Honeypots for spambots

29 10 2005

I had a look around for Honeypot concepts again. These are “traps” laid out for spidering robots that harvest email addresses from websites. If some robot access the honeypot, it will be completely blocked out from the site for some time, see the meshapsteps CVSTrac for an example of it in action. Apart from the two evolt.org articles “Using Apache to stop bad robots” and “Stopping Spambots II – The Admin Strikes Back” that I read some time ago, too, I found two Apache modules that are aimed for the same thing, Robotcop and Bottrap mod_perl. Of course you can use PHP to automate security, too. Another idea that might prove useful is to deliberately provide email addresses for spambots that are only meant to be used to feed the spam filter.

And as for Virii and Trojans, VirusTotal let’s you upload files for inspection by a broad collection of antivirus scanners, maybe even helping the AV software developers out. This would work nicely combined with “real” Honeypots like mwcollect or Nepenthes.




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: