Hitbot Detecting Software - GoFuckYourself.com

notjoe · 12-22-2002, 04:50 PM

I am writing some scripts and one of them is to detect a hitbot on a TGP or any site for that matter. I am just wondering what people think is the best way to nail a hitbot/detect it?

The couple things i can think of are:
1) Roughly the same amount of time will laspe between requests.
2) Large volume of unique ips doing the exact same amount of hits.

Lets hear some more suggestions.

Joe

Va2k · 12-22-2002, 05:22 PM

What about checking for the scripts out there that download all your images etc...

Zyber · 12-22-2002, 05:42 PM

Quote:

Originally posted by notjoe
I am writing some scripts and one of them is to detect a hitbot on a TGP or any site for that matter. I am just wondering what people think is the best way to nail a hitbot/detect it?

The couple things i can think of are:
1) Roughly the same amount of time will laspe between requests.
2) Large volume of unique ips doing the exact same amount of hits.

Lets hear some more suggestions.

Joe

All the stuff you want to check for can be adjusted by some creative hitbots... the best way to catch a hitbot is not to tell what you are going to look for...
Never assume anything... I think you should just make a series of tests on the traffic and hope that one of your tests is one the hitbotter had not been prepared for.

notjoe · 12-22-2002, 06:23 PM

Quote:

Originally posted by va2k
What about checking for the scripts out there that download all your images etc...

Images can be protected with mod_rewrite, unless the program is spoofing the referring url, which some programs do do ;)

Theo · 12-22-2002, 10:08 PM

webmasters like notjoe will put us out of business

Amputate Your Head · 12-22-2002, 10:17 PM

Gary's hitbot is undetectable....

SleazyDream · 12-22-2002, 10:37 PM

Quote:

Originally posted by Amputate Your Head
Gary's hitbot is undetectable....

it even fakes signups that don't charge back..........

Mr.Fiction · 12-22-2002, 10:42 PM

If you make the script publicly available, it won't work.

Mutt · 12-22-2002, 11:07 PM

i'm not much of a techie but if you can detect proxies like ProxyPass can wouldn't this be a big help in a hitbot detection script because hitbotters use proxies? So figure out a threshold number for proxies, if the number of proxies detected is above normal, good sign it's a hitbotter??

Mutt · 12-22-2002, 11:11 PM

speaking of URL spoofers, anybody got any good ideas how to protect a leased plugin from these spoofer programs that spoof the referring URL of a valid customer? Not sure cookies will work any better because i think some of these programs also can accept a cookie. Has to be a good way to control access to a plugin other than requiring every user type in a username password combination.

12-22-2002, 04:50 PM	#1
notjoe Confirmed User Industry Role: Join Date: May 2002 Location: Toronto, Canada Posts: 5,599	Hitbot Detecting Software I am writing some scripts and one of them is to detect a hitbot on a TGP or any site for that matter. I am just wondering what people think is the best way to nail a hitbot/detect it? The couple things i can think of are: 1) Roughly the same amount of time will laspe between requests. 2) Large volume of unique ips doing the exact same amount of hits. Lets hear some more suggestions. Joe

12-22-2002, 05:22 PM	#2
Va2k I’m still alive barley. Industry Role: Join Date: Oct 2001 Location: Va Posts: 10,060	What about checking for the scripts out there that download all your images etc... __________________

12-22-2002, 10:17 PM	#6
Amputate Your Head There can be only one Industry Role: Join Date: Aug 2001 Location: Somewhere else Posts: 39,075	Gary's hitbot is undetectable.... __________________ SIG TOO BIG

12-22-2002, 11:07 PM	#9
Mutt Too lazy to set a custom title Industry Role: Join Date: Sep 2002 Posts: 34,431	i'm not much of a techie but if you can detect proxies like ProxyPass can wouldn't this be a big help in a hitbot detection script because hitbotters use proxies? So figure out a threshold number for proxies, if the number of proxies detected is above normal, good sign it's a hitbotter?? __________________ I moved my sites to Vacares Hosting. I've saved money, my hair is thicker, lost some weight too! Thanks Sly!

12-22-2002, 11:11 PM	#10
Mutt Too lazy to set a custom title Industry Role: Join Date: Sep 2002 Posts: 34,431	speaking of URL spoofers, anybody got any good ideas how to protect a leased plugin from these spoofer programs that spoof the referring URL of a valid customer? Not sure cookies will work any better because i think some of these programs also can accept a cookie. Has to be a good way to control access to a plugin other than requiring every user type in a username password combination. __________________ I moved my sites to Vacares Hosting. I've saved money, my hair is thicker, lost some weight too! Thanks Sly!

12-22-2002, 10:08 PM	#5
Theo HAL 9000 Industry Role: Join Date: May 2001 Posts: 34,515	webmasters like notjoe will put us out of business

12-22-2002, 10:42 PM	#8
Mr.Fiction Confirmed User Join Date: Feb 2002 Location: Free Speech Land Posts: 9,484	If you make the script publicly available, it won't work.