in reply to Re: Anonymous Google Chrome browsers now under additional scrutiny
in thread Anonymous Google Chrome browsers now under additional scrutiny

Well yes, a node behind the honeypot could automatically block the IP.

But probably it's better to redirect blacklisted IPs to some static and link-wise shallow fake content to feed them a little. ¹

Otherwise HTTP-Errors are easily detected, so someone might be triggered to improve the attack.

From my understanding they are using IP-farms to attack us and share the harvested links among them for the next requests. Like that we might trap far more IPs in our "honeyfarm"

Cheers Rolf
(addicted to the Perl Programming Language :)
see Wikisyntax for the Monastery

¹) like a wget-mirror of the last week in a dedicated node-id range, there is a huge unused gap there, which we could reuse.

  • Comment on Re^2: Anonymous Google Chrome browsers now under additional scrutiny

Replies are listed 'Best First'.
Re^3: Anonymous Google Chrome browsers now under additional scrutiny
by cavac (Prior) on May 09, 2025 at 14:35 UTC

    Hmm, for some (other) attacks on my server, my backend actually grabs the WHOIS information and tries to extract the network range, which then gets iptabled.

    Of course, for my private server i can be a lot more aggresive in blocking large swathes of the internet.

    PerlMonks XP is useless? Not anymore: XPD - Do more with your PerlMonks XP
    Also check out my sisters artwork and my weekly webcomics
[reply]

In Section Perl Monks Discussion