[isalist] Re: Blocking Web Bots

• From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
• To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 15 Sep 2006 11:28:30 -0700

http://www.ISAserver.org
-------------------------------------------------------
  
Yes, from the client standpoint, the end result is indeed "legitimate," but
it's just getting there that is the issue.  Spider-bots are normally easy to
at least identify (the initial connection request, anyway) but you just
don't know what all the harvesters are doing.  You could possibly spend a
good amount of time poring over logs and such to identify what agents are
doing what, and possibly mitigate exposure, but like you said, it's just a
matter of time.  If you are getting paid appropriately for your time, and
the client understands that this will be an ongoing, billable project, then
you're fine.. But my guess is that won't last long.  Education is probably
the best way to go here.   If you have a mailto: link on an anonymously
accessible static page somewhere, it's going to be botted.

They could also go for the OCR-thwarting options (like many of the "whois"
providers use) but that's even more of a hassle... I mean, if you are going
to make the user type in something, it may as well be the email address.

t


On 9/14/06 10:06 PM, "Glenn P. JOHNSTON" <glenn.johnston@xxxxxxxxxxx>
spoketh to all:

> http://www.ISAserver.org
> -------------------------------------------------------
> 
> Yep, I know, how to tell a bot from a real person, ant I did tell them about
> graphic instead of text, that thought that was a great idea, why the web
> designer did not bring that one up I don't know but any
> way......................
>  
> It is a legit request, from the clients perspective, this is using bandwith,
> and then just subjecting the company to spam, they would like it stopped,
>  
> hard to achieve yes,
>  
> can be done with 100% certaintity, definately not
>  
> But it is a legit request.
>  
> But getting back to the web bot, I think back to my days at uni, and one of
> the electronic lecturers had a saying, "if someone can find a way to make it,
> then someone can find a way to break it,  to detect it, to change it, etc, you
> just have to look in the right way at the right time".
>  
> And there is probably an element of truth in that for web bots, just need to
> look the right way, through the right filter. and they jump out of the
> internet at you, just need to workout the filter.......
> 
> ________________________________
> 
> From: isalist-bounce@xxxxxxxxxxxxx on behalf of Thor (Hammer of God)
> Sent: Fri 15/Sep/2006 12:42
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: Blocking Web Bots
> 
> 
> 
> http://www.ISAserver.org <http://www.isaserver.org/>
> -------------------------------------------------------
>  
> Seriously, though.. If they don't want bot-harvests, they're going to have
> to remove the mailto: link altogether, and replace the dork@xxxxxxxx text
> with a graphic.  The customer won't get the auto "create-mail" feature, but
> if they can't type in an email address, then you've got bigger problems.
> That, or they have to be OK with it being harvested.
> 
> t
> 
> 
> On 9/14/06 7:28 PM, "Glenn P. JOHNSTON" <glenn.johnston@xxxxxxxxxxx> spoketh
> to all:
> 
>> http://www.ISAserver.org <http://www.isaserver.org/>
>> -------------------------------------------------------
>> 
>> HI
>> 
>> A client has done some testing, within 24 - 72 hours of putting a new e-mail
>> address on there web site, they start receiving spam email to that
>> address.They know it being harvested from the web site, as they have
>> specifically put a couple of address on just the web site, no where else, to
>> prove this (as if it needed to be).
>> 
>> Their request to me last night was a fairly simple 1 liner ?
>> 
>> "Please Configure the ISA server to block these webbots from trolling the web
>> site & harvesting e-mail addresses, so we can reduce the SPAM entering our
>> e-mail system".
>> 
>> Any ideas or suggestions anyone ?
>> 
>> Regards
>> Glenn
>> 
>> ------------------------------------------------------
>> List Archives: //www.freelists.org/archives/isalist/
>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>> ISA Server Articles and Tutorials:
>> http://www.isaserver.org/articles_tutorials/
>> ISA Server Blogs: http://blogs.isaserver.org/
>> ------------------------------------------------------
>> Visit TechGenix.com for more information about our other sites:
>> http://www.techgenix.com <http://www.techgenix.com/>
>> ------------------------------------------------------
>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
>> Report abuse to listadmin@xxxxxxxxxxxxx
>> 
>> 
>> 
> 
> 
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com <http://www.techgenix.com/>
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 
> 
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 
> 


------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/  
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp 
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ 
ISA Server Blogs: http://blogs.isaserver.org/ 
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com 
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp 
Report abuse to listadmin@xxxxxxxxxxxxx 

• References:
  • [isalist] Re: Blocking Web Bots
    • From: Glenn P. JOHNSTON

Other related posts:

• » [isalist] Blocking Web Bots
• » [isalist] Re: Blocking Web Bots
• » [isalist] Re: Blocking Web Bots
• » [isalist] Re: Blocking Web Bots
• » [isalist] Re: Blocking Web Bots
• » [isalist] Re: Blocking Web Bots
• » [isalist] Re: Blocking Web Bots
• » [isalist] Re: Blocking Web Bots

1. Home
2. isalist
3. Archive
4. 09-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---