Message Board

Bugs & Development

Idea: honeypots looking like real software

Author: J.Schippers (17 Jun 07 8:43am)

I believe that there are bots out there that are specifically targetted at certain weblog/forum software for comment and threadspamming. Would it be an idea to modify software like that to make it such that whenever somebody posts it will list them as a spammer?
The difficulty here is that spammers find such software by search engines like google and yahoo, so our honeypot would need to be findable by a search engine as well. In that case, it is difficult to prevent normal users to accidently post on it. However, I have noticed that once a blog or forum can be found using a search engine, you will get comment spam very quicky, so it might be worth investigating.

I think a solution must have the following properties:
1. It must look like a normal, under-protected installation of standard software
2. It must allow threads, posts or comments to be made by anyone.
3. It must make the software installations findable through search engines
4. It must discourage humans (even the stupid ones) to use the software, while preserving property 1.

If it can be done, I think we can win a major battle against spammers.

Re: Idea: honeypots looking like real software

Author: A.E4 (31 Mar 09 4:40am)

Maybe something that if it detects you are a spam bot redirects you to a parallel blog or forum and real people go to the real one? Like a trap door into the honey pot? Is that what you mean?

Re: Idea: honeypots looking like real software

Author: J.Yard2 (4 May 09 3:41am)

There are techniques to prevent bot posting. Such as requiring a client side script execution in order to post. Bots do not like executing client side scripts because it puts them at risk of counter attack.