I heard they can...so is there any other way of detecting them besides the repetitive IP logs?

Thanks http://bbs.adultwebmasterinfo.com/ubb/smile.gif

I could be wrong but I believe they leave HTTP AGENT info in the logs...?

<font face="Verdana, Arial" size="2">Originally posted by William:
I could be wrong but I believe they leave HTTP AGENT info in the logs...?</font>

Depends on the proxy. The only sure way (that I know of) is IP logging or checking.

You shouldn't discuss this kind of stuff on the boards too much I think.

The short answer is yes though a hitbot can be written that can't be detected. Let's just not discuss exactlly how this would be done.

Honestly, a good perl programmer can write one. I know how I could write one up and I won't say how so people won't abuse it, but generally, with a perl script, you can make a hitbot which can crawl an entire site, change the HTTP AGENT to make it look like a browser, even accept cookies and worst of all, given a list of proxy servers, a perl script can simulate several hundred people hitting your site. It's very dangerous what can be done and to be honest, I can think of a way to prevent it, hence I won't talk about how to do it.

WG

evil evil evil dont mention this some dick will try and do it for sure

Well, I didn't mention how to do it, how to get a list of proxies, how to spoof the headers or anything. Besides, what I mentioned is exactly what a websurfer does, the task for a hacker is to figure out how to do it automatically. Whether it be in C, Perl, Python, or any other language, if a hacker can simulate what a surfer does, then he's done. Let's just hope anyone who knows how to do this will keep their mouths shut. I am :-)

WG

Fuck...this is not what I want to hear http://bbs.adultwebmasterinfo.com/ubb/frown.gif

I always keep hidden labled links, that surfers cant see yet still get spidered by hitbots.

Shane has a good idea there to fool the bots. Put tons of hidden links and whenever a click comes to one of these hidden links, bang you've found yourself a hitbot :-)

There's something most hitbots won't be able to detect. Good work.

WG

A $600 progie can do it :-) Of course undetectable (tested for UCJ3-4, S2, RB2, CJPro, *******). IP log is useless by the way.

<font face="Verdana, Arial" size="2">Originally posted by WiredGuy:
Shane has a good idea there to fool the bots. Put tons of hidden links and whenever a click comes to one of these hidden links, bang you've found yourself a hitbot :-)

There's something most hitbots won't be able to detect. Good work.

WG</font>

Sorry, but on high traffic sites there will always be someone that finds them and then an honest trade can be slammed and renowned for cheating which in such case would not be correct.

When I surf sites with hard to read text for example, I often mark the whole site with my mouse and thereby I can see hidden links. I rarely find any, but when I do, I click them if they are of any interest ofcourse. http://bbs.adultwebmasterinfo.com/ubb/smile.gif

Hey, I have an idea. Put those links in hidden LAYERS and the surfers will not find them, but the BOTs will.

&lt;div id="HiddenLayerLinks" style="position:absolute; z-index:1; visibility: hidden"&gt;
&lt;a href="http://sexslam.com/cgi-bin/ucj/c.cgi?link=we_got_a_cheater_boss"&gt;We
got a cheater boss link!&lt;/a&gt;&lt;br&gt;
&lt;a href="http://sexslam.com/cgi-bin/ucj/c.cgi?link=hidden_sex_link"&gt;Hidden
sex link&lt;/a&gt;&lt;br&gt;
&lt;a href="http://sexslam.com/cgi-bin/ucj/c.cgi?link=ban_me_link"&gt;Ban me link&lt;/a&gt;
&lt;/div&gt;

WiredGuy What don't you understand about let's not discuss this? It's not as easy as it seems though it can be done. Please DO NOT EVEN DESCRIBE what is needed to do this. You can't understand this? Now you've given some people ideas and scared the crap out of others ;(

About the hidden links. I use these on my site too but there are damn near useless against bots. There are SO many spiders out there that you will find that MANY hits will come to "hidden" links. (I use them to shut down spiders but I don't see the use against bots)

Lets not cause a terror here. It's a lot harder than you might think to make a bot that will actually work.
You can also use multiple proxies (This part is bit trickier. It can be done but not all proxies are totally anonymous and if a hitbotter doesn't know what he's doing you might be able to get some info on him in your logs)

SonicPuke, all I did was describe how a browser works. If someone on this board can use IE or Netscape, they should be able to figure out what I wrote, it's not exactly a trade secret how to surf the web you know.
It's really quite simple how browsers work, they all use cookies, they all make requests from the web and they all parse webpages. If someone is planning on writing a hitbot without knowing this, then they're plain stupid. All I did was describe how a browser works, I could have written code out here on how to do it, but I won't for obvious reasons.

WG

Just because you dont talk about it doesnt mean that its going to go away....

laters,
Chris

basically anything that a user does can be "spoofed" because of the nature of the use of software.