Re: Project Honeypot

1

It will never work. Spiders don't eat honey. What were they thinking?


Posted by: Mitch Mills | Link to this comment | 12-22-04 7:16 AM
horizontal rule
2

Hmmm, it appears that sometimes it's the spiders that use honepot tactics.

Maybe they should have called it Project Wasp.

Or maybe they were going for a Honey-Glazed Spam type of image. Bleeeecch.

Or maybe I just need to actually do some real work. And/or get a life.


Posted by: Mitch Mills | Link to this comment | 12-22-04 7:33 AM
horizontal rule
3

Are these billable hours, Mitch?


Posted by: ogged | Link to this comment | 12-22-04 8:57 AM
horizontal rule
4

I thought a honeypot involved a series of dynamically generated pages with timestamped false email addresses on them, and further links to more dynamically-generated pages, so that spiders would keep following?


Posted by: ben w-lfs-n | Link to this comment | 12-22-04 9:36 AM
horizontal rule
5

Dunno. I followed the instructions and summarized what seemed to be going on. You might be right; though you can see the honeypot link at the bottom of our main page (in the source), and it doesn't look like a time-stamped email address.


Posted by: ogged | Link to this comment | 12-22-04 9:39 AM
horizontal rule
6

I'm one of the Project Honey Pot creators... the one who knows Ogged's true identity! Thought I'd give a bit more info on the Project.

As the ben w-lfs-n suggested above, there are some spider traps that generate tons of links and fake email addresses for harvesters to pick up. WPoison is probably the most common. Problem with those is 1) they keep generating load on your servers, and 2) it doesn't really hurt the spammers.

What I mean by the second is that because the marginal costs of sending each message is virtually zero, spammers have little incentive to clean their lists. Sure you may be able to poison them with a bunch of phony email addresses, but they just shrug and say, "So what?!" No significant additional cost is created. Moreover, harvesters have become smarter at not following these traps forever, so the

We're trying something different. The link we allow you to install goes to your own custom honey pot page. That page contains a legal disclaimer and at least one email address. The address is hidden from most humans who visit the page, but harvesters can see it. While the address appears completely normal (joe.smith@domain.com, or something) we have recorded it on our system associated with the IP address and the moment in time when the harvester visited your site.

The addresses handed out by the honey pots all point back to our servers. As soon as we start receiving mail at them we can associate that mail back to the exact moment in time when a harvester struck. We then publish this info on our site.

What's more, with the next update we're going to begin tracking comment spammers as well. The same honey pot page will contain a comment form. While it will be hidden from humans, harvesters that submit to it will be tracked and logged. We're working on the internal systems for this, but it's close.

The upshot of this is that, as our data becomes more robust, we're going to be able to allow members of the Project to block harvesters and comment spammers from accessing their sites before they have a chance to do ANY damage. Moreover, the data we're gathering is critical for going after the criminals who are behind the spam and phishing attacks that are running rampant on the Internet today.

We're excited for the Project any hope that anyone with a website will consider participating. Maybe I'll reveal the secret identity of Ogged to whoever's installed honey pot catches the most harvesters. Just kidding, Ogged.


Posted by: EastDakota | Link to this comment | 12-22-04 10:48 AM
horizontal rule
7

Three rules for the spam game:

1) you can not win.

2) you can not draw.

3) you can not leave the play.

Greetings,

Antonio, from Malaga (Spain)


Posted by: Malaga | Link to this comment | 04-15-05 6:05 AM
horizontal rule