Questions tagged [bot]

52 questions
84
votes
5 answers

How does Google's "No Captcha reCaptcha" work?

Google has released a new form of captcha identification of bots, that asks the user to click a single checkbox. It uses image-based verification only if necessary. Could someone please explain to me as to how such a program differentiates a human…
ghosts_in_the_code
  • 955
  • 1
  • 6
  • 9
31
votes
4 answers

Should I block the Yandex Bot?

I have a web application that the Yandex spider is trying access into back-end a few times. After these spider searching, there are few Russian IP addresses that try to access back-end too and they failed to access. Should I block Yandex or take…
user2352577L
  • 413
  • 1
  • 4
  • 7
22
votes
3 answers

How does a company like CloudFlare block bot crawling and email harvesters?

I saw this on CloudFlares homepage: CloudFlare protects against a range of threats: cross site scripting, SQL injection, comment spam, excessive bot crawling, email harvesters, and more. How could a company like CloudFlare block crawler bots and…
Anders
  • 64,406
  • 24
  • 178
  • 215
20
votes
7 answers

Prevent a bot accessing login page with multiple IPs and massive list of username/ passwords

For the second time my website seems to be the target of a large automated attack. It seems complex enough and very well executed. I have the following systems in place: Captcha on 3rd failed login from IP Account lock for 30 min after 5 failed…
13
votes
3 answers

What can I do after an attack to our system that hit our login route?

This morning I checked our nginx logs. 46.x.x.90 - - [17/Jul/2017:05:51:31 +0000] "HEAD http://x.x.71.1:80/PMA2011/ HTTP/1.1" 301 0 "-" "Mozilla/5.0 Jorgee" "-" 46.x.x.90 - - [17/Jul/2017:05:51:31 +0000] "HEAD http://x.x.71.1:80/PMA2012/…
11
votes
2 answers

Anti-bot JavaScript library identification

I'm doing a research on anti-bot measures that websites can use to prevent automation. I came across a JavaScript library and I'm trying to identify its origin. At first I thought it's a site specific library but after further research I found that…
Reyno
  • 213
  • 1
  • 2
  • 7
6
votes
3 answers

Crawler massively changing user-agent

This morning I noticed a single IP-address was kinda crawling my website, though it was querying the same page many times in a few minutes. Then I noticed that it was doing that with different user-agents. I decided to check what was going on by…
jippie
  • 790
  • 1
  • 4
  • 9
5
votes
1 answer

I ran netstat and one thing that came up was MSN bingbot, does that mean my computer is being used as part of a Microsoft botnet?

I ran netstat on my computer, and one thing that came up was msnbot-65-52-108-216. I did some research and what came up was that it's from an IP originating in Redmond, Washington and that it's likely Microsoft Bing bot or something like that. Does…
Mr. Chameleon
  • 333
  • 1
  • 7
5
votes
3 answers

How bot(s) have guessed my wordpress login page?

I have a wordpress site (fully patched) that used to receive many attempts to log in based on dictionary attacks. I changed my admin user to something uncommon and use a really strong password. Apart of that I changed my login page using rename…
Oscar Foley
  • 850
  • 1
  • 7
  • 12
4
votes
1 answer

Zeus botnet source code

I am doing my project on botnets and wanted to understand the source code of the Zeus botnet. Where is the right place to get started with some analysis of zeus botnet source code? I need a good resource or walk through/control flow of the source…
user10012
  • 191
  • 1
  • 1
  • 9
4
votes
1 answer

Why aren't telnet bots finishing the three-way handshake?

I have a port forwarding rule sending 23 traffic to a "honeypot" (called "comp" below). Throughout the night, many bots from around the world attempted to connect, but there was no service running. Now, I wrote a C program that just binds to 23,…
Vale132
  • 305
  • 1
  • 5
4
votes
3 answers

iptables rule to ban and redirect malicious traffic

I'm running Apache 2 and after analysing the access_log I discovered that my website is visited more than 800 times a day (today 924) from majestic.co.uk bot. The bot use this range of IP addresses: 46.4.123.172 220.241.45.142 94.22.46.23 …
3
votes
2 answers

Protecting server from bogus HTTP Requests

What would be the recommended approach to block those typical bogus HTTP requests that the server gets bombarded with? Also has this attack/nuisance been named yet or is it generalized as Bot Activity? While all of them lead to a 404 Not Found,…
Y123
  • 458
  • 4
  • 16
3
votes
1 answer

running botnet for analysis

I a very curious to understand botnets practically. I want to run a p2p botnet (storm or waledac) for analysis and learning. I have mainly two issues: Where can i get access to binaries of either of the two? How do I create a testbed for running…
user76346
  • 39
  • 1
3
votes
0 answers

Prevent developer/owner from seeing user data with insecure API

I am building a chatbot for my university in GroupMe, which very popular there. The bot will, for example, allow users to send messages to their chat groups like /menus (assuming that "/" is the character that indicates a command to the bot), or…
Luke Baumann
  • 131
  • 1
1
2 3 4