Message Board

Installing Honey Pots

honeypot disguised as a legit page?

Author: L.Deregowski (27 Jan 05 4:25pm)

I was just curious weather or not using the honeypot php script for example, could be reformatted safely to be accessed and display as a normal page instead of the built in privacy policy message included. I am not doubting weather this would work, but the real question is : would it skew any reporting data? or possibly send extra unwanted data to the report servers?

If a future version could include just the functions to report, display the honeypot bait address with the ability to insert your own content, that would be great. Using a second-stage or backup verification honeypot like the one currently in use from that page would make it a little redundant but would likely verify there's a bot crawling not just an extra-curious user.

if this doesn't sound clear, let me know (wow i need a nap)

Re: honeypot disguised as a legit page?

Author: L.Holloway (2 Feb 05 6:51pm)

At some point we plan on making the honey pots much more sophisticated. Customization is definately an item on that list. We just need to figure out a way to make it simple and to prioritize it.

Re: honeypot disguised as a legit page?

Author: L.Deregowski (3 Feb 05 1:50am)

Excellent, that's good to hear. When that point *is* reached, it would be great if you could actually include and treat the honeypot into your regular site content, pretty much sniffing anyone out. Essentially not only identifying bots, but maybe also a users machine (ie: users with static IP #'s) as a potential zombie harvester. I'm fairly certain that by now someone is using an evil zombie network for not only spamming and ddos attacks but harvesting as well :/

Re: honeypot disguised as a legit page?

Author: K.Kirkpatrick (13 Feb 05 8:21am)

From some of the traffic I've seen from a few cable and DSL netblocks, I'd tend to think you are right. Whats the point of having a massive bot-net if you don't eventually learn how to task it efficently.