As a website and Zimbra email hosting provider, ASC Creative has noticed a significant increase in SPAM emails, and attempts to hack websites and/or insert email collectors on the websites that we host. Over the past few months, over 60% of our email traffic are SPAM attempts, and since we process many thousands of emails daily, that adds up to a lot of attempts. Less well known or understood are attempts to hack websites.
When we added website development business in 2007, there were minimal commercial tools to monitor SPAM and hacking attempts on websites. Fortunately, the industry and third party developers have taken notice of this gap. A few months ago, we noticed a project called Project Honey Pot. By itself it is not an application; it provides an methodology and means to capture information about mal activities on websites, and a central database to house this information. This third party quote sums it up well; “Project Honey Pot is the first and only distributed system for identifying spammers and the spambots they use to scrape addresses from your website. Using the Project Honey Pot system you can install addresses that are custom-tagged to the time and IP address of a visitor to your site. If one of these addresses begins receiving email Project Honey Pot not only can tell that the messages are spam, but also the exact moment when the address was harvested and the IP address that gathered it.”
Since ASC Creative develops websites primarily based on Joomla CMS and WordPress, it is important to us to be able to monitor our clients’ sites from within the content management system. Starting late 2012, new production grade software has been introduced into the marketplace that uses Project Honey Pot data to monitor websites. Specifically, these tools identify possible spam and hack attempts by linking to the HoneyPot database to match IP addresses that have been registered for doing bad things.
We have been testing the tools on a few sites, and intend to include it as part of our standard development toolkit.
Before this project, there were a few proprietory tools available, including one from Google. However, being publically available tools, there were no SLA’s for reporting the potential hack, and it could take days or weeks to get a report back. And it was based on recording the IP address in their IP range, not the global internet community. That’s why Project Honey Pot is important. Now we can get notifications in near real time, based on data collected globally.
I’d be interested to know if you consider this an important topic?