digg

Facebook Connect Join Digg About

Http:BL Returns Control of Website Access Back to Website Owners

projecthoneypot.org For two years Project Honey Pot has promised that it will help keep harvesters, comment spammers, and other malicious web robots off websites. Today they make good on that promise with the launch of http:BL. The free, new service allows anyone to query http:BL and retrieve results based on the data gathered the Project's vast network of traps.

Who dugg this? Made popular Apr 26, 2007

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

20 Comments

show profanity settings
expand all
  • FakeOutdoorsman, on 10/12/2007, -0/+16This beats editing my evolving beast of a httpd.conf file.

    God, I'm a dork.
  • ablez3, on 10/12/2007, -0/+12admitting is the first step to recovery..

  • LowFuel, on 10/12/2007, -0/+11I'd like a pony.
  • Ruhtar, on 10/12/2007, -0/+10This will be great! Spam Harvesters are easily 20% of the traffic my servers see and being able to reduce that to only harvesters as of yet unidentified will free up so many resources, I'll probably be able to do without 2 of the servers I currently am having to pay for!
  • RTCA, on 10/12/2007, -0/+9Awesome! I've been waiting for this since June of last year!
  • Aliarse, on 10/12/2007, -0/+6This will work.

    Right up until one of the spammers figures out a way around it.
  • comedyplus, on 10/12/2007, -0/+4Let's see if this really works.
  • btipling, on 10/12/2007, -0/+3This sort of blacklisting has been long anticipated. It's unfortunate that things had to come to this. More than likely spam will never go away, and no matter what technology we use, some spam will always get through. But it's time the good guys struck a counter-blow.
  • MikeSD34, on 10/12/2007, -0/+3The DNS infrastructure is proven reliable, and has built in caching methods. I think it's surprisingly inventive.
  • cybe, on 10/12/2007, -0/+2I've made a simple script that downloads the RSS feeds (http://projecthoneypot.org/top_harvesters.php) and greps out the IP numbers and adds adds them the a blacklist on my site, effectively blocking out harvesters and comment spammers.
  • jumpfroggy, on 10/12/2007, -0/+2This is great. Comment spam is getting worse and worse, and the counter-measures are getting worse as well (ever had one of those images where you couldn't read any of the letters??).

    Glad to see there's better tools out there, especially smarter ones than just dumb blacklists and javascript checks. Can't wait to see how this fares.
  • inactive, on 10/12/2007, -0/+2"I'd like a pony."

    And a plastic rocket.
  • cybe, on 10/12/2007, -0/+1I found someones PHP script, on the Project Honeypot Forum, which I'm testing now. Poor Akismet hasn't been fed spam today. I hope someone whips up a Drupal module. One that reports comment spam to both Project Honeypot and Akismet would be ideal.

  • EastDakota, on 10/12/2007, -0/+1To JamesWilson's comment, for this application (a simple query returning a simple result) DNS is probably better choice than XML/Soap because it's much simpler, faster, and has significantly less overhead. DNS has been used for more than 10 years in order to run black lists for mail servers. The average mail server deals with a lot more traffic than the average web server, which means choosing a solution that is quick is especially important. One other thing that is nice is DNS has a sort of built-in load balancing/caching system. As a result, queries against DNS put much less strain on the servers hosting the master records.

    To Cybe's comment, you can continue parse the RSS feeds off the Project Honey Pot pages, but you doing so you 1) won't get 100% of the data, 2) get delayed data because the RSS feeds don't update frequently, and 3) will only get a black/white determination of whether an IP is a harvester or other malicious robot.

    Http:BL is cool because it gives you a lot more data to work with including what kind of malicious robot is it, when was it last seen by the Project Honey Pot network, and how big a threat it poses to your site. That data isn't included in the RSS feed. And http:BL is wicked fast. Check out the API. If you have the skills to parse an RSS feed, you'll easily be able to build something that can take advantage of the http:BL DNS lookups.
  • jackmaninov, on 10/12/2007, -0/+1Let me be the first to say: http://topofcool.net/mailscript.php?cfm=4977

    Yes, it goes to a honeypot :P
  • NikkeL, on 10/12/2007, -3/+3Great news! And news that will reduce bandwidth waist on some of the sites that now get beaten by spambots.
  • JamesWilson, on 10/12/2007, -5/+3I really don't like the DNS way of their API. Give me a REST xml interface.
  • seehuge, on 10/12/2007, -5/+2IT'S A TRAP!

    /ackbar
  • kidd3ckz, on 10/12/2007, -9/+4you're a whale penis
  • Detritus, on 10/12/2007, -17/+5V1@Gra really works! http://blehblehbleh.jk

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...

© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.