Email Spider Spam Trap

Security, malware, viri--you've got to keep your eyes open

Email Spider Spam Trap

Postby Dark Shadow » 04/06/11, 8:59 pm

Hey guys,

I don't remember if I ever posted this on here, but even if I have, I have updated my email address spider spam trap recently to help the SEO as well as make it less detectable by removing GET requests and the PHP extension.

http://www.deltashield.com/strap/
Dark Shadow
Senior Member (Entitled To Root Beer)
Senior Member (Entitled To Root Beer)
 
Posts: 860
Joined: 12/09/01, 12:00 am

Postby bob » 04/07/11, 12:28 am

Don't remember seeing it before, Dark. How's it work?
WYSIWTF
bob
BIG GIANT HEAD I Get Free Beer
BIG GIANT HEAD I Get Free Beer
 
Posts: 7565
Joined: 12/03/01, 12:00 am
Location: St. Louis

Postby Dark Shadow » 04/07/11, 12:37 am

You link to this page in a near invisible link (or a visible one if you want) on your regular website. An email spider that a spammer might use will crawl your site, see the link, and eventually crawl the spider trap. When they do, they will completely fill their database with our garbage data until either they detect that it is a black hole or they put our website on a blacklist. Either way, their current crawled email addresses will be useless and they will have to throw the whole list out.

My next step is to setup an RSS feed with this so that people can embed the RSS feed into a webpage invisibly so that only spiders see the email addresses and harvest them. This will be harder for the email spiders to detect since every website with this technology in it will poison their lists, not just our website.

This is actually the second generation of such technology. I got the idea from a c script called addressbook, developed by Michelle Sullivan over at sorbs.net (Download it here http://www.sorbs.net/sorbs/). The idea here is to strike back at spammers or at least one of their collection methods. My mom always wanted to send spammers a virus or something that would "blow up their computer". Well, this is the best I've got.
Dark Shadow
Senior Member (Entitled To Root Beer)
Senior Member (Entitled To Root Beer)
 
Posts: 860
Joined: 12/09/01, 12:00 am

Postby bob » 04/07/11, 1:00 am

No ill effects?

Are there any whitehat spiders of email addresses?
WYSIWTF
bob
BIG GIANT HEAD I Get Free Beer
BIG GIANT HEAD I Get Free Beer
 
Posts: 7565
Joined: 12/03/01, 12:00 am
Location: St. Louis

Postby Dark Shadow » 04/07/11, 1:06 am

Google indexes about 30-50 pages or so and it detects that it is both a black hole and it is smart enough to also detect that the content is dynamic upon every visit. To do this, Google will hit the first page twice and detect that over 90% of the content is different every visit, so it gives up. Google also doesn't index emails, so the emails never show up in Google's search engine.

I would suspect that if you linked to this page, Google won't punish you for it, but invisible content (such as invisible email addresses from an RSS feed) might cause some issues, it would all depend how you make them invisible. If you make the text the same color as the background or microscopic, Google will probably have an issue. If you place a DIV of a graphic over the top of, say, 10 emails per page, Google won't care, it will just assume you wrote your website poorly.
Dark Shadow
Senior Member (Entitled To Root Beer)
Senior Member (Entitled To Root Beer)
 
Posts: 860
Joined: 12/09/01, 12:00 am

Postby Dark Shadow » 04/07/11, 1:07 am

bob wrote:Are there any whitehat spiders of email addresses?


I can't think of any.
Dark Shadow
Senior Member (Entitled To Root Beer)
Senior Member (Entitled To Root Beer)
 
Posts: 860
Joined: 12/09/01, 12:00 am

Postby bob » 04/07/11, 1:18 am

interesting--yes, i was worried Google might think it's some kind of oddball link farm. Well you've posted it here, let us know if you get any hits from us.

BTW, Dark -- how you been?
WYSIWTF
bob
BIG GIANT HEAD I Get Free Beer
BIG GIANT HEAD I Get Free Beer
 
Posts: 7565
Joined: 12/03/01, 12:00 am
Location: St. Louis

Postby Dark Shadow » 04/07/11, 1:29 am

Yeah, I'm pretty sure you are safe from the wrath of Google if you simply link. I have to come up with a randomized but predictable method of generating the emails based upon date so that they are not 100% dynamic every time you visit. Then people will be able to place them behind graphic divs without worrying that Google will punish them for having consistantly dynamic content. Also, I will need to build in a method for the RSS to call a specific number of emails per request so people can customize the reply based upon the size of the div they have.

I'm good. I check up on you guys occasionally and see how you guys are doing. Speaking of which, while programming my PHP based uptime server (which is about 20% complete) I discovered how insanely difficult it is to program PHP to perform pings while keeping the code viable for sale to people who don't have server root access. I checked out this software http://www.alstrasoft.com/site_uptime.htm which gets around the issue by using a UDP ping to a really odd port number. I finally settled upon using PHP to send a command directly to the shell and print output. FYI, it is a lot safer than it sounds.
Dark Shadow
Senior Member (Entitled To Root Beer)
Senior Member (Entitled To Root Beer)
 
Posts: 860
Joined: 12/09/01, 12:00 am

Postby bob » 04/07/11, 2:29 am

I have to come up with a randomized but predictable method of generating the emails based upon date so that they are not 100% dynamic every time you visit.


easy enough to throw a date in, but randomness is the opposite of predictability... I'd say, in addition to the date, add in some arbitrary number (maybe, eg, based on last visitor's ip address....?) but I don't know your exact and particular need or implementation.

Glad to hear you're good. You need to come over and visit more often.

Hey, you hear about this?

Hotspot Shield snags 1 million users overnight, proves privacy can be monetized

http://feeds.betanews.com/~r/bn/~3/O3Um ... 1302038052

Good times for security/privacy coders....
WYSIWTF
bob
BIG GIANT HEAD I Get Free Beer
BIG GIANT HEAD I Get Free Beer
 
Posts: 7565
Joined: 12/03/01, 12:00 am
Location: St. Louis

Postby Dark Shadow » 04/07/11, 2:38 am

Yeah, VPN's are fantastic, but just wait until those countries start blocking popular VPN systems or detected VPN traffic entirely. I'm sure they are already thinking of it.

I just need the generated email addresses to be random, but have a particular order that people see for a certain period of time. The first part of the name is a randomly selected item from a database of over 6 million words making that part easy to make random but predictable based upon the day. The domain part of the email address isn't as easy though. What I probably will need is a formula that generates the domain based upon the day but is changed by the page you are viewing and the item number. Now that I'm thinking about it... I think I figured out a predictable pattern formula... I'll have to try it later tonight.
Dark Shadow
Senior Member (Entitled To Root Beer)
Senior Member (Entitled To Root Beer)
 
Posts: 860
Joined: 12/09/01, 12:00 am

Postby bob » 04/07/11, 2:44 am

good luck on it... I see Gerry's on the board now and may have a thought if he gets to this thread...
WYSIWTF
bob
BIG GIANT HEAD I Get Free Beer
BIG GIANT HEAD I Get Free Beer
 
Posts: 7565
Joined: 12/03/01, 12:00 am
Location: St. Louis

Postby Gerry » 04/07/11, 2:46 am

Dark Shadow wrote:To do this, Google will hit the first page twice and detect that over 90% of the content is different every visit, so it gives up.
If I was a spam bot writer I would probably do that too in order to avoid honey pots.

Although don't get me wrong, you're doing good work researching this stuff. I have an interest in spam prevention too.
Last edited by Gerry on 04/07/11, 2:51 am, edited 1 time in total.
I answer rhetorical questions for my own enjoyment.
Gerry
BIG GIANT HEAD I Get Free Beer
BIG GIANT HEAD I Get Free Beer
 
Posts: 5727
Joined: 12/04/01, 12:00 am
Location: Perth, Western Australia

Postby Dark Shadow » 04/07/11, 2:47 am

Yeah, as of tonight though... that all changes. ;)
Dark Shadow
Senior Member (Entitled To Root Beer)
Senior Member (Entitled To Root Beer)
 
Posts: 860
Joined: 12/09/01, 12:00 am

Postby Gerry » 04/07/11, 2:56 am

Dark Shadow wrote:The domain part of the email address isn't as easy though. What I probably will need is a formula that generates the domain based upon the day but is changed by the page you are viewing and the item number. Now that I'm thinking about it... I think I figured out a predictable pattern formula... I'll have to try it later tonight.
Doesn't the domain have to be real though? Otherwise they could just weed out all the ones that they can't get a connection to port 25 on, or something like that.
I answer rhetorical questions for my own enjoyment.
Gerry
BIG GIANT HEAD I Get Free Beer
BIG GIANT HEAD I Get Free Beer
 
Posts: 5727
Joined: 12/04/01, 12:00 am
Location: Perth, Western Australia

Postby Dark Shadow » 04/07/11, 3:02 am

Domain checking takes time, as does checking MX records to determine viability of a domain for emailing. I built a signup page for one website where we tried to impliment a live email validity checker which would do exactly what you are talking about. We got a lot of mixed results leading to false positives and false negatives. In fact, we had so many that we had to scrap that feature in order to reach projected budget on the project. There are more email addresses in the world than websites, people, and seconds since the unix epoch combined, so checking every harvested email address for validity is difficult. Even if they did, there is a high probability that around 5-20% of all domains that are generated with my system are actual domains out there due to the length.
Dark Shadow
Senior Member (Entitled To Root Beer)
Senior Member (Entitled To Root Beer)
 
Posts: 860
Joined: 12/09/01, 12:00 am

Next

Return to Protect Yourself

Who is online

Users browsing this forum: No registered users and 1 guest

cron