me (scanning my own website) as 'malicious activity'.

As such, my IP address 'behavior profile' now indicates that I am a 'Threat Rating: 49' and a 'Comment Spammer' with '2,533 web post submission(s) sent from this IP'

The truth is that the statistics shown on my 'IP Behavior' profile page are caused by me auditing *my own* website for vulnerabilities.

I contacted Project Honey Pot about this serious bug and they admitted that this is a known issue, but they have so far refused to correct the inaccurate stats that they are publishing online.

I do not know why they are not willing to correct the bad stats, but this scenario has caused me as a website owner and voluntary contributor to this project to now be incorrectly labeled as a "Comment Spammer".

This would not have happened if I was not actively contributing to this very project and had never installed a Honey Pot in the first place.

*** WEBMASTERS BEWARE ***

This bug can cause Project Honey Pot contributors to be incorrectly labeled as "Malicious".

If you have a Honey Pot installed, the Project Honey Pot system will log you accessing your own website!

Project Honey Pot will label you as a Spammer, they will publish that incorrect information online and they will refuse to correct it.
 
 Re: BUG - HoneyPot captures Webmaster/Owner IP as Malicious
Author: H.User1325   (25 Feb 13 12:12pm)
I maintain (4) domains, all with Honey Pots installed. All the tools I uses have options to exclude files and/or directories.

Several years ago when I noticed the problem you report, I entered each HP so it would not be scanned and links/QuickLinks to Honey Pots would not be followed.

I also looked at the report for my IP, noting that all activity was from my "known" tools and left a comment explaining what happened and my corrective action. Problem solved.

 
 Re: BUG - HoneyPot captures Webmaster/Owner IP as Malicious
Author: S.Metler2   (26 Feb 13 8:08am)
Thanks for your reply H.User1325!

Yes, I can exclude the Honey Pot from the scanning software in the future or disable the Honey Pot completely before scanning.

Unfortunately, I did not know to do that before scanning my own website. I did not know that scanning my own website would permanently and irreversibly generate a Comment Spammer reputation for myself !

The problem here is that ...

A) Project Honey Pot is not warning it's Honey Pot contributors of this known bug.

B) Project Honey Pot is (very ironically) falsely accusing it's own Honey Pot contributors of being the very scum we are all trying to prevent!

C) Project Honey Pot is knowingly publishing these blatantly wrong accusations online and permanently labeling their own user base (that is contributing to this very project) as Spammers\Hackers. They are ruining their own user base's online reputation for voluntarily contributing data to this project.

D) Project Honey Pot has no way of preventing this scenario nor are they willing to correct the falsely collected stats.

E) There are real world consequences. I have apparently been added to Blacklists because of the incorrect Project Honey Pot stats.


I view this as analogous to someone installing a Security System in their home. The home owner is responsible and checks all the doors and window locks to secure their home before going to bed, but they accidentally trigger the alarm system (that they installed in their own home.)

No one would expect to be arrested and have a permanent arrest record after accidentally triggering their own home security system.

Unfortunately, Project Honey Pot is doing just that !! It is wrong. Plain and simple.

This is a serious issue (and bug withing the Project Honey Pot logic) if you value your online reputation, and I do value my reputation.



do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–17, Unspam Technologies, Inc. All rights reserved.

contact | wiki | email