|
Author: E.Ilkan (14 Jul 07 9:01pm)
Hello!
In the past few "days" i have seen that there are many trials in our users contact forms, and guestbooks to send spam over these. Mostly all of them are stopped, "warned", and logged by a little self written code in our script´s.
I have now also seen that most of those Ip´s are already known in project honeypot´s data base. So in most cases i could not only write a small comment, i could also add a lot of known data from these ip´s. These are: Date, Time, User-Agent, Used Username, a very large piece of the text which was used (mostly full with url´s, html links, and keywords), and more information from the Apache logfile.
Now my question(s):
What kind of information is used in those comments to suspicious Ip´s? Are you/we only interrested in a small comment if it was a harvester, spamer, or comment spamer? Or could you/we use all the other informations, like date, time, and so on? And which kind of information is really not wanted in an comment? Are comments important, or do they only have informative charackter?
And here is one suggestion:
Sometimes i want to make changes to my comments i have posted, in these cases i have to delete the whole comment, change it and then post it again. Is it possible to add a "Edit" button to comments, please? Or ist there any reason to not add one?
Thank you, with kind regards from Germany,
Erol
Post Edited (15 Jul 07 6:10pm)
|
Welcome to Project Honey Pot | Login