digg

Join DiggAbout

Discover the best of the web!
Learn more about Digg by taking the tour.

Http:BL Returns Control of Website Access Back to Website Owners

projecthoneypot.org — For two years Project Honey Pot has promised that it will help keep harvesters, comment spammers, and other malicious web robots off websites. Today they make good on that promise with the launch of http:BL. The free, new service allows anyone to query http:BL and retrieve results based on the data gathered the Project's vast network of traps.

Bury
show profanity settings
expand all
  • RTCA, on 10/12/2007, -0/+9Awesome! I've been waiting for this since June of last year!
    • btipling, on 10/12/2007, -0/+3This sort of blacklisting has been long anticipated. It's unfortunate that things had to come to this. More than likely spam will never go away, and no matter what technology we use, some spam will always get through. But it's time the good guys struck a counter-blow.
  • Ruhtar, on 10/12/2007, -0/+9This will be great! Spam Harvesters are easily 20% of the traffic my servers see and being able to reduce that to only harvesters as of yet unidentified will free up so many resources, I'll probably be able to do without 2 of the servers I currently am having to pay for!
  • FakeOutdoorsman, on 10/12/2007, -0/+15This beats editing my evolving beast of a httpd.conf file.

    God, I'm a dork.
  • NikkeL, on 10/12/2007, -3/+3Great news! And news that will reduce bandwidth waist on some of the sites that now get beaten by spambots.
  • comedyplus, on 10/12/2007, -0/+4Let's see if this really works.
  • Aliarse, on 10/12/2007, -0/+6This will work.

    Right up until one of the spammers figures out a way around it.
  • JamesWilson, on 10/12/2007, -5/+3I really don't like the DNS way of their API. Give me a REST xml interface.
    • LowFuel, on 10/12/2007, -0/+11I'd like a pony.
    • MikeSD34, on 10/12/2007, -0/+3The DNS infrastructure is proven reliable, and has built in caching methods. I think it's surprisingly inventive.
    • texpundit, on 10/12/2007, -0/+2"I'd like a pony."

      And a plastic rocket.
    • cybe, on 10/12/2007, -0/+2I've made a simple script that downloads the RSS feeds (http://projecthoneypot.org/top_harvesters.php) and greps out the IP numbers and adds adds them the a blacklist on my site, effectively blocking out harvesters and comment spammers.
    • EastDakota, on 10/12/2007, -0/+1To JamesWilson's comment, for this application (a simple query returning a simple result) DNS is probably better choice than XML/Soap because it's much simpler, faster, and has significantly less overhead. DNS has been used for more than 10 years in order to run black lists for mail servers. The average mail server deals with a lot more traffic than the average web server, which means choosing a solution that is quick is especially important. One other thing that is nice is DNS has a sort of built-in load balancing/caching system. As a result, queries against DNS put much less strain on the servers hosting the master records.

      To Cybe's comment, you can continue parse the RSS feeds off the Project Honey Pot pages, but you doing so you 1) won't get 100% of the data, 2) get delayed data because the RSS feeds don't update frequently, and 3) will only get a black/white determination of whether an IP is a harvester or other malicious robot.

      Http:BL is cool because it gives you a lot more data to work with including what kind of malicious robot is it, when was it last seen by the Project Honey Pot network, and how big a threat it poses to your site. That data isn't included in the RSS feed. And http:BL is wicked fast. Check out the API. If you have the skills to parse an RSS feed, you'll easily be able to build something that can take advantage of the http:BL DNS lookups.
    • cybe, on 10/12/2007, -0/+1I found someones PHP script, on the Project Honeypot Forum, which I'm testing now. Poor Akismet hasn't been fed spam today. I hope someone whips up a Drupal module. One that reports comment spam to both Project Honeypot and Akismet would be ideal.

  • seehuge, on 10/12/2007, -5/+2IT'S A TRAP!

    /ackbar
  • jackmaninov, on 10/12/2007, -0/+1Let me be the first to say: http://topofcool.net/mailscript.php?cfm=4977

    Yes, it goes to a honeypot :P
  • jumpfroggy, on 10/12/2007, -0/+2This is great. Comment spam is getting worse and worse, and the counter-measures are getting worse as well (ever had one of those images where you couldn't read any of the letters??).

    Glad to see there's better tools out there, especially smarter ones than just dumb blacklists and javascript checks. Can't wait to see how this fares.
  •  

    Login or register to add a comment

    Create a new account or login to join in the conversation on Digg. You'll also be able to Digg stories to help promote things you like.


© Digg Inc. 2008 — Content posted by Digg users is dedicated to the public domain.
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.