Automated logging of TBs and GeoCoins at GeoCaching.com

I have taken up a new hobby called Geocaching some months ago, where you run around with a GPS device in order to find hidden “caches” along the countryside. One thing that you can find in these caches are so-called “trackables” which own a tracking number. You enter this tracking number on the Geocaching.com website to claim that you have seen and maybe have taken the trackable item.

When attending an event together with other Geocachers, the number of trackable items present can become really big – there were over 80 of them for the last get-together that I went to. Since I don’t want to track all of these items by hand, I remembered about the possibility to automate web browsers with Selenium. After I got a list of the tracking numbers, I wrote a small script to handle the “Discover It!” requests to the GC.com website.
Read the rest of this entry »

Automating web browsers with Selenium

I have a new fun toy to play with: Selenium makes it possible for you to automate web tasks. After you start the Selenium server (a java command line program) you can get access to the browsers you have installed (Firefox, MSIE, Opera, Konqueror, you name it) and use the Selenium API to simulate user interaction with the browser in your favorite programming language (Java, Perl, PHP, Python, Ruby or C#). You can even use a Firefox extension to record your actions to rapidly develop these test cases. Read the rest of this entry »

Honeypots for spambots

I had a look around for Honeypot concepts again. These are “traps” laid out for spidering robots that harvest email addresses from websites. If some robot access the honeypot, it will be completely blocked out from the site for some time, see the meshapsteps CVSTrac for an example of it in action. Apart from the two evolt.org articles “Using Apache to stop bad robots” and “Stopping Spambots II – The Admin Strikes Back” that I read some time ago, too, I found two Apache modules that are aimed for the same thing, Robotcop and Bottrap mod_perl. Of course you can use PHP to automate security, too. Another idea that might prove useful is to deliberately provide email addresses for spambots that are only meant to be used to feed the spam filter.

And as for Virii and Trojans, VirusTotal let’s you upload files for inspection by a broad collection of antivirus scanners, maybe even helping the AV software developers out. This would work nicely combined with “real” Honeypots like mwcollect or Nepenthes.