Message Board

Newbie/Basic Questions

Older Posts ]   [ Newer Posts ]
 Visiting your own honeypot
Author: T.Steele   (29 May 07 6:11am)
I just loaded my own honeypot script, is that enough to blacklist my IP address? oops..
 
 Re: Visiting your own honeypot
Author: M.Prince   (30 May 07 10:50am)
Nope. You'll be fine. Just don't send to the addresses that are handed out through your honey pot.
 
 Re: Visiting your own honeypot
Author: K.Lourens   (27 Aug 07 10:29pm)
After I installed the 3rd and 4th honeypot and visited them to check whether they were reachable, my own IP got blacklisted. I only read the page and I did not send or fill in anything.
So if that's already causing my IP being blacklisted, I consider removing them and stop.
 
 Re: Visiting your own honeypot
Author: M.Prince   (28 Aug 07 11:40am)
Your IP is not blacklisted just from visiting your honey pot. IPs are only added to the http:BL if they visit a honey pot and the either send to a spamtrap address handed out there, or post to a comment spamtrap.

If your IP shows up when you search for it on our site but you haven't done any of the above then you'll notice that you are listed as "harmless." These harmless IPs are not included in the http:BL.
 
 Re: Visiting your own honeypot
Author: K.Lourens   (28 Aug 07 1:15pm)
This is what it says:
82.217.64.39
This IP addresses has been seen by at least one Honey Pot. However, none of its visits have resulted in any malicious messages yet. Its possible that this IP is just a harmless web spider. If you know something about this IP, please leave a comment.

Lookup IP In: Domain Tools | SpamHaus | OpenRBL | Spamcop | SenderBase | Google Groups | Google

Geographic Location Netherlands (Rijsenhout, Noord-Holland)
Spider First Seen approximately 1 month, 1 week ago
Spider Last Seen within 1 week
Spider Sightings 12 visit(s)

--------------------------------------------------------------------------------

IPs In The Neighborhood
82.217.63.153 (S)
82.217.64.50 (S)
Spider's User Agents
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Genealogie Werkbalk 1.0; (R1 1.5); .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)


1 comment(s) - Comment on this IP | Collapse All
1 comment(s) - Comment on this IP | Show All
Any HTML tags will be stripped:


K.Lourens commented...
This is the IP-address of myself, the owner of the honeypots!!
August 27 2007 08:58 PM | Delete
 
 Re: Visiting your own honeypot
Author: K.Lourens   (28 Aug 07 1:16pm)
I changed provider yesterday, so my current new IP is not listed.
Listed is the IP a have till 31aug.
 
 Re: Visiting your own honeypot
Author: M.Prince   (28 Aug 07 8:00pm)
Right. It's saying that it's an IP that has visited a honey pot but not done anything bad. If there's language you'd prefer there then let us know and we'll consider revising it.
 
 Re: Visiting your own honeypot
Author: G.I2   (29 Aug 07 8:15am)
I too have found my IP address with the same as above.

----------------------------------------------------------------------------------------------------------------------
This IP addresses has been seen by at least one Honey Pot. However, none of its visits have resulted in any malicious messages yet. Its possible that this IP is just a harmless web spider. If you know something about this IP, please leave a comment.
-----------------------------------------------------------------------------------------------------------------------

I understand what the above means but it is still a little distressing to do a lookup of our own IP addresses to get the above message. How do we rectify this if indeed we are not spammers or harvesters or other such low-lifes?
 
 Re: Visiting your own honeypot
Author: K.Lourens   (29 Aug 07 6:50pm)
That is my point.
After the installation of each honeypots, we need to check:
1. the invisibility to other visitors and
2. ofcoarse also that the code to call the honeypot is correctly copied..
After the first and second my IP was not listed. But after the third and fourth honeypot my IP was listed.
And yesm, the text is clear now, but I still find this very unpleasant.
You should provide a way to avoid this. Either by a parameter only known to the owner, or by let us administer our own IP in our profile, to be used as a kind of "exclude-list".
I would like this to be rectified and a solution for the future.
Kees.



You may browse the discussion topics, but you must sign in to post. If you do not have an account, you can create one for free.

do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–25, Unspam Technologies, Inc. All rights reserved.

contact | wiki | email